[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [qemu-xen stable-4.10] virtio-net: don't touch virtqueue if vm is stopped

commit c2269a0b54c44ae2807e493e80fb1bdc4c2b8701
Author:     Jason Wang <jasowang@xxxxxxxxxx>
AuthorDate: Wed Nov 22 17:57:19 2017 +0800
Commit:     Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>
CommitDate: Wed Dec 6 11:40:52 2017 -0600

    virtio-net: don't touch virtqueue if vm is stopped
    
    Guest state should not be touched if VM is stopped, unfortunately we
    didn't check running state and tried to drain tx queue unconditionally
    in virtio_net_set_status(). A crash was then noticed as a migration
    destination when user type quit after virtqueue state is loaded but
    before region cache is initialized. In this case,
    virtio_net_drop_tx_queue_data() tries to access the uninitialized
    region cache.
    
    Fix this by only dropping tx queue data when vm is running.
    
    Fixes: 283e2c2adcb80 ("net: virtio-net discards TX data after link down")
    Cc: Yuri Benditovich <yuri.benditovich@xxxxxxxxxx>
    Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx>
    Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx>
    Cc: Michael S. Tsirkin <mst@xxxxxxxxxx>
    Cc: qemu-stable@xxxxxxxxxx
    Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx>
    Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx>
    (cherry picked from commit 70e53e6e4da3db4b2c31981191753a7e974936d0)
    Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>
---
 hw/net/virtio-net.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
index 148071a..fbc5e1b 100644
--- a/hw/net/virtio-net.c
+++ b/hw/net/virtio-net.c
@@ -288,7 +288,8 @@ static void virtio_net_set_status(struct VirtIODevice 
*vdev, uint8_t status)
                 qemu_bh_cancel(q->tx_bh);
             }
             if ((n->status & VIRTIO_NET_S_LINK_UP) == 0 &&
-                (queue_status & VIRTIO_CONFIG_S_DRIVER_OK)) {
+                (queue_status & VIRTIO_CONFIG_S_DRIVER_OK) &&
+                vdev->vm_running) {
                 /* if tx is waiting we are likely have some packets in tx queue
                  * and disabled notification */
                 q->tx_waiting = 0;
--
generated by git-patchbot for /home/xen/git/qemu-xen.git#stable-4.10

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.