qemu-4.2.0-7.fc33

Fix segfault with SR-IOV hot-{plug,unplug} (bz #1814017)

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
This commit is contained in:
Fabiano Fidêncio 2020-03-17 11:12:56 +01:00
parent 377bb253e3
commit 492d6c1fff
2 changed files with 51 additions and 1 deletions

View File

@ -0,0 +1,45 @@
From 0446f8121723b134ca1d1ed0b73e96d4a0a8689d Mon Sep 17 00:00:00 2001
From: Peter Xu <peterx@redhat.com>
Date: Mon, 6 Jan 2020 13:34:45 -0700
Subject: [PATCH] vfio/pci: Don't remove irqchip notifier if not registered
The kvm irqchip notifier is only registered if the device supports
INTx, however it's unconditionally removed. If the assigned device
does not support INTx, this will cause QEMU to crash when unplugging
the device from the system. Change it to conditionally remove the
notifier only if the notify hook is setup.
CC: Eduardo Habkost <ehabkost@redhat.com>
CC: David Gibson <david@gibson.dropbear.id.au>
CC: Alex Williamson <alex.williamson@redhat.com>
Cc: qemu-stable@nongnu.org # v4.2
Reported-by: yanghliu@redhat.com
Debugged-by: Eduardo Habkost <ehabkost@redhat.com>
Fixes: c5478fea27ac ("vfio/pci: Respond to KVM irqchip change notifier")
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1782678
Signed-off-by: Peter Xu <peterx@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
---
hw/vfio/pci.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/hw/vfio/pci.c b/hw/vfio/pci.c
index 2d40b396f2..337a173ce7 100644
--- a/hw/vfio/pci.c
+++ b/hw/vfio/pci.c
@@ -3076,7 +3076,9 @@ static void vfio_exitfn(PCIDevice *pdev)
vfio_unregister_req_notifier(vdev);
vfio_unregister_err_notifier(vdev);
pci_device_set_intx_routing_notifier(&vdev->pdev, NULL);
- kvm_irqchip_remove_change_notifier(&vdev->irqchip_change_notifier);
+ if (vdev->irqchip_change_notifier.notify) {
+ kvm_irqchip_remove_change_notifier(&vdev->irqchip_change_notifier);
+ }
vfio_disable_interrupts(vdev);
if (vdev->intx.mmap_timer) {
timer_free(vdev->intx.mmap_timer);
--
2.25.1

View File

@ -161,7 +161,7 @@
Summary: QEMU is a FAST! processor emulator Summary: QEMU is a FAST! processor emulator
Name: qemu Name: qemu
Version: 4.2.0 Version: 4.2.0
Release: 6%{?rcrel}%{?dist} Release: 7%{?rcrel}%{?dist}
Epoch: 2 Epoch: 2
License: GPLv2 and BSD and MIT and CC-BY License: GPLv2 and BSD and MIT and CC-BY
URL: http://www.qemu.org/ URL: http://www.qemu.org/
@ -305,6 +305,8 @@ Patch0114: 0114-virtiofsd-Convert-lo_destroy-to-take-the-lo-mutex-lo.patch
Patch0115: 0115-virtiofsd-passthrough_ll-Pass-errno-to-fuse_reply_er.patch Patch0115: 0115-virtiofsd-passthrough_ll-Pass-errno-to-fuse_reply_er.patch
Patch0116: 0116-virtiofsd-stop-all-queue-threads-on-exit-in-virtio_l.patch Patch0116: 0116-virtiofsd-stop-all-queue-threads-on-exit-in-virtio_l.patch
Patch0117: 0117-virtiofsd-add-some-options-to-the-help-message.patch Patch0117: 0117-virtiofsd-add-some-options-to-the-help-message.patch
# Fix segfault with SR-IOV hot-{plug,unplug}
Patch0118: 0118-vfio-pci-Don-t-remove-irqchip-notifier-if-not-regist.patch
# Fix ppc shutdown issue (bz #1784961) # Fix ppc shutdown issue (bz #1784961)
Patch0201: 0201-spapr-Don-t-trigger-a-CAS-reboot-for-XICS-XIVE-mode-.patch Patch0201: 0201-spapr-Don-t-trigger-a-CAS-reboot-for-XICS-XIVE-mode-.patch
@ -2010,6 +2012,9 @@ getent passwd qemu >/dev/null || \
%changelog %changelog
* Tue Mar 17 2020 Fabiano Fidêncio <fidencio@redhat.com> - 2:4.2.0-7
- Fix segfault with SR-IOV hot-{plug,unplug} (bz #1814017)
* Tue Feb 25 2020 Cole Robinson <crobinso@redhat.com> - 2:4.2.0-6 * Tue Feb 25 2020 Cole Robinson <crobinso@redhat.com> - 2:4.2.0-6
- Rebuild for libiscsi soname bump - Rebuild for libiscsi soname bump