[Virtio-fs] [PATCH v3] virtiofsd: stop all queue threads on exit in virtio_loop()
Stefan Hajnoczi
stefanha at redhat.com
Tue Jan 7 16:58:02 UTC 2020
On Tue, Jan 07, 2020 at 12:15:21PM +0800, Eryu Guan wrote:
> On guest graceful shutdown, virtiofsd receives VHOST_USER_GET_VRING_BASE
> request from VMM and shuts down virtqueues by calling fv_set_started(),
> which joins fv_queue_thread() threads. So when virtio_loop() returns,
> there should be no thread is still accessing data in fuse session and/or
> virtio dev.
>
> But on abnormal exit, e.g. guest got killed for whatever reason,
> vhost-user socket is closed and virtio_loop() breaks out the main loop
> and returns to main(). But it's possible fv_queue_worker()s are still
> working and accessing fuse session and virtio dev, which results in
> crash or use-after-free.
>
> Fix it by stopping fv_queue_thread()s before virtio_loop() returns,
> to make sure there's no-one could access fuse session and virtio dev.
>
> Reported-by: Qingming Su <qingming.su at linux.alibaba.com>
> Signed-off-by: Eryu Guan <eguan at linux.alibaba.com>
> ---
> v3:
> - stopping fv_queue_thread by writing to qi->kill_fd instead of
> cancelling thread, as suggested by Stefan Hajnoczi
>
> v2:
> - cancelling fv_queue_thread before exit
>
> v1: virtiofsd: sync FUSE_DESTROY with session destroy
> https://www.redhat.com/archives/virtio-fs/2019-December/msg00051.html
>
> tools/virtiofsd/fuse_virtio.c | 56 +++++++++++++++++++++++++++++--------------
> 1 file changed, 38 insertions(+), 18 deletions(-)
Reviewed-by: Stefan Hajnoczi <stefanha at redhat.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/virtio-fs/attachments/20200107/63d30724/attachment.sig>
More information about the Virtio-fs
mailing list