[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [qemu-xen master] vhost: Release memory references on cleanup

commit b24304ca131ecf0eb029ee2c39d46fd4a9ab8901
Author:     Alex Williamson <alex.williamson@xxxxxxxxxx>
AuthorDate: Thu Sep 7 14:27:09 2017 -0600
Commit:     Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>
CommitDate: Thu Sep 14 19:31:09 2017 -0500

    vhost: Release memory references on cleanup
    
    vhost registers a MemoryListener where it adds and removes references
    to MemoryRegions as the MemoryRegionSections pass through.  The
    region_add callback is invoked for each existing section when the
    MemoryListener is registered, but unregistering the MemoryListener
    performs no reciprocal region_del callback.  It's therefore the
    owner of the MemoryListener's responsibility to cleanup any persistent
    changes, such as these memory references, after unregistering.
    
    The consequence of this bug is that if we have both a vhost device
    and a vfio device, the vhost device will reference any mmap'd MMIO of
    the vfio device via this MemoryListener.  If the vhost device is then
    removed, those references remain outstanding.  If we then attempt to
    remove the vfio device, it never gets finalized and the only way to
    release the kernel file descriptors is to terminate the QEMU process.
    
    Fixes: dfde4e6e1a86 ("memory: add ref/unref calls")
    Cc: Michael S. Tsirkin <mst@xxxxxxxxxx>
    Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx>
    Cc: qemu-stable@xxxxxxxxxx # v1.6.0+
    Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx>
    Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx>
    Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx>
    (cherry picked from commit ee4c112846a0f2ac4fe5601918b0a2642ac8e2ed)
    Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>
---
 hw/virtio/vhost.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/hw/virtio/vhost.c b/hw/virtio/vhost.c
index 6eddb09..b737ca9 100644
--- a/hw/virtio/vhost.c
+++ b/hw/virtio/vhost.c
@@ -1356,6 +1356,10 @@ void vhost_dev_cleanup(struct vhost_dev *hdev)
     if (hdev->mem) {
         /* those are only safe after successful init */
         memory_listener_unregister(&hdev->memory_listener);
+        for (i = 0; i < hdev->n_mem_sections; ++i) {
+            MemoryRegionSection *section = &hdev->mem_sections[i];
+            memory_region_unref(section->mr);
+        }
         QLIST_REMOVE(hdev, entry);
     }
     if (hdev->migration_blocker) {
--
generated by git-patchbot for /home/xen/git/qemu-xen.git#master

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
https://lists.xenproject.org/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.