[Devel] [PATCH VZ10 12/12] ve: Guard ve from ve_list with ve_list_lock
Pavel Tikhomirov
ptikhomirov at virtuozzo.com
Tue Dec 2 07:41:11 MSK 2025
On 12/2/25 00:28, Konstantin Khorenko wrote:
> On 11/24/25 12:20, Pavel Tikhomirov wrote:
>> Else we can get use after free on ve_struct.
>>
>> https://virtuozzo.atlassian.net/browse/VSTOR-118289
>> Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
>>
>> Feature: ve: ve generic structures
>> ---
>> kernel/ve/vecalls.c | 3 +++
>> 1 file changed, 3 insertions(+)
>>
>> diff --git a/kernel/ve/vecalls.c b/kernel/ve/vecalls.c
>> index 6caf269fe5040..a9e82a1335403 100644
>> --- a/kernel/ve/vecalls.c
>> +++ b/kernel/ve/vecalls.c
>> @@ -120,6 +120,8 @@ static int vestat_seq_show(struct seq_file *m, void *v)
>> struct kernel_cpustat kstat;
>> entry = (struct list_head *)v;
>> +
>> + guard(mutex)(&ve_list_lock);
>> ve = list_entry(entry, struct ve_struct, ve_list);
>> curve = get_exec_env();
>> @@ -275,6 +277,7 @@ static int veinfo_seq_show(struct seq_file *m, void *v)
>> {
>> struct ve_struct *ve;
>> + guard(mutex)(&ve_list_lock);
>> ve = list_entry((struct list_head *)v, struct ve_struct, ve_list);
>> /* second 0 is deprecated ve->class_id */
>
> static int devperms_seq_show(struct seq_file *m, void *v)
> {
> struct ve_struct *ve;
>
> // need it here as well?
> guard(mutex)(&ve_list_lock);
> ve = list_entry(v, struct ve_struct, ve_list);
> ...
> }
Oh, sadly I was completely wrong in this patch.
We have all three (vestat_seq_show(), devperms_seq_show() and veinfo_seq_show()) uses of ve_list already under ve_list_lock via ve_seq_start() + ve_seq_stop().
Thanks for Aleksei Oladko for pointing that out in slack.
So, let's revert this patch, as it wrongly introduces self-deadlocks.
>
--
Best regards, Pavel Tikhomirov
Senior Software Developer, Virtuozzo.
More information about the Devel
mailing list