| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZBxzphnyLPwBimKL@google.com>
Date: Thu, 23 Mar 2023 08:43:34 -0700
From: Sean Christopherson <seanjc@...gle.com>
To: Wei Wang <wei.w.wang@...el.com>
Cc: pbonzini@...hat.com, mhal@...x.co, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 1/2] KVM: destruct kvm_io_device while unregistering it
from kvm_io_bus
On Tue, Feb 07, 2023, Wei Wang wrote:
> Current usage of kvm_io_device requires users to destruct it with an extra
> call of kvm_iodevice_destructor after the device gets unregistered from
> kvm_io_bus. This is not necessary and can cause errors if a user forgot
> to make the extra call.
>
> Simplify the usage by combining kvm_iodevice_destructor into
> kvm_io_bus_unregister_dev. This reduces LOCs a bit for users and can
> avoid the leakage of destructing the device explicitly.
The changelog should really call out that coalesced_mmio_ops and ioeventfd_ops
are the only kvm_io_device_ops instances that implement ->destructor. Without
that info, this change looks super dangerous as it's not obvious other paths won't
end up with a use-after-free.
Paolo, if/when you take this, can you tack on something like:
Note, coalesced_mmio_ops and ioeventfd_ops are the only instances of
kvm_io_device_ops that implement a destructor, all other callers of
kvm_io_bus_unregister_dev() are unaffected by this change.
> Signed-off-by: Wei Wang <wei.w.wang@...el.com>
> ---
Reviewed-by: Sean Christopherson <seanjc@...gle.com>
Powered by blists - more mailing lists