[Devel] [PATCH VZ10 12/12] ve: Guard ve from ve_list with ve_list_lock
Konstantin Khorenko
khorenko at virtuozzo.com
Mon Dec 1 19:28:13 MSK 2025
On 11/24/25 12:20, Pavel Tikhomirov wrote:
> Else we can get use after free on ve_struct.
>
> https://virtuozzo.atlassian.net/browse/VSTOR-118289
> Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
>
> Feature: ve: ve generic structures
> ---
> kernel/ve/vecalls.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/kernel/ve/vecalls.c b/kernel/ve/vecalls.c
> index 6caf269fe5040..a9e82a1335403 100644
> --- a/kernel/ve/vecalls.c
> +++ b/kernel/ve/vecalls.c
> @@ -120,6 +120,8 @@ static int vestat_seq_show(struct seq_file *m, void *v)
> struct kernel_cpustat kstat;
>
> entry = (struct list_head *)v;
> +
> + guard(mutex)(&ve_list_lock);
> ve = list_entry(entry, struct ve_struct, ve_list);
>
> curve = get_exec_env();
> @@ -275,6 +277,7 @@ static int veinfo_seq_show(struct seq_file *m, void *v)
> {
> struct ve_struct *ve;
>
> + guard(mutex)(&ve_list_lock);
> ve = list_entry((struct list_head *)v, struct ve_struct, ve_list);
>
> /* second 0 is deprecated ve->class_id */
static int devperms_seq_show(struct seq_file *m, void *v)
{
struct ve_struct *ve;
// need it here as well?
guard(mutex)(&ve_list_lock);
ve = list_entry(v, struct ve_struct, ve_list);
...
}
More information about the Devel
mailing list