2022-05-17 16:19:16

by Jiabing Wan

[permalink] [raw]
Subject: [PATCH] kvm/vfio: Fix potential deadlock problem in vfio

Fix following coccicheck warning:
./virt/kvm/vfio.c:258:1-7: preceding lock on line 236

If kvm_vfio_file_iommu_group() failed, code would goto err_fdput with
mutex_lock acquired and then return ret. It might cause potential
deadlock. Move mutex_unlock bellow err_fdput tag to fix it.

Fixes: d55d9e7a45721 ("kvm/vfio: Store the struct file in the kvm_vfio_group")
Signed-off-by: Wan Jiabing <[email protected]>
---
virt/kvm/vfio.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/virt/kvm/vfio.c b/virt/kvm/vfio.c
index 8f9f7fffb96a..ce1b01d02c51 100644
--- a/virt/kvm/vfio.c
+++ b/virt/kvm/vfio.c
@@ -252,8 +252,8 @@ static int kvm_vfio_group_set_spapr_tce(struct kvm_device *dev,
break;
}

- mutex_unlock(&kv->lock);
err_fdput:
+ mutex_unlock(&kv->lock);
fdput(f);
return ret;
}
--
2.36.1



2022-05-17 20:13:55

by Jason Gunthorpe

[permalink] [raw]
Subject: Re: [PATCH] kvm/vfio: Fix potential deadlock problem in vfio

On Tue, May 17, 2022 at 10:34:41AM +0800, Wan Jiabing wrote:
> Fix following coccicheck warning:
> ./virt/kvm/vfio.c:258:1-7: preceding lock on line 236
>
> If kvm_vfio_file_iommu_group() failed, code would goto err_fdput with
> mutex_lock acquired and then return ret. It might cause potential
> deadlock. Move mutex_unlock bellow err_fdput tag to fix it.
>
> Fixes: d55d9e7a45721 ("kvm/vfio: Store the struct file in the kvm_vfio_group")
> Signed-off-by: Wan Jiabing <[email protected]>
> ---
> virt/kvm/vfio.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)

Reviewed-by: Jason Gunthorpe <[email protected]>

Thanks,
Jason

2022-05-18 17:55:04

by Alex Williamson

[permalink] [raw]
Subject: Re: [PATCH] kvm/vfio: Fix potential deadlock problem in vfio

On Tue, 17 May 2022 10:34:41 +0800
Wan Jiabing <[email protected]> wrote:

> Fix following coccicheck warning:
> ./virt/kvm/vfio.c:258:1-7: preceding lock on line 236
>
> If kvm_vfio_file_iommu_group() failed, code would goto err_fdput with
> mutex_lock acquired and then return ret. It might cause potential
> deadlock. Move mutex_unlock bellow err_fdput tag to fix it.
>
> Fixes: d55d9e7a45721 ("kvm/vfio: Store the struct file in the kvm_vfio_group")
> Signed-off-by: Wan Jiabing <[email protected]>
> ---
> virt/kvm/vfio.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/virt/kvm/vfio.c b/virt/kvm/vfio.c
> index 8f9f7fffb96a..ce1b01d02c51 100644
> --- a/virt/kvm/vfio.c
> +++ b/virt/kvm/vfio.c
> @@ -252,8 +252,8 @@ static int kvm_vfio_group_set_spapr_tce(struct kvm_device *dev,
> break;
> }
>
> - mutex_unlock(&kv->lock);
> err_fdput:
> + mutex_unlock(&kv->lock);
> fdput(f);
> return ret;
> }

Applied to vfio next branch for v5.19. Thanks!

Alex