Re: [PATCH v2 1/3] vsock/virtio: use RCU to avoid use-after-free on the_virtio_vsock

On 2019/7/4 下午5:20, Stefano Garzarella wrote: This is still suspicious, can we access the_virtio_vsock through vdev->priv? If yes, we may still get use-after-free since it was not protected by RCU. We will free the object only after calling the del_vqs(), so we are sure that the vq_callbacks e

Re: [PATCH v2 1/3] vsock/virtio: use RCU to avoid use-after-free on the_virtio_vsock

On Wed, Jul 03, 2019 at 12:41:35PM +0200, Stefano Garzarella wrote: > On Wed, Jul 03, 2019 at 05:53:58PM +0800, Jason Wang wrote: > > On 2019/6/28 下午8:36, Stefano Garzarella wrote: > > Another more interesting question, I believe we will do singleton for > > virtio_vsock structure. Then what's the

Re: [PATCH v2 1/3] vsock/virtio: use RCU to avoid use-after-free on the_virtio_vsock

On Thu, Jul 04, 2019 at 11:58:00AM +0800, Jason Wang wrote: > > On 2019/7/3 下午6:41, Stefano Garzarella wrote: > > On Wed, Jul 03, 2019 at 05:53:58PM +0800, Jason Wang wrote: > > > On 2019/6/28 下午8:36, Stefano Garzarella wrote: > > > > Some callbacks used by the upper layers can run while we are in

Re: [PATCH v2 1/3] vsock/virtio: use RCU to avoid use-after-free on the_virtio_vsock

On 2019/7/3 下午6:41, Stefano Garzarella wrote: On Wed, Jul 03, 2019 at 05:53:58PM +0800, Jason Wang wrote: On 2019/6/28 下午8:36, Stefano Garzarella wrote: Some callbacks used by the upper layers can run while we are in the .remove(). A potential use-after-free can happen, because we free the_vi

Re: [PATCH v2 1/3] vsock/virtio: use RCU to avoid use-after-free on the_virtio_vsock

On Wed, Jul 03, 2019 at 05:53:58PM +0800, Jason Wang wrote: > > On 2019/6/28 下午8:36, Stefano Garzarella wrote: > > Some callbacks used by the upper layers can run while we are in the > > .remove(). A potential use-after-free can happen, because we free > > the_virtio_vsock without knowing if the c

Re: [PATCH v2 1/3] vsock/virtio: use RCU to avoid use-after-free on the_virtio_vsock

On 2019/6/28 下午8:36, Stefano Garzarella wrote: Some callbacks used by the upper layers can run while we are in the .remove(). A potential use-after-free can happen, because we free the_virtio_vsock without knowing if the callbacks are over or not. To solve this issue we move the assignment of

Re: [PATCH v2 1/3] vsock/virtio: use RCU to avoid use-after-free on the_virtio_vsock

On Fri, Jun 28, 2019 at 02:36:57PM +0200, Stefano Garzarella wrote: > Some callbacks used by the upper layers can run while we are in the > .remove(). A potential use-after-free can happen, because we free > the_virtio_vsock without knowing if the callbacks are over or not. > > To solve this issue

Re: [PATCH v2 1/3] vsock/virtio: use RCU to avoid use-after-free on the_virtio_vsock

On Fri, Jun 28, 2019 at 02:36:57PM +0200, Stefano Garzarella wrote: > Some callbacks used by the upper layers can run while we are in the > .remove(). A potential use-after-free can happen, because we free > the_virtio_vsock without knowing if the callbacks are over or not. > > To solve this issue

[PATCH v2 1/3] vsock/virtio: use RCU to avoid use-after-free on the_virtio_vsock

Some callbacks used by the upper layers can run while we are in the .remove(). A potential use-after-free can happen, because we free the_virtio_vsock without knowing if the callbacks are over or not. To solve this issue we move the assignment of the_virtio_vsock at the end of .probe(), when we fi