Received: by 2002:ac0:a679:0:0:0:0:0 with SMTP id p54csp1133347imp; Thu, 21 Feb 2019 19:47:36 -0800 (PST) X-Google-Smtp-Source: AHgI3IbHgd8/lIAT9BGPM6yKJymC+veJlol5IiMrAThIh46qrgTDn3HAOxknpO6PP816joXf4ovO X-Received: by 2002:aa7:8743:: with SMTP id g3mr1996809pfo.109.1550807256237; Thu, 21 Feb 2019 19:47:36 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1550807256; cv=none; d=google.com; s=arc-20160816; b=HDYSolT9DXABYyMfWAsEF+Vb05JBjKLVRHvbVELFtOh51bwOsRzdLWHkZu6pP9/UV+ k+seQqQraqQbHO7mHdb5stsavmrYZaj3AZtvFd74YmRWrmP0PyPuYHXR9T4XtLeOLpH+ s3JxC6xUDPlTEWx9AU3TAMF03oco0YzpCGP4ch/yEO68NX5xArmGygR8wlVBKmdrX4T3 X04P0ABlZR/Zzp4UDeohs8HZiHQy/mMIUANnE2PDZBD5XmCGagjcU/Io3EvU3x2mXS0P O/r1g3X3aPtWht0pnR8lzFL6tOn74/8HIJlMTz27OzrZtcascmmKitXHe4JkD3LA6eDX TGAw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=kohoofnn6+gSvx9pNeiqTMMobMD8u2BzvI/Js2UiLuc=; b=c37aQkwoOnTP0lPK1+M/9GdqwETq5/mlEQefde108jzCxKOD0jWCFb0oq3yfQyLE+E ti8lamBi4IfzyY4EMY8btDw3NNlWPN3Kb8zz5Q+NNlrBkmsHvy5av9MZXxy8EREPNzvl 7+3GiSPKmuVMUK2nTXxQwTAvh0kNZEwAoFtBg+BJItsACLNKT+KGzYhcbIko3Lsofi+X fw1c+Fle40Ykte8yg67frR49batWy8sGTnxqQceTgx68hf9z4uoA0K05Kda+hp/2t2E6 oghLfnWPstcvvbUxnaZZ9UDKGJ6mptKJZxtGUwLOsQjSQ+GpOGVqQq2b/fgj9USNhr5V 8V+Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=rODBu1dC; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h11si292993pgq.405.2019.02.21.19.47.20; Thu, 21 Feb 2019 19:47:36 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=rODBu1dC; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726363AbfBVDq7 (ORCPT + 99 others); Thu, 21 Feb 2019 22:46:59 -0500 Received: from mail-io1-f67.google.com ([209.85.166.67]:36786 "EHLO mail-io1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725869AbfBVDq7 (ORCPT ); Thu, 21 Feb 2019 22:46:59 -0500 Received: by mail-io1-f67.google.com with SMTP id r136so727949iod.3; Thu, 21 Feb 2019 19:46:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to :user-agent; bh=kohoofnn6+gSvx9pNeiqTMMobMD8u2BzvI/Js2UiLuc=; b=rODBu1dC0U1Un0ehplkot5SC9sfAcqrbyf/1TTCxRr9O78F5WlaLHqvYrY+e/GX6Gq 5CfsN/0fkBvHafvk0IsrScpCz9HNYYNCpvUywGCD6MwvyQ7vX/DzJ+9xuXVxkUTsNv6i mXQ4ggintoRr0ZBerogKhPX1f2659R5etvx5iEpnLRoCM6VEsVFniV7+XbBKtK6ZW0uI akb4FzynUeXxO+1gGZBUVObBEpYQkDLDzyBUe9L6jU/Y4aJa/SmvXCfh7oWJs/u2dOSb t9Pbbh6D0JgrR5ZBBz7SbbXEG5cKAxzClN/IwKIrIIGo5yK8TAJIYxDIq87kFr/HyX/O Q1nA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to:user-agent; bh=kohoofnn6+gSvx9pNeiqTMMobMD8u2BzvI/Js2UiLuc=; b=I4MR4/I5SiWkOzcrBiDRdEdFP9ITt2saeuxU1ssdAWrGxe8yfLNLTLkJ77Q+OFWwfM asv2yRYdAafzvvViGJ5VKksQWeRVEoMjPOlnIID8rSwflTkyYBYHPFW/m1SyyYcPAuAm LeVWQnIxCy8FPlhbOaeh/KZ0JNN4i61aNRpG4szMlqbmC2JNXMp/nWayo+T1EInqc+VV kMrM3hQgRku/FKO+hRnmvJ0+x0CAMi51v6EGGcYs8GED6LpxKvG5EhJJDhRL57ymQOEz g/GIbNob6Dvm+SuPKpQaEGdqYgjVUqHSxMnR1rqQ8BPRFMtlOGl/3gWgddwf0Oy//SJH klMg== X-Gm-Message-State: AHQUAubbGUo7L/FUowuKWOKojz9kSgF0ZOjYORcjXPcMo0OGGpKN7plq 95mCWPoxGbqZ5/TYMHSEm0I= X-Received: by 2002:a6b:7701:: with SMTP id n1mr1055784iom.143.1550807217794; Thu, 21 Feb 2019 19:46:57 -0800 (PST) Received: from ubu-Virtual-Machine (66-188-57-61.dhcp.bycy.mi.charter.com. [66.188.57.61]) by smtp.gmail.com with ESMTPSA id g74sm155209itg.29.2019.02.21.19.46.56 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Thu, 21 Feb 2019 19:46:57 -0800 (PST) Date: Thu, 21 Feb 2019 22:46:54 -0500 From: Kimberly Brown To: Michael Kelley , Long Li , Sasha Levin , Stephen Hemminger , Dexuan Cui Cc: "K. Y. Srinivasan" , Haiyang Zhang , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v2 0/2] Fix a race condition vulnerability in "_show" functions Message-ID: References: <20190122020759.GA4054@ubu-Virtual-Machine> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20190122020759.GA4054@ubu-Virtual-Machine> User-Agent: Mutt/1.9.4 (2018-02-28) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This patchset fixes a race condition vulnerability in the "_show" functions that access a channel ring buffer. Changes in v2: - In v1, I proposed using “vmbus_connection.channel_mutex” in the “_show” functions to prevent the race condition. However, using this mutex could result in a deadlock, so a new approach is needed. - Patch 1 is new and consists of a code refactor. - Patch 2 introduces a new mutex lock in the “vmbus_channel” struct, and the new mutex is used to eliminate the race condition. Kimberly Brown (2): Drivers: hv: vmbus: Refactor chan->state if statement Drivers: hv: vmbus: Add a channel ring buffer mutex lock drivers/hv/channel.c | 5 ++ drivers/hv/channel_mgmt.c | 1 + drivers/hv/ring_buffer.c | 11 +++- drivers/hv/vmbus_drv.c | 118 ++++++++++++++++++++++++++------------ include/linux/hyperv.h | 10 +++- 5 files changed, 104 insertions(+), 41 deletions(-) -- 2.17.1