| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250825020424.1436159-1-ying01.gao@samsung.com>
Date: Mon, 25 Aug 2025 10:04:24 +0800
From: Ying Gao <ying01.gao@...sung.com>
To: ying01.gao@...sung.com
Cc: eperezma@...hat.com, jasowang@...hat.com, junnan01.wu@...sung.com,
kraxel@...hat.com, lei19.wang@...sung.com, linux-kernel@...r.kernel.org,
liping.qi@...sung.com, mst@...hat.com, virtualization@...ts.linux.dev,
xuanzhuo@...ux.alibaba.com, ying123.xu@...sung.com
Subject: [PATCH V2 RESEND] virtio_input: Improve freeze handling
When executing suspend to ram, if lacking the operations
to reset device and free unused buffers before deleting
a vq, resource leaks and inconsistent device status will
appear.
According to chapter "3.3.1 Driver Requirements: Device Cleanup:"
of virtio-specification:
Driver MUST ensure a virtqueue isn’t live
(by device reset) before removing exposed
buffers.
Therefore, modify the virtinput_freeze function to reset the
device and delete the unused buffers before deleting the
virtqueue, just like virtinput_remove does.
Co-developed-by: Ying Xu <ying123.xu@...sung.com>
Signed-off-by: Ying Xu <ying123.xu@...sung.com>
Co-developed-by: Junnan Wu <junnan01.wu@...sung.com>
Signed-off-by: Junnan Wu <junnan01.wu@...sung.com>
Signed-off-by: Ying Gao <ying01.gao@...sung.com>
---
drivers/virtio/virtio_input.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/drivers/virtio/virtio_input.c b/drivers/virtio/virtio_input.c
index a5d63269f20b..d0728285b6ce 100644
--- a/drivers/virtio/virtio_input.c
+++ b/drivers/virtio/virtio_input.c
@@ -360,11 +360,15 @@ static int virtinput_freeze(struct virtio_device *vdev)
{
struct virtio_input *vi = vdev->priv;
unsigned long flags;
+ void *buf;
spin_lock_irqsave(&vi->lock, flags);
vi->ready = false;
spin_unlock_irqrestore(&vi->lock, flags);
+ virtio_reset_device(vdev);
+ while ((buf = virtqueue_detach_unused_buf(vi->sts)) != NULL)
+ kfree(buf);
vdev->config->del_vqs(vdev);
return 0;
}
--
2.34.1
Powered by blists - more mailing lists