diff options
| author | Alexey Kardashevskiy <aik@ozlabs.ru> | 2020-03-09 23:43:17 +0100 |
|---|---|---|
| committer | Alexey Kardashevskiy <aik@ozlabs.ru> | 2020-03-11 15:43:22 +1100 |
| commit | 8174acd8c808337863ccb516a1a888deb574d18b (patch) | |
| tree | 331698dc4a37580a59d8eb8c72304117956d6030 | |
| parent | cf28264196e596c11d0d47f6150dfef5c0e4239f (diff) | |
| download | SLOF-8174acd8c808337863ccb516a1a888deb574d18b.zip SLOF-8174acd8c808337863ccb516a1a888deb574d18b.tar.gz SLOF-8174acd8c808337863ccb516a1a888deb574d18b.tar.bz2 | |
virtio-serial: Close device completely
Linux closes stdout at the end of prom_init which triggers the FW quiesce
code which closes the virtio-serial instance. This misses stopping the
virtio queues. However this seemed working for a little longer (until the
Linux driver took over) till 300384f3dc68 which moved the VQ descriptors
around which caused use-after-free corruption.
This adds virtio_queue_term_vq(), cleanup in the forth driver and a few
checks.
Fixes: 300384f3dc68 ("virtio: Store queue descriptors in virtio_device")
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
[groug: - fix changelog
- don't restore emit]
Signed-off-by: Greg Kurz <groug@kaod.org>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
| -rw-r--r-- | board-qemu/slof/virtio-serial.fs | 3 | ||||
| -rw-r--r-- | lib/libvirtio/virtio-serial.c | 7 |
2 files changed, 10 insertions, 0 deletions
diff --git a/board-qemu/slof/virtio-serial.fs b/board-qemu/slof/virtio-serial.fs index e307231..ac55ffc 100644 --- a/board-qemu/slof/virtio-serial.fs +++ b/board-qemu/slof/virtio-serial.fs @@ -21,6 +21,7 @@ virtio-setup-vd VALUE virtiodev : shutdown ( -- ) virtiodev virtio-serial-shutdown FALSE to initialized? + 0 to virtiodev ; : virtio-serial-term-emit @@ -58,6 +59,7 @@ virtiodev virtio-serial-init drop ; : write ( addr len -- actual ) + virtiodev 0= IF nip EXIT THEN tuck 0 ?DO dup c@ virtiodev SWAP virtio-serial-putchar @@ -68,6 +70,7 @@ virtiodev virtio-serial-init drop : read ( addr len -- actual ) 0= IF drop 0 EXIT THEN + virtiodev 0= IF nip EXIT THEN virtiodev virtio-serial-haschar 0= IF 0 swap c! -2 EXIT THEN virtiodev virtio-serial-getchar swap c! 1 ; diff --git a/lib/libvirtio/virtio-serial.c b/lib/libvirtio/virtio-serial.c index d1503a4..92afb02 100644 --- a/lib/libvirtio/virtio-serial.c +++ b/lib/libvirtio/virtio-serial.c @@ -102,6 +102,10 @@ void virtio_serial_shutdown(struct virtio_device *dev) /* Quiesce device */ virtio_set_status(dev, VIRTIO_STAT_FAILED); + /* Stop queues */ + virtio_queue_term_vq(dev, &dev->vq[TX_Q], TX_Q); + virtio_queue_term_vq(dev, &dev->vq[RX_Q], RX_Q); + /* Reset device */ virtio_reset_device(dev); } @@ -114,6 +118,9 @@ int virtio_serial_putchar(struct virtio_device *dev, char c) uint16_t last_used_idx, avail_idx; struct vqs *vq = &dev->vq[TX_Q]; + if (!vq->desc) + return 0; + avail_idx = virtio_modern16_to_cpu(dev, vq->avail->idx); last_used_idx = vq->used->idx; |