vhost: Build temporary section list and deref after commit - focaccia-qemu - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Dr. David Alan Gilbert <dgilbert@redhat.com>	2018-01-19 10:39:18 +0000
committer	Michael S. Tsirkin <mst@redhat.com>	2018-02-08 21:06:40 +0200
commit	c44317efecb240b9b0951ad46ba56eb547114f1d (patch)
tree	1e4996af2bc8700df5e3bc5d245caceec09ae892 /hw/misc/arm_integrator_debug.c
parent	710fccf80d787911120145f508f9c4c664cf0e03 (diff)
download	focaccia-qemu-c44317efecb240b9b0951ad46ba56eb547114f1d.tar.gz focaccia-qemu-c44317efecb240b9b0951ad46ba56eb547114f1d.zip

vhost: Build temporary section list and deref after commit

Igor spotted that there's a race, where a region that's unref'd
in a _del callback might be free'd before the set_mem_table call in
the _commit callback, and thus the vhost might end up using free memory.

Fix this by building a complete temporary sections list, ref'ing every
section (during add and nop) and then unref'ing the whole list right
at the end of commit.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

Diffstat (limited to 'hw/misc/arm_integrator_debug.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: