linux/drivers/vhost
Michael S. Tsirkin b0c057ca7e vhost: fix a theoretical race in device cleanup
vhost_zerocopy_callback accesses VQ right after it drops a ubuf
reference.  In theory, this could race with device removal which waits
on the ubuf kref, and crash on use after free.

Do all accesses within rcu read side critical section, and synchronize
on release.

Since callbacks are always invoked from bh, synchronize_rcu_bh seems
enough and will help release complete a bit faster.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-13 18:47:30 -05:00
..
Kconfig vhost: Make vhost a separate module 2013-07-07 17:33:44 +03:00
Makefile vhost: Make vhost a separate module 2013-07-07 17:33:44 +03:00
net.c vhost: fix a theoretical race in device cleanup 2014-02-13 18:47:30 -05:00
scsi.c Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending 2014-01-31 15:31:23 -08:00
test.c vhost: remove the dead branch 2013-12-06 15:22:05 -05:00
test.h
vhost.c vhost: remove the dead branch 2013-12-06 15:22:05 -05:00
vhost.h vhost: remove the dead branch 2013-12-06 15:22:05 -05:00
vringh.c Add missing module license tag to vring helpers. 2013-05-08 10:49:03 +09:30