[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 09/15] virtio: guard vring access when setting notifi
From: |
Michael S. Tsirkin |
Subject: |
[Qemu-devel] [PULL 09/15] virtio: guard vring access when setting notification |
Date: |
Thu, 2 Mar 2017 08:20:41 +0200 |
From: Cornelia Huck <address@hidden>
Switching to vring caches exposed an existing bug in
virtio_queue_set_notification(): We can't access vring structures
if they have not been set up yet. This may happen, for example,
for virtio-blk devices with multiple queues: The code will try to
switch notifiers for every queue, but the guest may have only set up
a subset of them.
Fix this by guarding access to the vring memory by checking for
vring.desc. The first aio poll will iron out any remaining
inconsistencies for later-configured queues (buggy legacy drivers).
Signed-off-by: Cornelia Huck <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
---
hw/virtio/virtio.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
index e487e36..bf8a644 100644
--- a/hw/virtio/virtio.c
+++ b/hw/virtio/virtio.c
@@ -288,6 +288,10 @@ void virtio_queue_set_notification(VirtQueue *vq, int
enable)
{
vq->notification = enable;
+ if (!vq->vring.desc) {
+ return;
+ }
+
rcu_read_lock();
if (virtio_vdev_has_feature(vq->vdev, VIRTIO_RING_F_EVENT_IDX)) {
vring_set_avail_event(vq, vring_avail_idx(vq));
--
MST
- Re: [Qemu-devel] [PULL 05/15] qmp/hmp: add query-vm-generation-id and 'info vm-generation-id' commands, (continued)
- Re: [Qemu-devel] [PULL 05/15] qmp/hmp: add query-vm-generation-id and 'info vm-generation-id' commands, Markus Armbruster, 2017/03/02
- Re: [Qemu-devel] [PULL 05/15] qmp/hmp: add query-vm-generation-id and 'info vm-generation-id' commands, Laszlo Ersek, 2017/03/02
- Re: [Qemu-devel] [PULL 05/15] qmp/hmp: add query-vm-generation-id and 'info vm-generation-id' commands, Ben Warren, 2017/03/02
- Re: [Qemu-devel] [PULL 05/15] qmp/hmp: add query-vm-generation-id and 'info vm-generation-id' commands, Michael S. Tsirkin, 2017/03/02
- Re: [Qemu-devel] [PULL 05/15] qmp/hmp: add query-vm-generation-id and 'info vm-generation-id' commands, Laszlo Ersek, 2017/03/02
[Qemu-devel] [PULL 04/15] ACPI: Add Virtual Machine Generation ID support, Michael S. Tsirkin, 2017/03/02
[Qemu-devel] [PULL 07/15] MAINTAINERS: Add VM Generation ID entries, Michael S. Tsirkin, 2017/03/02
[Qemu-devel] [PULL 06/15] tests: Move reusable ACPI code into a utility file, Michael S. Tsirkin, 2017/03/02
[Qemu-devel] [PULL 08/15] virtio: check for vring setup in virtio_queue_empty, Michael S. Tsirkin, 2017/03/02
[Qemu-devel] [PULL 10/15] virtio: invalidate memory in vring_set_avail_event(), Michael S. Tsirkin, 2017/03/02
[Qemu-devel] [PULL 09/15] virtio: guard vring access when setting notification,
Michael S. Tsirkin <=
[Qemu-devel] [PULL 11/15] virtio: add missing region cache init in virtio_load(), Michael S. Tsirkin, 2017/03/02
[Qemu-devel] [PULL 12/15] virtio: unbreak virtio-pci with IOMMU after caching ring translations, Michael S. Tsirkin, 2017/03/02
[Qemu-devel] [PULL 14/15] tests/acpi: update DSDT after last patch, Michael S. Tsirkin, 2017/03/02
[Qemu-devel] [PULL 13/15] acpi: simplify _OSC, Michael S. Tsirkin, 2017/03/02
[Qemu-devel] [PULL 15/15] hw/pxb-pcie: fix PCI Express hotplug support, Michael S. Tsirkin, 2017/03/02
Re: [Qemu-devel] [PULL 00/15] virtio, pc: fixes, features, Peter Maydell, 2017/03/02
Re: [Qemu-devel] [PULL 00/15] virtio, pc: fixes, features, Peter Maydell, 2017/03/03
Re: [Qemu-devel] [PULL 00/15] virtio, pc: fixes, features, Peter Maydell, 2017/03/03