lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <BLUPR03MB141036D2717CA6398CE9F965BF480@BLUPR03MB1410.namprd03.prod.outlook.com>
Date:	Tue, 17 May 2016 08:35:00 +0000
From:	Dexuan Cui <decui@...rosoft.com>
To:	Vitaly Kuznetsov <vkuznets@...hat.com>
CC:	"gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"driverdev-devel@...uxdriverproject.org" 
	<driverdev-devel@...uxdriverproject.org>,
	"olaf@...fle.de" <olaf@...fle.de>,
	"apw@...onical.com" <apw@...onical.com>,
	"jasowang@...hat.com" <jasowang@...hat.com>,
	KY Srinivasan <kys@...rosoft.com>,
	Haiyang Zhang <haiyangz@...rosoft.com>
Subject: RE: [PATCH] Drivers: hv: vmbus: fix the race when querying & updating
 the percpu list

> From: Vitaly Kuznetsov [mailto:vkuznets@...hat.com]
> Sent: Tuesday, May 17, 2016 16:15
> To: Dexuan Cui <decui@...rosoft.com>
> Cc: gregkh@...uxfoundation.org; linux-kernel@...r.kernel.org; driverdev-
> devel@...uxdriverproject.org; olaf@...fle.de; apw@...onical.com;
> jasowang@...hat.com; KY Srinivasan <kys@...rosoft.com>; Haiyang Zhang
> <haiyangz@...rosoft.com>
> Subject: Re: [PATCH] Drivers: hv: vmbus: fix the race when querying & updating
> the percpu list
> 
> Dexuan Cui <decui@...rosoft.com> writes:
> 
> > There is a rare race when we remove an entry from the global list
> > hv_context.percpu_list[cpu] in hv_process_channel_removal() ->
> > percpu_channel_deq() -> list_del(): at this time, if vmbus_on_event() ->
> > process_chn_event() -> pcpu_relid2channel() is trying to query the list,
> > we can get the general protection fault:
> >...
> >
> > We can resolve the issue by disabling the tasklet when updating the list.
> >
> > @@ -418,6 +413,7 @@ static void vmbus_process_offer(struct
> vmbus_channel *newchannel)
> >  		percpu_channel_enq(newchannel);
> >  		put_cpu();
> >  	}
> > +	tasklet_enable(tasklet);
> 
> Do we need to do tasklet_schedule() to make sure there are no events
> pending? This is probably not a big issue as some other event will
> trigger scheduling but in some corner cases it may bite. Same question
> applies to the code below and to vmbus_close_internal().

Hi Vitaly,
Thanks for spotting this! 
I think you're correct.
I'll add tasklet_schedul() before the tasklet_enable() in the 2 places.

Thanks,
-- Dexuan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ