xen/xenbus: reference count registered modules

To prevent a PV driver module being removed whilst attached to its other
end, and hence xenbus calling into potentially invalid text, take a
reference on the module before calling the probe() method (dropping it if
unsuccessful) and drop the reference after returning from the remove()
method.

Suggested-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Paul Durrant <pdurrant@amazon.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
This commit is contained in:
Paul Durrant 2019-12-02 11:41:16 +00:00 committed by Juergen Gross
parent b3f7931f5c
commit 196748a276
1 changed files with 12 additions and 1 deletions

View File

@ -232,9 +232,16 @@ int xenbus_dev_probe(struct device *_dev)
return err; return err;
} }
if (!try_module_get(drv->driver.owner)) {
dev_warn(&dev->dev, "failed to acquire module reference on '%s'\n",
drv->driver.name);
err = -ESRCH;
goto fail;
}
err = drv->probe(dev, id); err = drv->probe(dev, id);
if (err) if (err)
goto fail; goto fail_put;
err = watch_otherend(dev); err = watch_otherend(dev);
if (err) { if (err) {
@ -244,6 +251,8 @@ int xenbus_dev_probe(struct device *_dev)
} }
return 0; return 0;
fail_put:
module_put(drv->driver.owner);
fail: fail:
xenbus_dev_error(dev, err, "xenbus_dev_probe on %s", dev->nodename); xenbus_dev_error(dev, err, "xenbus_dev_probe on %s", dev->nodename);
xenbus_switch_state(dev, XenbusStateClosed); xenbus_switch_state(dev, XenbusStateClosed);
@ -263,6 +272,8 @@ int xenbus_dev_remove(struct device *_dev)
if (drv->remove) if (drv->remove)
drv->remove(dev); drv->remove(dev);
module_put(drv->driver.owner);
free_otherend_details(dev); free_otherend_details(dev);
xenbus_switch_state(dev, XenbusStateClosed); xenbus_switch_state(dev, XenbusStateClosed);