From nobody Sun May 19 03:38:11 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1493286452309581.0856640350322; Thu, 27 Apr 2017 02:47:32 -0700 (PDT) Received: from localhost ([::1]:59691 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d3g1K-0005hg-Tr for importer@patchew.org; Thu, 27 Apr 2017 05:47:30 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50032) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d3fzm-0004ZG-2t for qemu-devel@nongnu.org; Thu, 27 Apr 2017 05:45:54 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1d3fzi-0000wO-6W for qemu-devel@nongnu.org; Thu, 27 Apr 2017 05:45:54 -0400 Received: from 17.mo5.mail-out.ovh.net ([46.105.56.132]:36500) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1d3fzh-0000uv-VL for qemu-devel@nongnu.org; Thu, 27 Apr 2017 05:45:50 -0400 Received: from player786.ha.ovh.net (b6.ovh.net [213.186.33.56]) by mo5.mail-out.ovh.net (Postfix) with ESMTP id 084D8E8258 for ; Thu, 27 Apr 2017 11:45:46 +0200 (CEST) Received: from [192.168.0.243] (gar31-1-82-66-74-139.fbx.proxad.net [82.66.74.139]) (Authenticated sender: groug@kaod.org) by player786.ha.ovh.net (Postfix) with ESMTPA id C2B2B80097; Thu, 27 Apr 2017 11:45:42 +0200 (CEST) From: Greg Kurz To: qemu-devel@nongnu.org Date: Thu, 27 Apr 2017 11:45:42 +0200 Message-ID: <149328634220.30266.1628882080436632549.stgit@bahia> In-Reply-To: <149328633283.30266.4224847428546759127.stgit@bahia> References: <149328633283.30266.4224847428546759127.stgit@bahia> User-Agent: StGit/0.17.1-20-gc0b1b-dirty MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Ovh-Tracer-Id: 13675461746628139441 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: -100 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrfeeliedrgeeigddukecutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 46.105.56.132 Subject: [Qemu-devel] [PATCH v2 1/4] fsdev: don't allow unknown format in marshal/unmarshal X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Stefano Stabellini , Greg Kurz , "Michael S. Tsirkin" Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 The code only uses well known format strings. An unknown format token is a bug. Signed-off-by: Greg Kurz Reviewed-by: Stefano Stabellini --- fsdev/9p-iov-marshal.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fsdev/9p-iov-marshal.c b/fsdev/9p-iov-marshal.c index 1d16f8df4bd4..a1c9beddd2e7 100644 --- a/fsdev/9p-iov-marshal.c +++ b/fsdev/9p-iov-marshal.c @@ -168,7 +168,7 @@ ssize_t v9fs_iov_vunmarshal(struct iovec *out_sg, int o= ut_num, size_t offset, break; } default: - break; + g_assert_not_reached(); } if (copied < 0) { return copied; @@ -281,7 +281,7 @@ ssize_t v9fs_iov_vmarshal(struct iovec *in_sg, int in_n= um, size_t offset, break; } default: - break; + g_assert_not_reached(); } if (copied < 0) { return copied; From nobody Sun May 19 03:38:11 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1493286467936428.3291692406917; Thu, 27 Apr 2017 02:47:47 -0700 (PDT) Received: from localhost ([::1]:59692 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d3g1a-0005zo-HC for importer@patchew.org; Thu, 27 Apr 2017 05:47:46 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50071) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d3fzs-0004eC-GI for qemu-devel@nongnu.org; Thu, 27 Apr 2017 05:46:04 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1d3fzo-00010B-Ja for qemu-devel@nongnu.org; Thu, 27 Apr 2017 05:46:00 -0400 Received: from 9.mo5.mail-out.ovh.net ([178.32.96.204]:45885) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1d3fzo-0000yO-8n for qemu-devel@nongnu.org; Thu, 27 Apr 2017 05:45:56 -0400 Received: from player786.ha.ovh.net (b6.ovh.net [213.186.33.56]) by mo5.mail-out.ovh.net (Postfix) with ESMTP id D3D52E8CC0 for ; Thu, 27 Apr 2017 11:45:54 +0200 (CEST) Received: from [192.168.0.243] (gar31-1-82-66-74-139.fbx.proxad.net [82.66.74.139]) (Authenticated sender: groug@kaod.org) by player786.ha.ovh.net (Postfix) with ESMTPA id 9B854800A6; Thu, 27 Apr 2017 11:45:51 +0200 (CEST) From: Greg Kurz To: qemu-devel@nongnu.org Date: Thu, 27 Apr 2017 11:45:51 +0200 Message-ID: <149328635105.30266.13681288439634920908.stgit@bahia> In-Reply-To: <149328633283.30266.4224847428546759127.stgit@bahia> References: <149328633283.30266.4224847428546759127.stgit@bahia> User-Agent: StGit/0.17.1-20-gc0b1b-dirty MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Ovh-Tracer-Id: 13677995021828725169 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: -100 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrfeeliedrgeeigddukecutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 178.32.96.204 Subject: [Qemu-devel] [PATCH v2 2/4] 9pfs: drop pdu_push_and_notify() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Stefano Stabellini , Greg Kurz , "Michael S. Tsirkin" Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Only pdu_complete() needs to notify the client that a request has completed. Signed-off-by: Greg Kurz Reviewed-by: Stefano Stabellini --- hw/9pfs/9p.c | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c index c80ba67389ce..01deffa0c3b5 100644 --- a/hw/9pfs/9p.c +++ b/hw/9pfs/9p.c @@ -65,11 +65,6 @@ ssize_t pdu_unmarshal(V9fsPDU *pdu, size_t offset, const= char *fmt, ...) return ret; } =20 -static void pdu_push_and_notify(V9fsPDU *pdu) -{ - pdu->s->transport->push_and_notify(pdu); -} - static int omode_to_uflags(int8_t mode) { int ret =3D 0; @@ -668,7 +663,7 @@ static void coroutine_fn pdu_complete(V9fsPDU *pdu, ssi= ze_t len) pdu->size =3D len; pdu->id =3D id; =20 - pdu_push_and_notify(pdu); + pdu->s->transport->push_and_notify(pdu); =20 /* Now wakeup anybody waiting in flush for this request */ if (!qemu_co_queue_next(&pdu->complete)) { From nobody Sun May 19 03:38:11 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1493286481647778.2644975559227; Thu, 27 Apr 2017 02:48:01 -0700 (PDT) Received: from localhost ([::1]:59693 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d3g1o-0006LN-BR for importer@patchew.org; Thu, 27 Apr 2017 05:48:00 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50118) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d3g04-0004mG-Ob for qemu-devel@nongnu.org; Thu, 27 Apr 2017 05:46:16 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1d3fzx-00014V-JI for qemu-devel@nongnu.org; Thu, 27 Apr 2017 05:46:09 -0400 Received: from 10.mo5.mail-out.ovh.net ([46.105.52.148]:54998) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1d3fzx-00013k-DC for qemu-devel@nongnu.org; Thu, 27 Apr 2017 05:46:05 -0400 Received: from player786.ha.ovh.net (b6.ovh.net [213.186.33.56]) by mo5.mail-out.ovh.net (Postfix) with ESMTP id B019FEA135 for ; Thu, 27 Apr 2017 11:46:03 +0200 (CEST) Received: from [192.168.0.243] (gar31-1-82-66-74-139.fbx.proxad.net [82.66.74.139]) (Authenticated sender: groug@kaod.org) by player786.ha.ovh.net (Postfix) with ESMTPA id 7058B80096; Thu, 27 Apr 2017 11:46:00 +0200 (CEST) From: Greg Kurz To: qemu-devel@nongnu.org Date: Thu, 27 Apr 2017 11:46:00 +0200 Message-ID: <149328635990.30266.18017778280983307695.stgit@bahia> In-Reply-To: <149328633283.30266.4224847428546759127.stgit@bahia> References: <149328633283.30266.4224847428546759127.stgit@bahia> User-Agent: StGit/0.17.1-20-gc0b1b-dirty MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Ovh-Tracer-Id: 13680528293085157809 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: -100 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrfeeliedrgeeigddukecutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 46.105.52.148 Subject: [Qemu-devel] [PATCH v2 3/4] virtio-9p: factor out virtio_9p_error_err() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Stefano Stabellini , Greg Kurz , "Michael S. Tsirkin" Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 When an unrecoverable is hit, we need to set the broken flag of the virtio device, detach the queue element and free it. This is currently open coded in handle_9p_output(). It is fine since this is the only function that can set the broken flag. But if we want to be able to do this from other places, we must consolidate the logic in a helper. Signed-off-by: Greg Kurz -- v2: - rely on the existing virtio_error() API --- hw/9pfs/virtio-9p-device.c | 35 ++++++++++++++++++++--------------- 1 file changed, 20 insertions(+), 15 deletions(-) diff --git a/hw/9pfs/virtio-9p-device.c b/hw/9pfs/virtio-9p-device.c index 3782f437029b..c71659823fdc 100644 --- a/hw/9pfs/virtio-9p-device.c +++ b/hw/9pfs/virtio-9p-device.c @@ -22,21 +22,32 @@ =20 static const struct V9fsTransport virtio_9p_transport; =20 +static void virtio_9p_free_element(V9fsVirtioState *v, unsigned int idx) +{ + VirtQueueElement **pelem =3D &v->elems[idx]; + g_free(*pelem); + *pelem =3D NULL; +} + static void virtio_9p_push_and_notify(V9fsPDU *pdu) { V9fsState *s =3D pdu->s; V9fsVirtioState *v =3D container_of(s, V9fsVirtioState, state); - VirtQueueElement *elem =3D v->elems[pdu->idx]; =20 /* push onto queue and notify */ - virtqueue_push(v->vq, elem, pdu->size); - g_free(elem); - v->elems[pdu->idx] =3D NULL; + virtqueue_push(v->vq, v->elems[pdu->idx], pdu->size); + virtio_9p_free_element(v, pdu->idx); =20 /* FIXME: we should batch these completions */ virtio_notify(VIRTIO_DEVICE(v), v->vq); } =20 +#define virtio_9p_error(v, idx, ...) { \ + virtio_error(VIRTIO_DEVICE(v), ## __VA_ARGS__); \ + virtqueue_detach_element(v->vq, v->elems[idx], 0); \ + virtio_9p_free_element(v, idx); \ +} + static void handle_9p_output(VirtIODevice *vdev, VirtQueue *vq) { V9fsVirtioState *v =3D (V9fsVirtioState *)vdev; @@ -52,22 +63,19 @@ static void handle_9p_output(VirtIODevice *vdev, VirtQu= eue *vq) if (!elem) { goto out_free_pdu; } + v->elems[pdu->idx] =3D elem; =20 if (elem->in_num =3D=3D 0) { - virtio_error(vdev, - "The guest sent a VirtFS request without space fo= r " - "the reply"); - goto out_free_req; + virtio_9p_error(v, pdu->idx, "The guest sent a VirtFS request = without space for the reply"); + goto out_free_pdu; } QEMU_BUILD_BUG_ON(sizeof(out) !=3D 7); =20 - v->elems[pdu->idx] =3D elem; len =3D iov_to_buf(elem->out_sg, elem->out_num, 0, &out, sizeof(out)); if (len !=3D sizeof(out)) { - virtio_error(vdev, "The guest sent a malformed VirtFS request:= " - "header size is %zd, should be 7", len); - goto out_free_req; + virtio_9p_error(v, pdu->idx, "The guest sent a malformed VirtF= S request: header size is %zd, should be 7", len); + goto out_free_pdu; } =20 pdu->size =3D le32_to_cpu(out.size_le); @@ -81,9 +89,6 @@ static void handle_9p_output(VirtIODevice *vdev, VirtQueu= e *vq) =20 return; =20 -out_free_req: - virtqueue_detach_element(vq, elem, 0); - g_free(elem); out_free_pdu: pdu_free(pdu); } From nobody Sun May 19 03:38:11 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 149328654105912.4513865174398; Thu, 27 Apr 2017 02:49:01 -0700 (PDT) Received: from localhost ([::1]:59695 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d3g2l-0007I5-Oz for importer@patchew.org; Thu, 27 Apr 2017 05:48:59 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50216) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d3g0B-0004rN-Cf for qemu-devel@nongnu.org; Thu, 27 Apr 2017 05:46:20 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1d3g07-0001Dz-A8 for qemu-devel@nongnu.org; Thu, 27 Apr 2017 05:46:19 -0400 Received: from 1.mo5.mail-out.ovh.net ([188.165.57.91]:42911) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1d3g07-0001Cp-12 for qemu-devel@nongnu.org; Thu, 27 Apr 2017 05:46:15 -0400 Received: from player786.ha.ovh.net (b6.ovh.net [213.186.33.56]) by mo5.mail-out.ovh.net (Postfix) with ESMTP id A1259EA128 for ; Thu, 27 Apr 2017 11:46:13 +0200 (CEST) Received: from [192.168.0.243] (gar31-1-82-66-74-139.fbx.proxad.net [82.66.74.139]) (Authenticated sender: groug@kaod.org) by player786.ha.ovh.net (Postfix) with ESMTPA id 5BFDB80072; Thu, 27 Apr 2017 11:46:10 +0200 (CEST) From: Greg Kurz To: qemu-devel@nongnu.org Date: Thu, 27 Apr 2017 11:46:08 +0200 Message-ID: <149328636874.30266.8813988060953128881.stgit@bahia> In-Reply-To: <149328633283.30266.4224847428546759127.stgit@bahia> References: <149328633283.30266.4224847428546759127.stgit@bahia> User-Agent: StGit/0.17.1-20-gc0b1b-dirty MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Ovh-Tracer-Id: 13683343046820207025 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: -100 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrfeeliedrgeeigddukecutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 188.165.57.91 Subject: [Qemu-devel] [PATCH v2 4/4] 9pfs: handle broken transport X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Stefano Stabellini , Greg Kurz , "Michael S. Tsirkin" Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 The 9p protocol is transport agnostic: if an error occurs when copying data to/from the client, this should be handled by the transport layer [1] and the 9p server should simply stop processing requests [2]. [1] can be implemented in the transport marshal/unmarshal handlers. In the case of virtio, this means calling virtio_error() to inform the guest that the device isn't functional anymore. [2] means that the pdu_complete() function shouldn't send a reply back to the client if the transport had a failure. This cannot be decided using the current error path though, since we cannot discriminate if the error comes from the transport or the backend. This patch hence introduces a flag in the 9pfs state to record that the transport is broken. The device needs to be reset for the flag to be unset. This fixes Coverity issue CID 1348518. Signed-off-by: Greg Kurz --- v2: - use unlikely() when checking if the transport is broken - fail marshal/unmarshal if transport is broken - v9fs_xattr_read() mark transport as broken if v9fs_pack() fails --- hw/9pfs/9p.c | 45 ++++++++++++++++++++++++++++++++++++----= ---- hw/9pfs/9p.h | 1 + hw/9pfs/virtio-9p-device.c | 16 ++++++++++++++-- 3 files changed, 52 insertions(+), 10 deletions(-) diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c index 01deffa0c3b5..406c1937ed21 100644 --- a/hw/9pfs/9p.c +++ b/hw/9pfs/9p.c @@ -46,10 +46,17 @@ ssize_t pdu_marshal(V9fsPDU *pdu, size_t offset, const = char *fmt, ...) ssize_t ret; va_list ap; =20 + if (unlikely(pdu->s->transport_broken)) { + return -EIO; + } + va_start(ap, fmt); ret =3D pdu->s->transport->pdu_vmarshal(pdu, offset, fmt, ap); va_end(ap); =20 + if (ret < 0) { + pdu->s->transport_broken =3D true; + } return ret; } =20 @@ -58,10 +65,17 @@ ssize_t pdu_unmarshal(V9fsPDU *pdu, size_t offset, cons= t char *fmt, ...) ssize_t ret; va_list ap; =20 + if (unlikely(pdu->s->transport_broken)) { + return -EIO; + } + va_start(ap, fmt); ret =3D pdu->s->transport->pdu_vunmarshal(pdu, offset, fmt, ap); va_end(ap); =20 + if (ret < 0) { + pdu->s->transport_broken =3D true; + } return ret; } =20 @@ -624,15 +638,15 @@ void pdu_free(V9fsPDU *pdu) QLIST_INSERT_HEAD(&s->free_list, pdu, next); } =20 -/* - * We don't do error checking for pdu_marshal/unmarshal here - * because we always expect to have enough space to encode - * error details - */ static void coroutine_fn pdu_complete(V9fsPDU *pdu, ssize_t len) { int8_t id =3D pdu->id + 1; /* Response */ V9fsState *s =3D pdu->s; + int ret; + + if (unlikely(s->transport_broken)) { + goto out_complete; + } =20 if (len < 0) { int err =3D -len; @@ -644,11 +658,19 @@ static void coroutine_fn pdu_complete(V9fsPDU *pdu, s= size_t len) str.data =3D strerror(err); str.size =3D strlen(str.data); =20 - len +=3D pdu_marshal(pdu, len, "s", &str); + ret =3D pdu_marshal(pdu, len, "s", &str); + if (ret < 0) { + goto out_complete; + } + len +=3D ret; id =3D P9_RERROR; } =20 - len +=3D pdu_marshal(pdu, len, "d", err); + ret =3D pdu_marshal(pdu, len, "d", err); + if (ret < 0) { + goto out_complete; + } + len +=3D ret; =20 if (s->proto_version =3D=3D V9FS_PROTO_2000L) { id =3D P9_RLERROR; @@ -657,7 +679,10 @@ static void coroutine_fn pdu_complete(V9fsPDU *pdu, ss= ize_t len) } =20 /* fill out the header */ - pdu_marshal(pdu, 0, "dbw", (int32_t)len, id, pdu->tag); + ret =3D pdu_marshal(pdu, 0, "dbw", (int32_t)len, id, pdu->tag); + if (ret < 0) { + goto out_complete; + } =20 /* keep these in sync */ pdu->size =3D len; @@ -665,6 +690,7 @@ static void coroutine_fn pdu_complete(V9fsPDU *pdu, ssi= ze_t len) =20 pdu->s->transport->push_and_notify(pdu); =20 +out_complete: /* Now wakeup anybody waiting in flush for this request */ if (!qemu_co_queue_next(&pdu->complete)) { pdu_free(pdu); @@ -1702,6 +1728,7 @@ static int v9fs_xattr_read(V9fsState *s, V9fsPDU *pdu= , V9fsFidState *fidp, read_count); qemu_iovec_destroy(&qiov_full); if (err < 0) { + s->transport_broken =3D true; return err; } offset +=3D err; @@ -3596,6 +3623,8 @@ void v9fs_reset(V9fsState *s) while (!data.done) { aio_poll(qemu_get_aio_context(), true); } + + s->transport_broken =3D false; } =20 static void __attribute__((__constructor__)) v9fs_set_fd_limit(void) diff --git a/hw/9pfs/9p.h b/hw/9pfs/9p.h index 5312d8a42405..145d0c87dd6a 100644 --- a/hw/9pfs/9p.h +++ b/hw/9pfs/9p.h @@ -246,6 +246,7 @@ typedef struct V9fsState Error *migration_blocker; V9fsConf fsconf; V9fsQID root_qid; + bool transport_broken; } V9fsState; =20 /* 9p2000.L open flags */ diff --git a/hw/9pfs/virtio-9p-device.c b/hw/9pfs/virtio-9p-device.c index c71659823fdc..9e61fbf7c63e 100644 --- a/hw/9pfs/virtio-9p-device.c +++ b/hw/9pfs/virtio-9p-device.c @@ -158,8 +158,14 @@ static ssize_t virtio_pdu_vmarshal(V9fsPDU *pdu, size_= t offset, V9fsState *s =3D pdu->s; V9fsVirtioState *v =3D container_of(s, V9fsVirtioState, state); VirtQueueElement *elem =3D v->elems[pdu->idx]; + int ret; =20 - return v9fs_iov_vmarshal(elem->in_sg, elem->in_num, offset, 1, fmt, ap= ); + ret =3D v9fs_iov_vmarshal(elem->in_sg, elem->in_num, offset, 1, fmt, a= p); + if (ret < 0) { + virtio_9p_error(v, pdu->idx, + "Failed to marshal VirtFS reply type %d", pdu->id); + } + return ret; } =20 static ssize_t virtio_pdu_vunmarshal(V9fsPDU *pdu, size_t offset, @@ -168,8 +174,14 @@ static ssize_t virtio_pdu_vunmarshal(V9fsPDU *pdu, siz= e_t offset, V9fsState *s =3D pdu->s; V9fsVirtioState *v =3D container_of(s, V9fsVirtioState, state); VirtQueueElement *elem =3D v->elems[pdu->idx]; + int ret; =20 - return v9fs_iov_vunmarshal(elem->out_sg, elem->out_num, offset, 1, fmt= , ap); + ret =3D v9fs_iov_vunmarshal(elem->out_sg, elem->out_num, offset, 1, fm= t, ap); + if (ret < 0) { + virtio_9p_error(v, pdu->idx, + "Failed to unmarshal VirtFS request type %d", pdu-= >id); + } + return ret; } =20 /* The size parameter is used by other transports. Do not drop it. */