address_space_write: address_space_to_flatview needs RCU lock

qemu with hax to log dma reads & writes jcs.org/2018/11/12/vfio

address_space_write is calling address_space_to_flatview but it can
be called outside the RCU lock. To fix it, push the rcu_read_lock/unlock
pair up from flatview_write to address_space_write.

Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Paolo Bonzini 8 years ago 4c6ebbb3 785a507e

+22 -15

1 changed file

expand all

exec.c

+22 -15

exec.c

··· 3078 3078 return result; 3079 3079 } 3080 3080 3081 + /* Called from RCU critical section. */ 3081 3082 static MemTxResult flatview_write(FlatView *fv, hwaddr addr, MemTxAttrs attrs, 3082 3083 const uint8_t *buf, int len) 3083 3084 { ··· 3086 3087 MemoryRegion *mr; 3087 3088 MemTxResult result = MEMTX_OK; 3088 3089 3089 - if (len > 0) { 3090 - rcu_read_lock(); 3091 - l = len; 3092 - mr = flatview_translate(fv, addr, &addr1, &l, true); 3093 - result = flatview_write_continue(fv, addr, attrs, buf, len, 3094 - addr1, l, mr); 3095 - rcu_read_unlock(); 3096 - } 3090 + l = len; 3091 + mr = flatview_translate(fv, addr, &addr1, &l, true); 3092 + result = flatview_write_continue(fv, addr, attrs, buf, len, 3093 + addr1, l, mr); 3097 3094 3098 3095 return result; 3099 - } 3100 - 3101 - MemTxResult address_space_write(AddressSpace *as, hwaddr addr, 3102 - MemTxAttrs attrs, 3103 - const uint8_t *buf, int len) 3104 - { 3105 - return flatview_write(address_space_to_flatview(as), addr, attrs, buf, len); 3106 3096 } 3107 3097 3108 3098 /* Called within RCU critical section. */ ··· 3211 3201 { 3212 3202 return flatview_rw(address_space_to_flatview(as), 3213 3203 addr, attrs, buf, len, is_write); 3204 + } 3205 + 3206 + MemTxResult address_space_write(AddressSpace *as, hwaddr addr, 3207 + MemTxAttrs attrs, 3208 + const uint8_t *buf, int len) 3209 + { 3210 + MemTxResult result = MEMTX_OK; 3211 + FlatView *fv; 3212 + 3213 + if (len > 0) { 3214 + rcu_read_lock(); 3215 + fv = address_space_to_flatview(as); 3216 + result = flatview_write(fv, addr, attrs, buf, len); 3217 + rcu_read_unlock(); 3218 + } 3219 + 3220 + return result; 3214 3221 } 3215 3222 3216 3223 void cpu_physical_memory_rw(hwaddr addr, uint8_t *buf,