[PATCH] s390/vfio-ap: lock mdev object when handling mdev remove request

[Anthony Krowiak]

The vfio_ap_mdev_request function in drivers/s390/crypto/vfio_ap_ops.c
accesses fields of an ap_matrix_mdev object without ensuring that the
object is accessed by only one thread at a time. This patch adds the lock
necessary to secure access to the ap_matrix_mdev object.

Fixes: 2e3d8d71e285 ("s390/vfio-ap: wire in the vfio_device_ops request callback")
Signed-off-by: Anthony Krowiak <akrowiak@xxxxxxxxxxxxx>
Cc: <stable@xxxxxxxxxxxxxxx>
---
 drivers/s390/crypto/vfio_ap_ops.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/s390/crypto/vfio_ap_ops.c b/drivers/s390/crypto/vfio_ap_ops.c
index a52c2690933f..a2784d3357d9 100644
--- a/drivers/s390/crypto/vfio_ap_ops.c
+++ b/drivers/s390/crypto/vfio_ap_ops.c
@@ -2045,6 +2045,7 @@ static void vfio_ap_mdev_request(struct vfio_device *vdev, unsigned int count)
 	struct ap_matrix_mdev *matrix_mdev;
 
 	matrix_mdev = container_of(vdev, struct ap_matrix_mdev, vdev);
+	mutex_lock(&matrix_dev->mdevs_lock);
 
 	if (matrix_mdev->req_trigger) {
 		if (!(count % 10))
@@ -2057,6 +2058,8 @@ static void vfio_ap_mdev_request(struct vfio_device *vdev, unsigned int count)
 		dev_notice(dev,
 			   "No device request registered, blocked until released by user\n");
 	}
+
+	mutex_unlock(&matrix_dev->mdevs_lock);
 }
 
 static int vfio_ap_mdev_get_device_info(unsigned long arg)
-- 
2.47.1