search for: vhost_net_chr_write_it

Displaying 20 results from an estimated 20 matches for "vhost_net_chr_write_it".

2018 May 18
3
KASAN: use-after-free Read in vhost_chr_write_iter
...both VHOST_IOTLB_UPDATE and > VHOST_IOTLB_INVALIDATE) > ===== ===== > vhost_umem_clean(dev->iotlb); > if (!dev->iotlb) { > ret = -EFAULT; > break; > } > dev->iotlb = NULL; > > > Call Sequence: > CPU0 > ===== > vhost_net_chr_write_iter > vhost_chr_write_iter > vhost_process_iotlb_msg > > CPU1 > ===== > vhost_net_ioctl > vhost_net_reset_owner > vhost_dev_reset_owner > vhost_dev_cleanup Thanks a lot for the analysis. This could be addressed by simply protect it with dev mutex. Will post a pa...
2018 May 18
3
KASAN: use-after-free Read in vhost_chr_write_iter
...both VHOST_IOTLB_UPDATE and > VHOST_IOTLB_INVALIDATE) > ===== ===== > vhost_umem_clean(dev->iotlb); > if (!dev->iotlb) { > ret = -EFAULT; > break; > } > dev->iotlb = NULL; > > > Call Sequence: > CPU0 > ===== > vhost_net_chr_write_iter > vhost_chr_write_iter > vhost_process_iotlb_msg > > CPU1 > ===== > vhost_net_ioctl > vhost_net_reset_owner > vhost_dev_reset_owner > vhost_dev_cleanup Thanks a lot for the analysis. This could be addressed by simply protect it with dev mutex. Will post a pa...
2018 May 21
2
KASAN: use-after-free Read in vhost_chr_write_iter
...(!dev->iotlb) { > > > ??????????? ret = -EFAULT; > > > ??????????????? break; > > > } > > > ??????????????????????????? dev->iotlb = NULL; > > > > > > > > > Call Sequence: > > > CPU0 > > > ===== > > > vhost_net_chr_write_iter > > > ????vhost_chr_write_iter > > > ??????? vhost_process_iotlb_msg > > > > > > CPU1 > > > ===== > > > vhost_net_ioctl > > > ????vhost_net_reset_owner > > > ??????? vhost_dev_reset_owner > > > ??????????? vhost_dev...
2018 May 21
2
KASAN: use-after-free Read in vhost_chr_write_iter
...(!dev->iotlb) { > > > ??????????? ret = -EFAULT; > > > ??????????????? break; > > > } > > > ??????????????????????????? dev->iotlb = NULL; > > > > > > > > > Call Sequence: > > > CPU0 > > > ===== > > > vhost_net_chr_write_iter > > > ????vhost_chr_write_iter > > > ??????? vhost_process_iotlb_msg > > > > > > CPU1 > > > ===== > > > vhost_net_ioctl > > > ????vhost_net_reset_owner > > > ??????? vhost_dev_reset_owner > > > ??????????? vhost_dev...
2018 May 21
0
KASAN: use-after-free Read in vhost_chr_write_iter
...????????????????? vhost_umem_clean(dev->iotlb); >> if (!dev->iotlb) { >> ??????????? ret = -EFAULT; >> ??????????????? break; >> } >> ??????????????????????????? dev->iotlb = NULL; >> >> >> Call Sequence: >> CPU0 >> ===== >> vhost_net_chr_write_iter >> ????vhost_chr_write_iter >> ??????? vhost_process_iotlb_msg >> >> CPU1 >> ===== >> vhost_net_ioctl >> ????vhost_net_reset_owner >> ??????? vhost_dev_reset_owner >> ??????????? vhost_dev_cleanup > > Thanks a lot for the analysis. >...
2018 May 22
0
KASAN: use-after-free Read in vhost_chr_write_iter
...gt;>>> ??????????? ret = -EFAULT; >>>> ??????????????? break; >>>> } >>>> ??????????????????????????? dev->iotlb = NULL; >>>> >>>> >>>> Call Sequence: >>>> CPU0 >>>> ===== >>>> vhost_net_chr_write_iter >>>> ????vhost_chr_write_iter >>>> ??????? vhost_process_iotlb_msg >>>> >>>> CPU1 >>>> ===== >>>> vhost_net_ioctl >>>> ????vhost_net_reset_owner >>>> ??????? vhost_dev_reset_owner >>>>...
2018 May 22
0
KASAN: use-after-free Read in vhost_chr_write_iter
...gt;>>> ??????????? ret = -EFAULT; >>>> ??????????????? break; >>>> } >>>> ??????????????????????????? dev->iotlb = NULL; >>>> >>>> >>>> Call Sequence: >>>> CPU0 >>>> ===== >>>> vhost_net_chr_write_iter >>>> ????vhost_chr_write_iter >>>> ??????? vhost_process_iotlb_msg >>>> >>>> CPU1 >>>> ===== >>>> vhost_net_ioctl >>>> ????vhost_net_reset_owner >>>> ??????? vhost_dev_reset_owner >>>>...
2018 Aug 08
0
KASAN: use-after-free Read in iotlb_access_ok
...mem_cache_alloc_trace+0x152/0x780 mm/slab.c:3620 > ?kmalloc include/linux/slab.h:513 [inline] > ?vhost_new_umem_range+0xcb/0x7c0 drivers/vhost/vhost.c:911 > ?vhost_process_iotlb_msg drivers/vhost/vhost.c:1000 [inline] > ?vhost_chr_write_iter+0xe53/0x1a00 drivers/vhost/vhost.c:1043 > ?vhost_net_chr_write_iter+0x59/0x70 drivers/vhost/net.c:1399 > ?call_write_iter include/linux/fs.h:1793 [inline] > ?new_sync_write fs/read_write.c:474 [inline] > ?__vfs_write+0x6c6/0x9f0 fs/read_write.c:487 > ?vfs_write+0x1f8/0x560 fs/read_write.c:549 > ?ksys_write+0x101/0x260 fs/read_write.c:598 > ?__do...
2016 Jun 22
0
[PATCH 3/3] vhost: device IOTLB API
...iter(struct kiocb *iocb, struct iov_iter *to) +{ + struct file *file = iocb->ki_filp; + struct vhost_net *n = file->private_data; + struct vhost_dev *dev = &n->dev; + int noblock = file->f_flags & O_NONBLOCK; + + return vhost_chr_read_iter(dev, to, noblock); +} + +static ssize_t vhost_net_chr_write_iter(struct kiocb *iocb, + struct iov_iter *from) +{ + struct file *file = iocb->ki_filp; + struct vhost_net *n = file->private_data; + struct vhost_dev *dev = &n->dev; + + return vhost_chr_write_iter(dev, from); +} + +static unsigned int vhost_net_chr_poll(struct file *file, poll_tab...
2019 Apr 16
4
[PATCH v3 09/26] compat_ioctl: move drivers to compat_ptr_ioctl
...return vhost_net_ioctl(f, ioctl, (unsigned long)compat_ptr(arg)); -} -#endif - static ssize_t vhost_net_chr_read_iter(struct kiocb *iocb, struct iov_iter *to) { struct file *file = iocb->ki_filp; @@ -1808,9 +1800,7 @@ static const struct file_operations vhost_net_fops = { .write_iter = vhost_net_chr_write_iter, .poll = vhost_net_chr_poll, .unlocked_ioctl = vhost_net_ioctl, -#ifdef CONFIG_COMPAT - .compat_ioctl = vhost_net_compat_ioctl, -#endif + .compat_ioctl = compat_ptr_ioctl, .open = vhost_net_open, .llseek = noop_llseek, }; diff --git a/drivers/vhost/scsi.c b/drive...
2019 Apr 16
4
[PATCH v3 09/26] compat_ioctl: move drivers to compat_ptr_ioctl
...return vhost_net_ioctl(f, ioctl, (unsigned long)compat_ptr(arg)); -} -#endif - static ssize_t vhost_net_chr_read_iter(struct kiocb *iocb, struct iov_iter *to) { struct file *file = iocb->ki_filp; @@ -1808,9 +1800,7 @@ static const struct file_operations vhost_net_fops = { .write_iter = vhost_net_chr_write_iter, .poll = vhost_net_chr_poll, .unlocked_ioctl = vhost_net_ioctl, -#ifdef CONFIG_COMPAT - .compat_ioctl = vhost_net_compat_ioctl, -#endif + .compat_ioctl = compat_ptr_ioctl, .open = vhost_net_open, .llseek = noop_llseek, }; diff --git a/drivers/vhost/scsi.c b/drive...
2019 Apr 19
0
[PATCH v3 09/26] compat_ioctl: move drivers to compat_ptr_ioctl
...ed long)compat_ptr(arg)); > -} > -#endif > - > static ssize_t vhost_net_chr_read_iter(struct kiocb *iocb, struct iov_iter *to) > { > struct file *file = iocb->ki_filp; > @@ -1808,9 +1800,7 @@ static const struct file_operations vhost_net_fops = { > .write_iter = vhost_net_chr_write_iter, > .poll = vhost_net_chr_poll, > .unlocked_ioctl = vhost_net_ioctl, > -#ifdef CONFIG_COMPAT > - .compat_ioctl = vhost_net_compat_ioctl, > -#endif > + .compat_ioctl = compat_ptr_ioctl, > .open = vhost_net_open, > .llseek = noop_llseek, >...
2018 Sep 12
1
[PATCH v2 02/17] compat_ioctl: move drivers to generic_compat_ioctl_ptrarg
...return vhost_net_ioctl(f, ioctl, (unsigned long)compat_ptr(arg)); -} -#endif - static ssize_t vhost_net_chr_read_iter(struct kiocb *iocb, struct iov_iter *to) { struct file *file = iocb->ki_filp; @@ -1578,9 +1570,7 @@ static const struct file_operations vhost_net_fops = { .write_iter = vhost_net_chr_write_iter, .poll = vhost_net_chr_poll, .unlocked_ioctl = vhost_net_ioctl, -#ifdef CONFIG_COMPAT - .compat_ioctl = vhost_net_compat_ioctl, -#endif + .compat_ioctl = generic_compat_ioctl_ptrarg, .open = vhost_net_open, .llseek = noop_llseek, }; diff --git a/drivers/vhost/scs...
2019 Jul 30
2
[PATCH v5 12/29] compat_ioctl: move drivers to compat_ptr_ioctl
...return vhost_net_ioctl(f, ioctl, (unsigned long)compat_ptr(arg)); -} -#endif - static ssize_t vhost_net_chr_read_iter(struct kiocb *iocb, struct iov_iter *to) { struct file *file = iocb->ki_filp; @@ -1794,9 +1786,7 @@ static const struct file_operations vhost_net_fops = { .write_iter = vhost_net_chr_write_iter, .poll = vhost_net_chr_poll, .unlocked_ioctl = vhost_net_ioctl, -#ifdef CONFIG_COMPAT - .compat_ioctl = vhost_net_compat_ioctl, -#endif + .compat_ioctl = compat_ptr_ioctl, .open = vhost_net_open, .llseek = noop_llseek, }; diff --git a/drivers/vhost/scsi.c b/drive...
2016 Jun 23
3
[PATCH V2 0/3] basic device IOTLB support for vhost_net
This patch tries to implement an device IOTLB for vhost. This could be used with for co-operation with userspace IOMMU implementation (qemu) for a secure DMA environment (DMAR) in guest. The idea is simple. When vhost meets an IOTLB miss, it will request the assistance of userspace to do the translation, this is done through: - when there's a IOTLB miss, it will notify userspace through
2016 Jun 23
3
[PATCH V2 0/3] basic device IOTLB support for vhost_net
This patch tries to implement an device IOTLB for vhost. This could be used with for co-operation with userspace IOMMU implementation (qemu) for a secure DMA environment (DMAR) in guest. The idea is simple. When vhost meets an IOTLB miss, it will request the assistance of userspace to do the translation, this is done through: - when there's a IOTLB miss, it will notify userspace through
2016 May 24
6
[RFC PATCH V3 0/3] basic device IOTLB support
This patch tries to implement an device IOTLB for vhost. This could be used with for co-operation with userspace IOMMU implementation (qemu) for a secure DMA environment (DMAR) in guest. The idea is simple. When vhost meets an IOTLB miss, it will request the assistance of userspace to do the translation, this is done through: - when there's a IOTLB miss, it will notify userspace through
2016 May 24
6
[RFC PATCH V3 0/3] basic device IOTLB support
This patch tries to implement an device IOTLB for vhost. This could be used with for co-operation with userspace IOMMU implementation (qemu) for a secure DMA environment (DMAR) in guest. The idea is simple. When vhost meets an IOTLB miss, it will request the assistance of userspace to do the translation, this is done through: - when there's a IOTLB miss, it will notify userspace through
2016 Jun 22
4
[PATCH 0/3] basic device IOTLB support
This patch tries to implement an device IOTLB for vhost. This could be used with for co-operation with userspace IOMMU implementation (qemu) for a secure DMA environment (DMAR) in guest. The idea is simple. When vhost meets an IOTLB miss, it will request the assistance of userspace to do the translation, this is done through: - when there's a IOTLB miss, it will notify userspace through
2016 Jun 22
4
[PATCH 0/3] basic device IOTLB support
This patch tries to implement an device IOTLB for vhost. This could be used with for co-operation with userspace IOMMU implementation (qemu) for a secure DMA environment (DMAR) in guest. The idea is simple. When vhost meets an IOTLB miss, it will request the assistance of userspace to do the translation, this is done through: - when there's a IOTLB miss, it will notify userspace through