diff options
| author | Alexander Bulekov <alxndr@bu.edu> | 2023-04-27 17:10:09 -0400 |
|---|---|---|
| committer | Thomas Huth <thuth@redhat.com> | 2023-04-28 11:31:54 +0200 |
| commit | f63192b0544af5d3e4d5edfd85ab520fcf671377 (patch) | |
| tree | 64eab41f7be16e93518b18c885d7e082edec4f69 /hw/ide | |
| parent | ef56ffbdd6b0605dc1e305611287b948c970e236 (diff) | |
| download | qemu-f63192b0544af5d3e4d5edfd85ab520fcf671377.zip qemu-f63192b0544af5d3e4d5edfd85ab520fcf671377.tar.gz qemu-f63192b0544af5d3e4d5edfd85ab520fcf671377.tar.bz2 | |
hw: replace most qemu_bh_new calls with qemu_bh_new_guarded
This protects devices from bh->mmio reentrancy issues.
Thanks: Thomas Huth <thuth@redhat.com> for diagnosing OS X test failure.
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Paul Durrant <paul@xen.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20230427211013.2994127-5-alxndr@bu.edu>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Diffstat (limited to 'hw/ide')
| -rw-r--r-- | hw/ide/ahci.c | 3 | ||||
| -rw-r--r-- | hw/ide/ahci_internal.h | 1 | ||||
| -rw-r--r-- | hw/ide/core.c | 4 |
3 files changed, 6 insertions, 2 deletions
diff --git a/hw/ide/ahci.c b/hw/ide/ahci.c index 55902e1..4e76d6b 100644 --- a/hw/ide/ahci.c +++ b/hw/ide/ahci.c @@ -1509,7 +1509,8 @@ static void ahci_cmd_done(const IDEDMA *dma) ahci_write_fis_d2h(ad); if (ad->port_regs.cmd_issue && !ad->check_bh) { - ad->check_bh = qemu_bh_new(ahci_check_cmd_bh, ad); + ad->check_bh = qemu_bh_new_guarded(ahci_check_cmd_bh, ad, + &ad->mem_reentrancy_guard); qemu_bh_schedule(ad->check_bh); } } diff --git a/hw/ide/ahci_internal.h b/hw/ide/ahci_internal.h index 303fcd7..2480455 100644 --- a/hw/ide/ahci_internal.h +++ b/hw/ide/ahci_internal.h @@ -321,6 +321,7 @@ struct AHCIDevice { bool init_d2h_sent; AHCICmdHdr *cur_cmd; NCQTransferState ncq_tfs[AHCI_MAX_CMDS]; + MemReentrancyGuard mem_reentrancy_guard; }; struct AHCIPCIState { diff --git a/hw/ide/core.c b/hw/ide/core.c index 45d14a2..de48ff9 100644 --- a/hw/ide/core.c +++ b/hw/ide/core.c @@ -513,6 +513,7 @@ BlockAIOCB *ide_issue_trim( BlockCompletionFunc *cb, void *cb_opaque, void *opaque) { IDEState *s = opaque; + IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master; TrimAIOCB *iocb; /* Paired with a decrement in ide_trim_bh_cb() */ @@ -520,7 +521,8 @@ BlockAIOCB *ide_issue_trim( iocb = blk_aio_get(&trim_aiocb_info, s->blk, cb, cb_opaque); iocb->s = s; - iocb->bh = qemu_bh_new(ide_trim_bh_cb, iocb); + iocb->bh = qemu_bh_new_guarded(ide_trim_bh_cb, iocb, + &DEVICE(dev)->mem_reentrancy_guard); iocb->ret = 0; iocb->qiov = qiov; iocb->i = -1; |