1. 17 12月, 2010 1 次提交
    • R
      blockdev: check dinfo ptr before using · 0fc0f1fa
      Ryan Harper 提交于
      If a user decides to punish a guest by revoking its block device via
      drive_del, and subsequently also attempts to remove the pci device
      backing it, and the device is using blockdev_auto_del() then we get a
      segfault when we attempt to access dinfo->auto_del.[1]
      
      The fix is to check if drive_get_by_blockdev() actually returns a valid
      dinfo pointer or not.
      
      1. (qemu) pci_add auto storage file=images/test01.raw,if=virtio,id=block1,snapshot=on
         (qemu) drive_del block1
         (qemu) pci_del 5
         *segfault*
      Signed-off-by: NRyan Harper <ryanh@us.ibm.com>
      Tested-by: NLuiz Capitulino <lcapitulino@redhat.com>
      Signed-off-by: NKevin Wolf <kwolf@redhat.com>
      0fc0f1fa
  2. 25 11月, 2010 1 次提交
    • R
      Implement drive_del to decouple block removal from device removal · 9063f814
      Ryan Harper 提交于
      Currently device hotplug removal code is tied to device removal via
      ACPI.  All pci devices that are removable via device_del() require the
      guest to respond to the request.  In some cases the guest may not
      respond leaving the device still accessible to the guest.  The management
      layer doesn't currently have a reliable way to revoke access to host
      resource in the presence of an uncooperative guest.
      
      This patch implements a new monitor command, drive_del, which
      provides an explicit command to revoke access to a host block device.
      
      drive_del first quiesces the block device (qemu_aio_flush;
      bdrv_flush() and bdrv_close()).  This prevents further IO from being
      submitted against the host device.  Finally, drive_del cleans up
      pointers between the drive object (host resource) and the device
      object (guest resource).
      Signed-off-by: NRyan Harper <ryanh@us.ibm.com>
      Signed-off-by: NKevin Wolf <kwolf@redhat.com>
      9063f814
  3. 04 11月, 2010 1 次提交
  4. 23 8月, 2010 1 次提交
  5. 26 7月, 2010 1 次提交
  6. 06 7月, 2010 1 次提交
  7. 02 7月, 2010 5 次提交
    • M
      dfb0acd8
    • M
      blockdev: Clean up automatic drive deletion · 14bafc54
      Markus Armbruster 提交于
      We automatically delete blockdev host parts on unplug of the guest
      device.  Too much magic, but we can't change that now.
      
      The delete happens early in the guest device teardown, before the
      connection to the host part is severed.  Thus, the guest part's
      pointer to the host part dangles for a brief time.  No actual harm
      comes from this, but we'll catch such dangling pointers a few commits
      down the road.  Clean up the dangling pointers by delaying the
      automatic deletion until the guest part's pointer is gone.
      
      Device usb-storage deliberately makes two qdev properties refer to the
      same drive, because it automatically creates a second device.  Again,
      too much magic we can't change now.  Multiple references worked okay
      before, but now free_drive() dies for the second one.  Zap the extra
      reference.
      Signed-off-by: NMarkus Armbruster <armbru@redhat.com>
      Signed-off-by: NKevin Wolf <kwolf@redhat.com>
      14bafc54
    • M
      blockdev: New drive_get_by_blockdev() · e4700e59
      Markus Armbruster 提交于
      Signed-off-by: NMarkus Armbruster <armbru@redhat.com>
      Signed-off-by: NKevin Wolf <kwolf@redhat.com>
      e4700e59
    • M
      blockdev: Remove drive_get_serial() · 0c6f9c17
      Markus Armbruster 提交于
      Unused since commit 6ced55a5.
      Signed-off-by: NMarkus Armbruster <armbru@redhat.com>
      Signed-off-by: NKevin Wolf <kwolf@redhat.com>
      0c6f9c17
    • L
      Monitor: handle optional '-' arg as a bool · eb159d13
      Luiz Capitulino 提交于
      Historically, user monitor arguments beginning with '-' (eg. '-f')
      were passed as integers down to handlers.
      
      I've maintained this behavior in the new monitor because we didn't
      have a boolean type at the very beginning of QMP. Today we have it
      and this behavior is causing trouble to QMP's argument checker.
      
      This commit fixes the problem by doing the following changes:
      
      1. User Monitor
      
         Before: the optional arg was represented as a QInt, we'd pass 1
                 down to handlers if the user specified the argument or
                 0 otherwise
      
         This commit: the optional arg is represented as a QBool, we pass
                      true down to handlers if the user specified the
                      argument, otherwise _nothing_ is passed
      
      2. QMP
      
         Before: the client was required to pass the arg as QBool, but we'd
                 convert it to QInt internally. If the argument wasn't passed,
                 we'd pass 0 down
      
         This commit: still require a QBool, but doesn't do any conversion and
                      doesn't pass any default value
      
      3. Convert existing handlers (do_eject()/do_migrate()) to the new way
      
         Before: Both handlers would expect a QInt value, either 0 or 1
      
         This commit: Change the handlers to accept a QBool, they handle the
                      following cases:
      
                         A) true is passed: the option is enabled
                         B) false is passed: the option is disabled
                         C) nothing is passed: option not specified, use
                                               default behavior
      Signed-off-by: NLuiz Capitulino <lcapitulino@redhat.com>
      eb159d13
  8. 22 6月, 2010 1 次提交
    • E
      monitor: allow device to be ejected if no disk is inserted · 3b5276b5
      Eduardo Habkost 提交于
      This changes the monitor eject_device() function to not check for
      bdrv_is_inserted().
      
      Example run where the bug manifests itself:
      
      (output of 'info block' is stripped to include only the CD-ROM device)
      
        (qemu) info block
        ide1-cd0: type=cdrom removable=1 locked=0 [not inserted]
        (qemu) change ide1-cd0 /dev/cdrom host_cdrom
        (qemu) info block
        ide1-cd0: type=cdrom removable=1 locked=0 file=/dev/cdrom ro=1 drv=host_cdrom encrypted=0
        (qemu) eject ide1-cd0
        (qemu) info block
        ide1-cd0: type=cdrom removable=1 locked=0 file=/dev/cdrom ro=1 drv=host_cdrom encrypted=0
      
        # at this point, a disk was inserted on the host CD-ROM drive
      
        (qemu) info block
        ide1-cd0: type=cdrom removable=1 locked=0 file=/dev/cdrom ro=1 drv=host_cdrom encrypted=0
        (qemu) eject ide1-cd0
        (qemu) info block
        ide1-cd0: type=cdrom removable=1 locked=0 [not inserted]
        (qemu)
      
      The first eject command didn't work because the is_inserted() check
      failed.
      
      I have no clue why the code had the is_inserted() check, as it doesn't matter
      if there is a disk present at the host drive, when the user wants the virtual
      device to be disconnected from the host device.
      
      The is_inserted() check has another side effect: a memory leak if the "change"
      command is used multiple times, as do_change() calls eject_device() before
      re-opening the block device, but bdrv_close() is never called.
      Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
      Signed-off-by: NKevin Wolf <kwolf@redhat.com>
      3b5276b5
  9. 15 6月, 2010 5 次提交
  10. 04 6月, 2010 2 次提交