[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PULL 32/35] vhost-user: disable chardev handlers on cl
From: |
Paolo Bonzini |
Subject: |
Re: [Qemu-devel] [PULL 32/35] vhost-user: disable chardev handlers on close |
Date: |
Wed, 29 Jun 2016 17:45:15 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.1.1 |
On 29/06/2016 17:31, Marc-André Lureau wrote:
> Hi
>
> ----- Original Message -----
>> This otherwise causes a use-after-free if network backend cleanup
>> is performed before character device cleanup.
>>
>> Cc: Marc-André Lureau <address@hidden>
>> Signed-off-by: Paolo Bonzini <address@hidden>
>
>
>
> See also my previous (still unreviewed) series:
> https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01004.html
Oh, interesting!
This is indeed a superset of patch 1, but you need to either delete the
chardev (patch 2) or clear the handlers. There are only a handful uses
of qemu_chr_delete outside qemu-char.c, which makes me believe that most
of them are wrong...
Paolo
> so: Reviewed-by: Marc-André Lureau <address@hidden>
>
>
>> ---
>> net/vhost-user.c | 5 +++++
>> 1 file changed, 5 insertions(+)
>>
>> diff --git a/net/vhost-user.c b/net/vhost-user.c
>> index 636899a..92f4cfd 100644
>> --- a/net/vhost-user.c
>> +++ b/net/vhost-user.c
>> @@ -151,6 +151,11 @@ static void vhost_user_cleanup(NetClientState *nc)
>> vhost_net_cleanup(s->vhost_net);
>> s->vhost_net = NULL;
>> }
>> + if (s->chr) {
>> + qemu_chr_add_handlers(s->chr, NULL, NULL, NULL, NULL);
>> + qemu_chr_fe_release(s->chr);
>> + s->chr = NULL;
>> + }
>>
>> qemu_purge_queued_packets(nc);
>> }
>> --
>> 1.8.3.1
>>