On 1/11/2022 10:33 AM, Eli Cohen wrote:> Call reset using the wrapper function vdpa_reset() to make sure the > operation is serialized with cf_mutex. > > This comes to protect from the following possible scenario: > > vhost_vdpa_set_status() could call the reset op. Since the call is not > protected by cf_mutex, a netlink thread calling vdpa_dev_config_fill > could get passed the VIRTIO_CONFIG_S_FEATURES_OK check in > vdpa_dev_config_fill() and end up reporting wrong features. > > Fixes: 5f6e85953d8f ("vdpa: Read device configuration only if FEATURES_OK") > Signed-off-by: Eli Cohen <elic at nvidia.com>Reviewed-by: Si-Wei Liu<si-wei.liu at oracle.com>> --- > drivers/vhost/vdpa.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/vhost/vdpa.c b/drivers/vhost/vdpa.c > index 0ed6cbadb52d..851539807bc9 100644 > --- a/drivers/vhost/vdpa.c > +++ b/drivers/vhost/vdpa.c > @@ -178,7 +178,7 @@ static long vhost_vdpa_set_status(struct vhost_vdpa *v, u8 __user *statusp) > vhost_vdpa_unsetup_vq_irq(v, i); > > if (status == 0) { > - ret = ops->reset(vdpa); > + ret = vdpa_reset(vdpa); > if (ret) > return ret; > } else