Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp1950291pxj;
        Sun, 13 Jun 2021 03:59:48 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJw5s3x0KIUXYPd3vb/fbp3KXo4Omy60aIzJYoywaATH5WzJLY+w/q5oiH8ENyhOwJEDyEoO
X-Received: by 2002:a05:6402:144d:: with SMTP id d13mr11977381edx.288.1623581988404;
        Sun, 13 Jun 2021 03:59:48 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1623581988; cv=none;
        d=google.com; s=arc-20160816;
        b=qy6zHBZh3nvG8ann2DnLUdqK1M1aLs9XBoife7iE2q/pVjI46LvTPc4aQiqpkFOYto
         +0xpkGUaonnUDHJ4H5LlTwTHQriZyp+uXrk9dLAROwax4Af7mrHdS4W0hbldImV6e0Im
         YHZTMD3W0+4bINwPsSsH0yBu+i6ZCLRe2Uj6mFVN+/uc3IldcWlUPPEd7FjWPRXKPrJb
         MO9G/0olf25XfT6HT9ttwqdwAPZyNAfhIH1sWNJipFltQuj89np9/vJuN399K9f+LHFJ
         1nf7vBlOr5wt59zeMr3pL5j0hwxZvhLHs0f0xWlPit1xUS89RhTDKbZR7RCRhjmxpe1P
         ALSg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:date:cc:to:from:subject
         :message-id:dkim-signature;
        bh=KTtX+syhVsp3EKtNv4+mXEMJYwINd+QKLT2o6wNy4jk=;
        b=tZaVorSVxliVG6Jhk8xeLjmR/oltrZazV+1satP7nqATgWcVFYvrIXzmurvkkJeQCc
         pOmncWo/aMmRX8uoRQ6VOvBeeOqi2uRD/okWyWrkMq6eA1+nRaHx0uv9TSbikw1lQFef
         G6VY2MOI/pYvaIKVVDZK51TdYRTD8nDPxt2I1nwlDxHGVnsRibOuViPQCIw90zymNp3H
         q/CmbCoDpCJQ30HxuD/4Nq8DpBg4MzRwp+2lEGpUkttGuRec+3DES+piGTwBiaZ4iCCk
         0K4XgeG/fD8Gt5BFjC4Z+rPWSU72cC51sXdERXYMJMs/aNbdlCrLYtXd8T9Tv3pwurO0
         B2ww==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@ibm.com header.s=pp1 header.b=kS8ZAQbj;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id c28si9467859ejj.378.2021.06.13.03.59.25;
        Sun, 13 Jun 2021 03:59:48 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@ibm.com header.s=pp1 header.b=kS8ZAQbj;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231659AbhFMK5N (ORCPT <rfc822;liuhangbin@gmail.com> + 99 others);
        Sun, 13 Jun 2021 06:57:13 -0400
Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:5962 "EHLO
        mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL)
        by vger.kernel.org with ESMTP id S231176AbhFMK5N (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Sun, 13 Jun 2021 06:57:13 -0400
Received: from pps.filterd (m0098419.ppops.net [127.0.0.1])
        by mx0b-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 15DAn0O5023430;
        Sun, 13 Jun 2021 06:55:03 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=message-id : subject :
 from : to : cc : date : in-reply-to : references : content-type :
 mime-version : content-transfer-encoding; s=pp1;
 bh=KTtX+syhVsp3EKtNv4+mXEMJYwINd+QKLT2o6wNy4jk=;
 b=kS8ZAQbjvNaLDjLDZgzICTL1STDSzX34q9jBE6VaA3yOrbRhtOKOkIvJnprYHMaVkBDv
 mr1GHRT9twQk2QHqu07rHJ/2i1fvGREKPrGsdYxJ3VKLYbtNczulrdz4sGemInDEOkno
 pbFe3YIu6YBSjKGQndHVINE6l78UXxeyOLHO5ZwEWOwYiKj+1hVZNcrqitj+neuDgHDH
 XGBndFAOHEKFengp54ARmxiA4KG4fXiCRCjugEKIT1rAbRNlKr7suHwfOTdFUliVyR4s
 +atkqiRCY6A3KDJLC7aQ7Gmby7ZRKNuZNiUliouAig5Uioh55Sy7XoNZ4xRVLcUEW2qY cA== 
Received: from pps.reinject (localhost [127.0.0.1])
        by mx0b-001b2d01.pphosted.com with ESMTP id 395gkpg1k4-1
        (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
        Sun, 13 Jun 2021 06:55:03 -0400
Received: from m0098419.ppops.net (m0098419.ppops.net [127.0.0.1])
        by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 15DAr9kd035212;
        Sun, 13 Jun 2021 06:55:02 -0400
Received: from ppma04dal.us.ibm.com (7a.29.35a9.ip4.static.sl-reverse.com [169.53.41.122])
        by mx0b-001b2d01.pphosted.com with ESMTP id 395gkpg1jt-1
        (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
        Sun, 13 Jun 2021 06:55:02 -0400
Received: from pps.filterd (ppma04dal.us.ibm.com [127.0.0.1])
        by ppma04dal.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 15DAqBBZ006317;
        Sun, 13 Jun 2021 10:55:02 GMT
Received: from b03cxnp07028.gho.boulder.ibm.com (b03cxnp07028.gho.boulder.ibm.com [9.17.130.15])
        by ppma04dal.us.ibm.com with ESMTP id 394yr5pbnu-1
        (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
        Sun, 13 Jun 2021 10:55:02 +0000
Received: from b03ledav003.gho.boulder.ibm.com (b03ledav003.gho.boulder.ibm.com [9.17.130.234])
        by b03cxnp07028.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 15DAt0Kq27918642
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Sun, 13 Jun 2021 10:55:00 GMT
Received: from b03ledav003.gho.boulder.ibm.com (unknown [127.0.0.1])
        by IMSVA (Postfix) with ESMTP id BEF466A051;
        Sun, 13 Jun 2021 10:55:00 +0000 (GMT)
Received: from b03ledav003.gho.boulder.ibm.com (unknown [127.0.0.1])
        by IMSVA (Postfix) with ESMTP id 238986A04D;
        Sun, 13 Jun 2021 10:54:59 +0000 (GMT)
Received: from localhost.localdomain (unknown [9.160.180.39])
        by b03ledav003.gho.boulder.ibm.com (Postfix) with ESMTP;
        Sun, 13 Jun 2021 10:54:58 +0000 (GMT)
Message-ID: <4c769385e96a9b7022a4fd22938310550ceba5e1.camel@linux.ibm.com>
Subject: [PATCH v5 01/17] powerpc/powernv/vas: Release reference to tgid
 during window close
From:   Haren Myneni <haren@linux.ibm.com>
To:     linuxppc-dev@lists.ozlabs.org, linux-crypto@vger.kernel.org,
        mpe@ellerman.id.au, herbert@gondor.apana.org.au, npiggin@gmail.com
Cc:     hbabu@us.ibm.com, haren@us.ibm.com
Date:   Sun, 13 Jun 2021 03:54:56 -0700
In-Reply-To: <ed7a09822cf3a2e463f942e5a37309a2365c9d79.camel@linux.ibm.com>
References: <ed7a09822cf3a2e463f942e5a37309a2365c9d79.camel@linux.ibm.com>
Content-Type: text/plain; charset="UTF-8"
User-Agent: Evolution 3.36.2 (3.36.2-1.fc32) 
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-TM-AS-GCONF: 00
X-Proofpoint-GUID: 2fyfXEnR7sHKJSospIzRKF0qXBqDUzLi
X-Proofpoint-ORIG-GUID: iKiSzB4omFD8P9ucoroSCvN6kIQuuIuk
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391,18.0.761
 definitions=2021-06-13_04:2021-06-11,2021-06-13 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=999
 impostorscore=0 phishscore=0 lowpriorityscore=0 suspectscore=0 bulkscore=0
 mlxscore=0 priorityscore=1501 clxscore=1015 malwarescore=0 spamscore=0
 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.12.0-2104190000 definitions=main-2106130078
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org


The kernel handles the NX fault by updating CSB or sending
signal to process. In multithread applications, children can
open VAS windows and can exit without closing them. But the
parent can continue to send NX requests with these windows. To
prevent pid reuse, reference will be taken on pid and tgid
when the window is opened and release them during window close.

The current code is not releasing the tgid reference which can
cause pid leak and this patch fixes the issue.

Fixes: db1c08a740635 ("powerpc/vas: Take reference to PID and mm for user space windows")
Cc: stable@vger.kernel.org # 5.8+
Signed-off-by: Haren Myneni <haren@linux.ibm.com>
Reported-by: Nicholas Piggin <npiggin@gmail.com>
---
 arch/powerpc/platforms/powernv/vas-window.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/arch/powerpc/platforms/powernv/vas-window.c b/arch/powerpc/platforms/powernv/vas-window.c
index 5f5fe63a3d1c..7ba0840fc3b5 100644
--- a/arch/powerpc/platforms/powernv/vas-window.c
+++ b/arch/powerpc/platforms/powernv/vas-window.c
@@ -1093,9 +1093,9 @@ struct vas_window *vas_tx_win_open(int vasid, enum vas_cop_type cop,
 		/*
 		 * Process closes window during exit. In the case of
 		 * multithread application, the child thread can open
-		 * window and can exit without closing it. Expects parent
-		 * thread to use and close the window. So do not need
-		 * to take pid reference for parent thread.
+		 * window and can exit without closing it. so takes tgid
+		 * reference until window closed to make sure tgid is not
+		 * reused.
 		 */
 		txwin->tgid = find_get_pid(task_tgid_vnr(current));
 		/*
@@ -1339,8 +1339,9 @@ int vas_win_close(struct vas_window *window)
 	/* if send window, drop reference to matching receive window */
 	if (window->tx_win) {
 		if (window->user_win) {
-			/* Drop references to pid and mm */
+			/* Drop references to pid. tgid and mm */
 			put_pid(window->pid);
+			put_pid(window->tgid);
 			if (window->mm) {
 				mm_context_remove_vas_window(window->mm);
 				mmdrop(window->mm);
-- 
2.18.2