Re: [PATCH v3 7/9] vhost: Add new UAPI to support change to task mode

[PATCH v3 0/9] vhost: Add support of kthread API · Cindy Lu <hidden> · 2024-11-05
[PATCH v3 1/9] vhost: Add a new parameter to allow user select kthread · Cindy Lu <hidden> · 2024-11-05
Re: [PATCH v3 1/9] vhost: Add a new parameter to allow user select kthread · Jason Wang <jasowang@redhat.com> · 2024-11-05
[PATCH v3 2/9] vhost: Add the vhost_worker to support kthread · Cindy Lu <hidden> · 2024-11-05
[PATCH v3 3/9] vhost: Add the cgroup related function · Cindy Lu <hidden> · 2024-11-05
Re: [PATCH v3 3/9] vhost: Add the cgroup related function · Mike Christie <michael.christie@oracle.com> · 2024-11-25
Re: [PATCH v3 3/9] vhost: Add the cgroup related function · Cindy Lu <hidden> · 2024-11-27
[PATCH v3 4/9] vhost: Add kthread support in function vhost_worker_create · Cindy Lu <hidden> · 2024-11-05
Re: [PATCH v3 4/9] vhost: Add kthread support in function vhost_worker_create · Jason Wang <jasowang@redhat.com> · 2024-11-05
Re: [PATCH v3 4/9] vhost: Add kthread support in function vhost_worker_create · Cindy Lu <hidden> · 2024-11-06
Re: [PATCH v3 4/9] vhost: Add kthread support in function vhost_worker_create · michael.christie@oracle.com · 2024-11-26
Re: [PATCH v3 4/9] vhost: Add kthread support in function vhost_worker_create · Cindy Lu <hidden> · 2024-11-27
[PATCH v3 5/9] vhost: Add kthread support in function vhost_worker_queue() · Cindy Lu <hidden> · 2024-11-05
Re: [PATCH v3 5/9] vhost: Add kthread support in function vhost_worker_queue() · Jason Wang <jasowang@redhat.com> · 2024-11-05
Re: [PATCH v3 5/9] vhost: Add kthread support in function vhost_worker_queue() · Dan Carpenter <hidden> · 2024-11-07
Re: [PATCH v3 5/9] vhost: Add kthread support in function vhost_worker_queue() · Dan Carpenter <hidden> · 2024-11-07
[PATCH v3 6/9] vhost: Add kthread support in function vhost_worker_destroy() · Cindy Lu <hidden> · 2024-11-05
Re: [PATCH v3 6/9] vhost: Add kthread support in function vhost_worker_destroy() · Dan Carpenter <hidden> · 2024-11-07
[PATCH v3 7/9] vhost: Add new UAPI to support change to task mode · Cindy Lu <hidden> · 2024-11-05
Re: [PATCH v3 7/9] vhost: Add new UAPI to support change to task mode · Jason Wang <jasowang@redhat.com> · 2024-11-05
Re: [PATCH v3 7/9] vhost: Add new UAPI to support change to task mode · Mike Christie <michael.christie@oracle.com> · 2024-11-25
Re: [PATCH v3 7/9] vhost: Add new UAPI to support change to task mode · Stefano Garzarella <sgarzare@redhat.com> · 2024-11-05
Re: [PATCH v3 7/9] vhost: Add new UAPI to support change to task mode · Cindy Lu <hidden> · 2024-11-07
Re: [PATCH v3 7/9] vhost: Add new UAPI to support change to task mode · Stefano Garzarella <sgarzare@redhat.com> · 2024-11-07
Re: [PATCH v3 7/9] vhost: Add new UAPI to support change to task mode · Cindy Lu <hidden> · 2024-11-07
Re: [PATCH v3 7/9] vhost: Add new UAPI to support change to task mode · "Michael S. Tsirkin" <mst@redhat.com> · 2024-11-06
Re: [PATCH v3 7/9] vhost: Add new UAPI to support change to task mode · "Michael S. Tsirkin" <mst@redhat.com> · 2024-11-06
[PATCH v3 8/9] vhost_scsi: Add check for inherit_owner status · Cindy Lu <hidden> · 2024-11-05
Re: [PATCH v3 8/9] vhost_scsi: Add check for inherit_owner status · Mike Christie <michael.christie@oracle.com> · 2024-11-25
[PATCH v3 9/9] vhost: Expose the modparam inherit_owner_default · Cindy Lu <hidden> · 2024-11-05
Re: [PATCH v3 0/9] vhost: Add support of kthread API · Lei Yang <hidden> · 2024-12-10

From: "Michael S. Tsirkin" <mst@redhat.com>
Date: 2024-11-06 07:33:00
Also in: lkml, virtualization

On Tue, Nov 05, 2024 at 03:25:26PM +0800, Cindy Lu wrote:

quoted hunk ↗ jump to hunk

Add a new UAPI to enable setting the vhost device to task mode.
The userspace application can use VHOST_SET_INHERIT_FROM_OWNER
to configure the mode if necessary.
This setting must be applied before VHOST_SET_OWNER, as the worker
will be created in the VHOST_SET_OWNER function

Signed-off-by: Cindy Lu <redacted>
---
 drivers/vhost/vhost.c      | 15 ++++++++++++++-
 include/uapi/linux/vhost.h |  2 ++
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/drivers/vhost/vhost.c b/drivers/vhost/vhost.c
index c17dc01febcc..70c793b63905 100644
--- a/drivers/vhost/vhost.c
+++ b/drivers/vhost/vhost.c

@@ -2274,8 +2274,9 @@ long vhost_dev_ioctl(struct vhost_dev *d, unsigned int ioctl, void __user *argp)
 {
 	struct eventfd_ctx *ctx;
 	u64 p;
-	long r;
+	long r = 0;
 	int i, fd;
+	bool inherit_owner;
 
 	/* If you are not the owner, you can become one */
 	if (ioctl == VHOST_SET_OWNER) {

@@ -2332,6 +2333,18 @@ long vhost_dev_ioctl(struct vhost_dev *d, unsigned int ioctl, void __user *argp)
 		if (ctx)
 			eventfd_ctx_put(ctx);
 		break;
+	case VHOST_SET_INHERIT_FROM_OWNER:
+		/*inherit_owner can only be modified before owner is set*/

bad coding style

+		if (vhost_dev_has_owner(d))
+			break;

is this silently failing? should return EBUSY or something like this.

+
+		if (copy_from_user(&inherit_owner, argp,
+				   sizeof(inherit_owner))) {

not good,

+			r = -EFAULT;
+			break;
+		}
+		d->inherit_owner = inherit_owner;

+		break;
 	default:
 		r = -ENOIOCTLCMD;
 		break;



This means any task can break out of jail
and steal root group system time by setting inherit_owner to 0
even if system is configured to inherit by default.

we need a modparam to block this.

quoted hunk ↗ jump to hunk

diff --git a/include/uapi/linux/vhost.h b/include/uapi/linux/vhost.h
index b95dd84eef2d..1e192038633d 100644
--- a/include/uapi/linux/vhost.h
+++ b/include/uapi/linux/vhost.h

@@ -235,4 +235,6 @@
  */
 #define VHOST_VDPA_GET_VRING_SIZE	_IOWR(VHOST_VIRTIO, 0x82,	\
 					      struct vhost_vring_state)
+
+#define VHOST_SET_INHERIT_FROM_OWNER _IOW(VHOST_VIRTIO, 0x83, bool)

do not put bool in interfaces. something like u8 and validate it is 0 or
1.

 #endif
-- 
2.45.0

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help