* [Qemu-devel] [PULL 1/3] vfio/pci: Handle subsystem realpath() returning NULL
2018-08-23 18:27 [Qemu-devel] [PULL 0/3] vfio: Fix coverity, postcopy, and error path issues Alex Williamson
@ 2018-08-23 18:27 ` Alex Williamson
2018-08-23 18:27 ` [Qemu-devel] [PULL 2/3] vfio/pci: Fix failure to close file descriptor on error Alex Williamson
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Alex Williamson @ 2018-08-23 18:27 UTC (permalink / raw)
To: qemu-devel
Fix error reported by Coverity where realpath can return NULL,
resulting in a segfault in strcmp(). This should never happen given
that we're working through regularly structured sysfs paths, but
trivial enough to easily avoid.
Fixes: 238e91728503 ("vfio/ccw/pci: Allow devices to opt-in for ballooning")
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
---
hw/vfio/pci.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/vfio/pci.c b/hw/vfio/pci.c
index 056f3a887a8f..866f0deeb7eb 100644
--- a/hw/vfio/pci.c
+++ b/hw/vfio/pci.c
@@ -2879,7 +2879,7 @@ static void vfio_realize(PCIDevice *pdev, Error **errp)
tmp = g_strdup_printf("%s/subsystem", vdev->vbasedev.sysfsdev);
subsys = realpath(tmp, NULL);
g_free(tmp);
- is_mdev = (strcmp(subsys, "/sys/bus/mdev") == 0);
+ is_mdev = subsys && (strcmp(subsys, "/sys/bus/mdev") == 0);
free(subsys);
trace_vfio_mdev(vdev->vbasedev.name, is_mdev);
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [Qemu-devel] [PULL 2/3] vfio/pci: Fix failure to close file descriptor on error
2018-08-23 18:27 [Qemu-devel] [PULL 0/3] vfio: Fix coverity, postcopy, and error path issues Alex Williamson
2018-08-23 18:27 ` [Qemu-devel] [PULL 1/3] vfio/pci: Handle subsystem realpath() returning NULL Alex Williamson
@ 2018-08-23 18:27 ` Alex Williamson
2018-08-23 18:27 ` [Qemu-devel] [PULL 3/3] postcopy: Synchronize usage of the balloon inhibitor Alex Williamson
2018-08-25 12:08 ` [Qemu-devel] [PULL 0/3] vfio: Fix coverity, postcopy, and error path issues Peter Maydell
3 siblings, 0 replies; 5+ messages in thread
From: Alex Williamson @ 2018-08-23 18:27 UTC (permalink / raw)
To: qemu-devel
A new error path fails to close the device file descriptor when
triggered by a ballooning incompatibility within the group. Fix it.
Fixes: 238e91728503 ("vfio/ccw/pci: Allow devices to opt-in for ballooning")
Reviewed-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
---
hw/vfio/common.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/vfio/common.c b/hw/vfio/common.c
index 3f31f80b1280..7c185e5a2e79 100644
--- a/hw/vfio/common.c
+++ b/hw/vfio/common.c
@@ -1432,6 +1432,7 @@ int vfio_get_device(VFIOGroup *group, const char *name,
if (!QLIST_EMPTY(&group->device_list)) {
error_setg(errp,
"Inconsistent device balloon setting within group");
+ close(fd);
return -1;
}
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [Qemu-devel] [PULL 3/3] postcopy: Synchronize usage of the balloon inhibitor
2018-08-23 18:27 [Qemu-devel] [PULL 0/3] vfio: Fix coverity, postcopy, and error path issues Alex Williamson
2018-08-23 18:27 ` [Qemu-devel] [PULL 1/3] vfio/pci: Handle subsystem realpath() returning NULL Alex Williamson
2018-08-23 18:27 ` [Qemu-devel] [PULL 2/3] vfio/pci: Fix failure to close file descriptor on error Alex Williamson
@ 2018-08-23 18:27 ` Alex Williamson
2018-08-25 12:08 ` [Qemu-devel] [PULL 0/3] vfio: Fix coverity, postcopy, and error path issues Peter Maydell
3 siblings, 0 replies; 5+ messages in thread
From: Alex Williamson @ 2018-08-23 18:27 UTC (permalink / raw)
To: qemu-devel
While the qemu_balloon_inhibit() interface appears rather general purpose,
postcopy uses it in a last-caller-wins approach with no guarantee of balanced
inhibits and de-inhibits. Wrap postcopy's usage of the inhibitor to give it
one vote overall, using the same last-caller-wins approach as previously
implemented at the balloon level.
Fixes: 01ccbec7bdf6 ("balloon: Allow multiple inhibit users")
Reported-by: Christian Borntraeger <borntraeger@de.ibm.com>
Tested-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
---
migration/postcopy-ram.c | 18 ++++++++++++++++--
1 file changed, 16 insertions(+), 2 deletions(-)
diff --git a/migration/postcopy-ram.c b/migration/postcopy-ram.c
index 932f18894990..c2e387ed44b4 100644
--- a/migration/postcopy-ram.c
+++ b/migration/postcopy-ram.c
@@ -509,6 +509,20 @@ int postcopy_ram_incoming_init(MigrationIncomingState *mis)
return 0;
}
+/*
+ * Manage a single vote to the QEMU balloon inhibitor for all postcopy usage,
+ * last caller wins.
+ */
+static void postcopy_balloon_inhibit(bool state)
+{
+ static bool cur_state = false;
+
+ if (state != cur_state) {
+ qemu_balloon_inhibit(state);
+ cur_state = state;
+ }
+}
+
/*
* At the end of a migration where postcopy_ram_incoming_init was called.
*/
@@ -539,7 +553,7 @@ int postcopy_ram_incoming_cleanup(MigrationIncomingState *mis)
mis->have_fault_thread = false;
}
- qemu_balloon_inhibit(false);
+ postcopy_balloon_inhibit(false);
if (enable_mlock) {
if (os_mlock() < 0) {
@@ -1107,7 +1121,7 @@ int postcopy_ram_enable_notify(MigrationIncomingState *mis)
* Ballooning can mark pages as absent while we're postcopying
* that would cause false userfaults.
*/
- qemu_balloon_inhibit(true);
+ postcopy_balloon_inhibit(true);
trace_postcopy_ram_enable_notify();
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [Qemu-devel] [PULL 0/3] vfio: Fix coverity, postcopy, and error path issues
2018-08-23 18:27 [Qemu-devel] [PULL 0/3] vfio: Fix coverity, postcopy, and error path issues Alex Williamson
` (2 preceding siblings ...)
2018-08-23 18:27 ` [Qemu-devel] [PULL 3/3] postcopy: Synchronize usage of the balloon inhibitor Alex Williamson
@ 2018-08-25 12:08 ` Peter Maydell
3 siblings, 0 replies; 5+ messages in thread
From: Peter Maydell @ 2018-08-25 12:08 UTC (permalink / raw)
To: Alex Williamson; +Cc: QEMU Developers
On 23 August 2018 at 19:27, Alex Williamson <alex.williamson@redhat.com> wrote:
> The following changes since commit 3392fbee4e435658733bbe9aab23392660558b59:
>
> Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-3.1-pull-request' into staging (2018-08-23 12:28:17 +0100)
>
> are available in the Git repository at:
>
> git://github.com/awilliam/qemu-vfio.git tags/vfio-fixes-20180823.1
>
> for you to fetch changes up to 154304cd6e99e4222ed762976f9d9aca33c094d3:
>
> postcopy: Synchronize usage of the balloon inhibitor (2018-08-23 10:45:58 -0600)
>
> ----------------------------------------------------------------
> VFIO fixes 2018-08-23
>
> - Fix coverity reported issue with use of realpath (Alex Williamson)
>
> - Cleanup file descriptor in error path (Alex Williamson)
>
> - Fix postcopy use of new balloon inhibitor (Alex Williamson)
>
> ----------------------------------------------------------------
> Alex Williamson (3):
> vfio/pci: Handle subsystem realpath() returning NULL
> vfio/pci: Fix failure to close file descriptor on error
> postcopy: Synchronize usage of the balloon inhibitor
>
> hw/vfio/common.c | 1 +
> hw/vfio/pci.c | 2 +-
> migration/postcopy-ram.c | 18 ++++++++++++++++--
> 3 files changed, 18 insertions(+), 3 deletions(-)
Applied, thanks.
-- PMM
^ permalink raw reply [flat|nested] 5+ messages in thread