lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <878udnccva.fsf@vitty.brq.redhat.com>
Date:	Mon, 20 Apr 2015 12:28:41 +0200
From:	Vitaly Kuznetsov <vkuznets@...hat.com>
To:	"K. Y. Srinivasan" <kys@...rosoft.com>
Cc:	gregkh@...uxfoundation.org, linux-kernel@...r.kernel.org,
	devel@...uxdriverproject.org, olaf@...fle.de, apw@...onical.com,
	jasowang@...hat.com
Subject: Re: [PATCH 5/5] Drivers: hv: vmbus: Implement the protocol for tearing down vmbus state

Vitaly Kuznetsov <vkuznets@...hat.com> writes:

> "K. Y. Srinivasan" <kys@...rosoft.com> writes:
>
>> Implement the protocol for tearing down the monitor state established with
>> the host.
>>
>> Signed-off-by: K. Y. Srinivasan <kys@...rosoft.com>
>
> Unfortunatelly this patch leads to the following crash:
>
> pre-udev:/# modprobe hv_vmbus
> modprobe hv_vmbus
> [   14.832334] hv_vmbus: Hyper-V Host Build:9600-6.3-17-0.17039; Vmbus version:3.0
> [   14.834179] hv_vmbus: CPU offlining is not supported by hypervisor
> pre-udev:/# modprobe -r hv_vmbus
> modprobe -r hv_vmbus
> [   20.640893] BUG: unable to handle kernel NULL pointer dereference at           (null)
> [   20.641104] IP: [<          (null)>]           (null)
>
> I'll try to investigate.
>

The problem is that we call vmbus_disconnect() too late in
vmbus_exit(). We need to call it:
1) Before hv_cleanup() call as we free hypercall page there (that's what
you see in my crash)
2) Before hv_remove_vmbus_irq() as we're waiting for the hypervisor to
reply.

This simple patch fixes the issue:
diff --git a/drivers/hv/vmbus_drv.c b/drivers/hv/vmbus_drv.c
index 7870a90..2b56260 100644
--- a/drivers/hv/vmbus_drv.c
+++ b/drivers/hv/vmbus_drv.c
@@ -1106,6 +1106,7 @@ static void __exit vmbus_exit(void)
 
        vmbus_connection.conn_state = DISCONNECTED;
        hv_synic_clockevents_cleanup();
+       vmbus_disconnect();
        hv_remove_vmbus_irq();
        vmbus_free_channels();
        if (ms_hyperv.features & HV_FEATURE_GUEST_CRASH_MSR_AVAILABLE) {
@@ -1118,7 +1119,6 @@ static void __exit vmbus_exit(void)
                smp_call_function_single(cpu, hv_synic_cleanup, NULL,
        1);
        acpi_bus_unregister_driver(&vmbus_acpi_driver);
        hv_cpu_hotplug_quirk(false);
-       vmbus_disconnect();
 }

I suggest we incorporate it into your PATCH 5/5.

-- 
  Vitaly
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ