On Wed, Mar 02, 2022 at 07:54:21AM +0000, Lee Jones wrote:
> vhost_vsock_handle_tx_kick() already holds the mutex during its call
> to vhost_get_vq_desc(). All we have to do is take the same lock
> during virtqueue clean-up and we mitigate the reported issues.
>
> Link: https://syzkaller.appspot.com/bug?extid=279432d30d825e63ba00
>
> Cc: <[email protected]>
> Reported-by: [email protected]
> Signed-off-by: Lee Jones <[email protected]>
OK so please post series with this and the warning
cleaned up comments and commit logs explaining that
this is just to make debugging easier in case
we have issues in the future, it's not a bugfix.
> ---
> drivers/vhost/vhost.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/vhost/vhost.c b/drivers/vhost/vhost.c
> index 59edb5a1ffe28..bbaff6a5e21b8 100644
> --- a/drivers/vhost/vhost.c
> +++ b/drivers/vhost/vhost.c
> @@ -693,6 +693,7 @@ void vhost_dev_cleanup(struct vhost_dev *dev)
> int i;
>
> for (i = 0; i < dev->nvqs; ++i) {
> + mutex_lock(&dev->vqs[i]->mutex);
> if (dev->vqs[i]->error_ctx)
> eventfd_ctx_put(dev->vqs[i]->error_ctx);
> if (dev->vqs[i]->kick)
> @@ -700,6 +701,7 @@ void vhost_dev_cleanup(struct vhost_dev *dev)
> if (dev->vqs[i]->call_ctx.ctx)
> eventfd_ctx_put(dev->vqs[i]->call_ctx.ctx);
> vhost_vq_reset(dev, dev->vqs[i]);
> + mutex_unlock(&dev->vqs[i]->mutex);
> }
> vhost_dev_free_iovecs(dev);
> if (dev->log_ctx)
> --
> 2.35.1.574.g5d30c73bfb-goog
_______________________________________________
Virtualization mailing list
[email protected]
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
