vhost: check for vhost_ops before using.

Message ID	1470201769-12344-1-git-send-email-i.maximets@samsung.com
State	New
Headers	show Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> From: Ilya Maximets <i.maximets@samsung.com> To: qemu-devel@nongnu.org, "Michael S . Tsirkin" <mst@redhat.com> Date: Wed, 03 Aug 2016 08:22:49 +0300 Message-id: <1470201769-12344-1-git-send-email-i.maximets@samsung.com> Subject: [Qemu-devel] [PATCH] vhost: check for vhost_ops before using. Precedence: list Cc: Ilya Maximets <i.maximets@samsung.com>, Marc-Andre Lureau <marcandre.lureau@redhat.com>, Heetae Ahn <heetae82.ahn@samsung.com>, Dyasly Sergey <s.dyasly@samsung.com> Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>

Message ID

1470201769-12344-1-git-send-email-i.maximets@samsung.com

State

New

Headers

From: Ilya Maximets <i.maximets@samsung.com>
To: qemu-devel@nongnu.org, "Michael S . Tsirkin" <mst@redhat.com>
Date: Wed, 03 Aug 2016 08:22:49 +0300
Message-id: <1470201769-12344-1-git-send-email-i.maximets@samsung.com>
Subject: [Qemu-devel] [PATCH] vhost: check for vhost_ops before using.
Precedence: list
Cc: Ilya Maximets <i.maximets@samsung.com>,
	Marc-Andre Lureau <marcandre.lureau@redhat.com>,
	Heetae Ahn <heetae82.ahn@samsung.com>,
	Dyasly Sergey <s.dyasly@samsung.com>
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: "Qemu-devel"
	<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>

Commit Message

Ilya Maximets Aug. 3, 2016, 5:22 a.m. UTC

'vhost_set_vring_enable()' tries to call function using pointer to
'vhost_ops' which can be already zeroized in 'vhost_dev_cleanup()'
while vhost disconnection.

Fix that by checking 'vhost_ops' before using. This fixes QEMU crash
on calling 'ethtool -L eth0 combined 2' if vhost disconnected.

Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
---
 hw/net/vhost_net.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Marc-André Lureau Aug. 3, 2016, 8:37 a.m. UTC | #1

Hi

On Wed, Aug 3, 2016 at 9:25 AM Ilya Maximets <i.maximets@samsung.com> wrote:

> 'vhost_set_vring_enable()' tries to call function using pointer to
> 'vhost_ops' which can be already zeroized in 'vhost_dev_cleanup()'
> while vhost disconnection.
>
> Fix that by checking 'vhost_ops' before using. This fixes QEMU crash
> on calling 'ethtool -L eth0 combined 2' if vhost disconnected.
>
> Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
> ---
>  hw/net/vhost_net.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/net/vhost_net.c b/hw/net/vhost_net.c
> index dc61dc1..f2d49ad 100644
> --- a/hw/net/vhost_net.c
> +++ b/hw/net/vhost_net.c
> @@ -428,7 +428,7 @@ int vhost_set_vring_enable(NetClientState *nc, int
> enable)
>
>      nc->vring_enable = enable;
>
> -    if (vhost_ops->vhost_set_vring_enable) {
> +    if (vhost_ops && vhost_ops->vhost_set_vring_enable) {
>          return vhost_ops->vhost_set_vring_enable(&net->dev, enable);
>      }
>

would be nice for 2.7,

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>

>
> --
> 2.7.4
>
>
> --
Marc-André Lureau

Marc-André Lureau Aug. 9, 2016, 10:27 a.m. UTC | #2

Hi

On Wed, Aug 3, 2016 at 12:37 PM Marc-André Lureau <
marcandre.lureau@gmail.com> wrote:

> Hi
>
> On Wed, Aug 3, 2016 at 9:25 AM Ilya Maximets <i.maximets@samsung.com>
> wrote:
>
>> 'vhost_set_vring_enable()' tries to call function using pointer to
>> 'vhost_ops' which can be already zeroized in 'vhost_dev_cleanup()'
>> while vhost disconnection.
>>
>> Fix that by checking 'vhost_ops' before using. This fixes QEMU crash
>> on calling 'ethtool -L eth0 combined 2' if vhost disconnected.
>>
>> Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
>> ---
>>  hw/net/vhost_net.c | 2 +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/hw/net/vhost_net.c b/hw/net/vhost_net.c
>> index dc61dc1..f2d49ad 100644
>> --- a/hw/net/vhost_net.c
>> +++ b/hw/net/vhost_net.c
>> @@ -428,7 +428,7 @@ int vhost_set_vring_enable(NetClientState *nc, int
>> enable)
>>
>>      nc->vring_enable = enable;
>>
>> -    if (vhost_ops->vhost_set_vring_enable) {
>> +    if (vhost_ops && vhost_ops->vhost_set_vring_enable) {
>>          return vhost_ops->vhost_set_vring_enable(&net->dev, enable);
>>      }
>>
>
> would be nice for 2.7,
>

Michael, could you pick the fix for 2.7? thanks

>
> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
>
>>
>> --
>> 2.7.4
>>
>>
>> --
> Marc-André Lureau
>

diff --git a/hw/net/vhost_net.c b/hw/net/vhost_net.c
index dc61dc1..f2d49ad 100644
--- a/hw/net/vhost_net.c
+++ b/hw/net/vhost_net.c
@@ -428,7 +428,7 @@  int vhost_set_vring_enable(NetClientState *nc, int enable)
 
     nc->vring_enable = enable;
 
-    if (vhost_ops->vhost_set_vring_enable) {
+    if (vhost_ops && vhost_ops->vhost_set_vring_enable) {
         return vhost_ops->vhost_set_vring_enable(&net->dev, enable);
     }

vhost: check for vhost_ops before using.

Commit Message

Comments

Patch