From: Oliver Kurth Date: Wed, 7 Jun 2017 00:17:04 +0000 (-0700) Subject: VMCI: reset datagram buffer pointer on dealloc X-Git-Tag: stable-10.1.10~7 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7023998ba5594871a658c5ef1be4dbda6c0158eb;p=thirdparty%2Fopen-vm-tools.git VMCI: reset datagram buffer pointer on dealloc Fix a potential guest crash when unloading the VMCI driver while upgrading to a specific version of UEK. A BH may run during module unload and attempt to deliver datagrams to the datagram buffer after it has been deallocated. It turns out that the tasklet may not yet have been scheduled, so add a tasklet_disable to guard against that. Also, reset the datagram buffer pointer when the buffer is deallocated to indicate that it is no longer there. --- diff --git a/open-vm-tools/modules/linux/vmci/linux/driver.c b/open-vm-tools/modules/linux/vmci/linux/driver.c index 77636a032..579e008b7 100644 --- a/open-vm-tools/modules/linux/vmci/linux/driver.c +++ b/open-vm-tools/modules/linux/vmci/linux/driver.c @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2011-2014 VMware, Inc. All rights reserved. + * Copyright (C) 2011-2014,2017 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -2015,6 +2015,8 @@ vmci_remove_device(struct pci_dev* pdev) dev->exclusive_vectors = FALSE; dev->intr_type = VMCI_INTR_TYPE_INTX; + tasklet_disable(&vmci_dg_tasklet); + tasklet_disable(&vmci_bm_tasklet); tasklet_kill(&vmci_dg_tasklet); tasklet_kill(&vmci_bm_tasklet); @@ -2476,6 +2478,7 @@ vmci_exit(void) if (guestDeviceInit) { pci_unregister_driver(&vmci_driver); vfree(data_buffer); + data_buffer = NULL; guestDeviceInit = FALSE; } diff --git a/open-vm-tools/modules/linux/vmci/linux/vmci_version.h b/open-vm-tools/modules/linux/vmci/linux/vmci_version.h index aecf0b6d6..b472a66b2 100644 --- a/open-vm-tools/modules/linux/vmci/linux/vmci_version.h +++ b/open-vm-tools/modules/linux/vmci/linux/vmci_version.h @@ -1,5 +1,5 @@ /********************************************************* - * Copyright (C) 2007-2014 VMware, Inc. All rights reserved. + * Copyright (C) 2007-2014,2017 VMware, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -25,8 +25,8 @@ #ifndef _VMCI_VERSION_H_ #define _VMCI_VERSION_H_ -#define VMCI_DRIVER_VERSION 9.8.1.0 -#define VMCI_DRIVER_VERSION_COMMAS 9,8,1,0 -#define VMCI_DRIVER_VERSION_STRING "9.8.1.0" +#define VMCI_DRIVER_VERSION 9.8.2.0 +#define VMCI_DRIVER_VERSION_COMMAS 9,8,2,0 +#define VMCI_DRIVER_VERSION_STRING "9.8.2.0" #endif /* _VMCI_VERSION_H_ */