On 01.04.20 20:40, Eugenio Perez Martin wrote: > On Wed, Apr 1, 2020 at 9:19 AM Christian Borntraeger > <borntraeger@xxxxxxxxxx> wrote: >> >> On 31.03.20 21:27, Eugenio Pérez wrote: >>> Vhost did not reset properly the batched descriptors on SET_VRING_BASE >>> event. Because of that, is possible to return an invalid descriptor to >>> the guest. >>> >>> This series ammend this, resetting them every time backend changes, and >>> creates a test to assert correct behavior. To do that, they need to >>> expose a new function in virtio_ring, virtqueue_reset_free_head, only >>> on test code. >>> >>> Another useful thing would be to check if mutex is properly get in >>> vq private_data accessors. Not sure if mutex debug code allow that, >>> similar to C++ unique lock::owns_lock. Not acquiring in the function >>> because caller code holds the mutex in order to perform more actions. >> >> >> >>> >>> v3: >>> * Rename accesors functions. >>> * Make scsi and test use the accesors too. >>> >>> v2: >>> * Squashed commits. >>> * Create vq private_data accesors (mst). >>> >>> This is meant to be applied on top of >>> c4f1c41a6094582903c75c0dcfacb453c959d457 in >>> git.kernel.org/pub/scm/linux/kernel/git/mst/vhost.git. >> >> >> A quick test on s390 looks good. >> > > Really good to know :). > > Would it be possible to investigate when qemu launches the offending ioctls? During guest reboot. This is obvious, no? _______________________________________________ Virtualization mailing list Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/virtualization
