From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:33069) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bm2ij-0004dg-CQ for qemu-devel@nongnu.org; Mon, 19 Sep 2016 13:51:10 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bm2ig-0000D2-5d for qemu-devel@nongnu.org; Mon, 19 Sep 2016 13:51:09 -0400 Received: from mx1.redhat.com ([209.132.183.28]:50568) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bm2if-0000Cp-WF for qemu-devel@nongnu.org; Mon, 19 Sep 2016 13:51:06 -0400 Date: Mon, 19 Sep 2016 20:51:04 +0300 From: "Michael S. Tsirkin" Message-ID: <20160919205057-mutt-send-email-mst@kernel.org> References: <1460467534-29147-1-git-send-email-stefanha@redhat.com> <20160919180740.6a21408e.cornelia.huck@de.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20160919180740.6a21408e.cornelia.huck@de.ibm.com> Subject: Re: [Qemu-devel] [PATCH v3 00/10] virtio: avoid exit() when device enters invalid states List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Cornelia Huck Cc: Stefan Hajnoczi , qemu-devel@nongnu.org, Fam Zheng On Mon, Sep 19, 2016 at 06:07:40PM +0200, Cornelia Huck wrote: > On Tue, 12 Apr 2016 14:25:24 +0100 > Stefan Hajnoczi wrote: > > > v3: > > * Patch 1: Fix typo and clarify commit description [Markus] > > * Use virtio_set_status() instead of open coding assignment [Cornelia] > > * Add live migration > > > > v2: > > * Add VIRTIO_CONFIG_S_NEEDS_RESET notification for VIRTIO 1.0 [Cornelia] > > (Note I've sent a Linux virtio_config.h patch to get the constant added to > > the headers.) > > * Split int -> unsigned int change into separate commit [Fam] > > * Fix double "index" typo in commit description [Fam] > > > > The virtio code calls exit() when the device enters an invalid state. This > > means invalid vring indices and descriptor chains kill the VM. See the patch > > descriptions for why this is a bad thing. > > > > When the virtio device is in the broken state calls to virtqueue_pop() and > > friends will pretend the virtqueue is empty. This means the device will become > > isolated from guest activity until it is reset again. > > > > RFC because two things are missing: > > 1. Live migration support (subsection for broken flag?) > > 2. Auditing devices and replacing exit() calls there too > > > > Stefan Hajnoczi (10): > > virtio: fix stray tab character > > include: update virtio_config.h Linux header > > virtio: stop virtqueue processing if device is broken > > virtio: migrate vdev->broken flag > > virtio: handle virtqueue_map_desc() errors > > virtio: handle virtqueue_get_avail_bytes() errors > > virtio: use unsigned int for virtqueue_get_avail_bytes() index > > virtio: handle virtqueue_read_next_desc() errors > > virtio: handle virtqueue_num_heads() errors > > virtio: handle virtqueue_get_head() errors > > > > hw/virtio/virtio.c | 223 +++++++++++++++++++------ > > include/hw/virtio/virtio.h | 3 + > > include/standard-headers/linux/virtio_config.h | 2 + > > 3 files changed, 181 insertions(+), 47 deletions(-) > > > > As the exit-in-virtio question has popped up several times in the > recent past: I think we should go forward with this series, even if we > still need to look at the individual devices. Do you have a version > that fits on current master? I agree.