On Wed, Apr 1, 2020 at 9:19 AM Christian Borntraeger <borntraeger@xxxxxxxxxx> wrote: > > On 31.03.20 21:27, Eugenio Pérez wrote: > > Vhost did not reset properly the batched descriptors on SET_VRING_BASE > > event. Because of that, is possible to return an invalid descriptor to > > the guest. > > > > This series ammend this, resetting them every time backend changes, and > > creates a test to assert correct behavior. To do that, they need to > > expose a new function in virtio_ring, virtqueue_reset_free_head, only > > on test code. > > > > Another useful thing would be to check if mutex is properly get in > > vq private_data accessors. Not sure if mutex debug code allow that, > > similar to C++ unique lock::owns_lock. Not acquiring in the function > > because caller code holds the mutex in order to perform more actions. > > > > > > > v3: > > * Rename accesors functions. > > * Make scsi and test use the accesors too. > > > > v2: > > * Squashed commits. > > * Create vq private_data accesors (mst). > > > > This is meant to be applied on top of > > c4f1c41a6094582903c75c0dcfacb453c959d457 in > > git.kernel.org/pub/scm/linux/kernel/git/mst/vhost.git. > > > A quick test on s390 looks good. > Really good to know :). Would it be possible to investigate when qemu launches the offending ioctls? Thanks!
