| commit | 34c6bf22a8d9b60c513df151aa0a791ef53bf81d | |
| author | Cornelia Huck <cornelia.huck@de.ibm.com> | |
| Wed, 1 Mar 2017 17:58:52 +0000 (1 18:58 +0100) | ||
| committer | Michael S. Tsirkin <mst@redhat.com> | |
| Thu, 2 Mar 2017 05:14:27 +0000 (2 07:14 +0200) | ||
| tree | 588879f9c2d168f06dfa14f5c08741a3e0a584bd | treesnapshot (tar.gz zip) |
| parent | dd3dd4ba7b949662d2c67a4c041549b3d79c4b0e | commitdiff |
virtio: guard vring access when setting notification
Switching to vring caches exposed an existing bug in
virtio_queue_set_notification(): We can't access vring structures
if they have not been set up yet. This may happen, for example,
for virtio-blk devices with multiple queues: The code will try to
switch notifiers for every queue, but the guest may have only set up
a subset of them.
Fix this by guarding access to the vring memory by checking for
vring.desc. The first aio poll will iron out any remaining
inconsistencies for later-configured queues (buggy legacy drivers).
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Switching to vring caches exposed an existing bug in
virtio_queue_set_notification(): We can't access vring structures
if they have not been set up yet. This may happen, for example,
for virtio-blk devices with multiple queues: The code will try to
switch notifiers for every queue, but the guest may have only set up
a subset of them.
Fix this by guarding access to the vring memory by checking for
vring.desc. The first aio poll will iron out any remaining
inconsistencies for later-configured queues (buggy legacy drivers).
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
| hw/virtio/virtio.c | diffblobblamehistory |