[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 68/77] virtio-pci: Changed vdev to proxy for VirtIO PCI BAR callb
|
From: |
Michael Roth |
|
Subject: |
[PATCH 68/77] virtio-pci: Changed vdev to proxy for VirtIO PCI BAR callbacks. |
|
Date: |
Thu, 3 Sep 2020 15:59:26 -0500 |
From: Andrew Melnychenko <andrew@daynix.com>
There is an issue when callback may be called with invalid vdev.
It happens on unplug when vdev already deleted and VirtIOPciProxy is not.
So now, callbacks accept proxy device, and vdev retrieved from it.
Technically memio callbacks should be removed during the flatview update,
but memoryregions remain til PCI device(and it's address space) completely
deleted.
Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=1716352
Signed-off-by: Andrew Melnychenko <andrew@daynix.com>
Message-Id: <20200706112123.971087-1-andrew@daynix.com>
Cc: qemu-stable@nongnu.org
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
(cherry picked from commit ccec7e9603f446fe75c6c563ba335c00cfda6a06)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
---
hw/virtio/virtio-pci.c | 34 ++++++++++++++++++++++++----------
1 file changed, 24 insertions(+), 10 deletions(-)
diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
index 2ca266e1cb..ef11c66a21 100644
--- a/hw/virtio/virtio-pci.c
+++ b/hw/virtio/virtio-pci.c
@@ -1317,11 +1317,12 @@ static uint64_t virtio_pci_notify_read(void *opaque,
hwaddr addr,
static void virtio_pci_notify_write(void *opaque, hwaddr addr,
uint64_t val, unsigned size)
{
- VirtIODevice *vdev = opaque;
- VirtIOPCIProxy *proxy = VIRTIO_PCI(DEVICE(vdev)->parent_bus->parent);
+ VirtIOPCIProxy *proxy = opaque;
+ VirtIODevice *vdev = virtio_bus_get_device(&proxy->bus);
+
unsigned queue = addr / virtio_pci_queue_mem_mult(proxy);
- if (queue < VIRTIO_QUEUE_MAX) {
+ if (vdev != NULL && queue < VIRTIO_QUEUE_MAX) {
virtio_queue_notify(vdev, queue);
}
}
@@ -1329,10 +1330,12 @@ static void virtio_pci_notify_write(void *opaque,
hwaddr addr,
static void virtio_pci_notify_write_pio(void *opaque, hwaddr addr,
uint64_t val, unsigned size)
{
- VirtIODevice *vdev = opaque;
+ VirtIOPCIProxy *proxy = opaque;
+ VirtIODevice *vdev = virtio_bus_get_device(&proxy->bus);
+
unsigned queue = val;
- if (queue < VIRTIO_QUEUE_MAX) {
+ if (vdev != NULL && queue < VIRTIO_QUEUE_MAX) {
virtio_queue_notify(vdev, queue);
}
}
@@ -1356,9 +1359,14 @@ static void virtio_pci_isr_write(void *opaque, hwaddr
addr,
static uint64_t virtio_pci_device_read(void *opaque, hwaddr addr,
unsigned size)
{
- VirtIODevice *vdev = opaque;
+ VirtIOPCIProxy *proxy = opaque;
+ VirtIODevice *vdev = virtio_bus_get_device(&proxy->bus);
uint64_t val = 0;
+ if (vdev == NULL) {
+ return val;
+ }
+
switch (size) {
case 1:
val = virtio_config_modern_readb(vdev, addr);
@@ -1376,7 +1384,13 @@ static uint64_t virtio_pci_device_read(void *opaque,
hwaddr addr,
static void virtio_pci_device_write(void *opaque, hwaddr addr,
uint64_t val, unsigned size)
{
- VirtIODevice *vdev = opaque;
+ VirtIOPCIProxy *proxy = opaque;
+ VirtIODevice *vdev = virtio_bus_get_device(&proxy->bus);
+
+ if (vdev == NULL) {
+ return;
+ }
+
switch (size) {
case 1:
virtio_config_modern_writeb(vdev, addr, val);
@@ -1453,19 +1467,19 @@ static void
virtio_pci_modern_regions_init(VirtIOPCIProxy *proxy)
memory_region_init_io(&proxy->device.mr, OBJECT(proxy),
&device_ops,
- virtio_bus_get_device(&proxy->bus),
+ proxy,
"virtio-pci-device",
proxy->device.size);
memory_region_init_io(&proxy->notify.mr, OBJECT(proxy),
¬ify_ops,
- virtio_bus_get_device(&proxy->bus),
+ proxy,
"virtio-pci-notify",
proxy->notify.size);
memory_region_init_io(&proxy->notify_pio.mr, OBJECT(proxy),
¬ify_pio_ops,
- virtio_bus_get_device(&proxy->bus),
+ proxy,
"virtio-pci-notify-pio",
proxy->notify_pio.size);
}
--
2.17.1
- [PATCH 60/77] virtio-balloon: Prevent guest from starting a report when we didn't request one, (continued)
- [PATCH 60/77] virtio-balloon: Prevent guest from starting a report when we didn't request one, Michael Roth, 2020/09/03
- [PATCH 63/77] linux-headers: update against Linux 5.7-rc3, Michael Roth, 2020/09/03
- [PATCH 61/77] virtio-balloon: Add locking to prevent possible race when starting hinting, Michael Roth, 2020/09/03
- [PATCH 71/77] migration/block-dirty-bitmap: fix dirty_bitmap_mig_before_vm_start, Michael Roth, 2020/09/03
- [PATCH 65/77] virtio: list legacy-capable devices, Michael Roth, 2020/09/03
- [PATCH 66/77] virtio: verify that legacy support is not accidentally on, Michael Roth, 2020/09/03
- [PATCH 05/77] net: Do not include a newline in the id of -nic devices, Michael Roth, 2020/09/03
- [PATCH 67/77] intel_iommu: Use correct shift for 256 bits qi descriptor, Michael Roth, 2020/09/03
- [PATCH 69/77] libvhost-user: Report descriptor index on panic, Michael Roth, 2020/09/03
- [PATCH 68/77] virtio-pci: Changed vdev to proxy for VirtIO PCI BAR callbacks.,
Michael Roth <=
- [PATCH 06/77] nbd/server: Avoid long error message assertions CVE-2020-10761, Michael Roth, 2020/09/03
- [PATCH 72/77] block: Fix bdrv_aligned_p*v() for qiov_offset != 0, Michael Roth, 2020/09/03
- [PATCH 73/77] iotests/028: Add test for cross-base-EOF reads, Michael Roth, 2020/09/03
- [PATCH 74/77] nbd: Fix large trim/zero requests, Michael Roth, 2020/09/03
- [PATCH 64/77] virtio-balloon: Replace free page hinting references to 'report' with 'hint', Michael Roth, 2020/09/03
- [PATCH 70/77] Update OpenBIOS images to 7f28286f built from submodule., Michael Roth, 2020/09/03
- [PATCH 76/77] hw/arm/sbsa-ref: fix typo breaking PCIe IRQs, Michael Roth, 2020/09/03
- [PATCH 75/77] virtio-net: align RSC fields with updated virtio-net header, Michael Roth, 2020/09/03
- [PATCH 07/77] virtio-balloon: fix free page hinting without an iothread, Michael Roth, 2020/09/03
- [PATCH 77/77] usb: fix setup_len init (CVE-2020-14364), Michael Roth, 2020/09/03