diff options
| author | Greg Kurz <gkurz@linux.vnet.ibm.com> | 2016-03-11 19:48:47 +0100 |
|---|---|---|
| committer | Timothy Pearson <tpearson@raptorengineering.com> | 2019-11-29 19:49:38 -0600 |
| commit | 8499432a46b06bc7ba2899825e0276ae47ebb078 (patch) | |
| tree | 00fcba6805fa6bc1be60a8ae12a45f1d525d9f99 /hw/vfio | |
| parent | ea88fafec83ee659e4067e65f488e5bdf01f6faf (diff) | |
| download | hqemu-8499432a46b06bc7ba2899825e0276ae47ebb078.zip hqemu-8499432a46b06bc7ba2899825e0276ae47ebb078.tar.gz | |
spapr_rng: fix race with main loop
Since commit "60253ed1e6ec rng: add request queue support to rng-random",
the use of a spapr_rng device may hang vCPU threads.
The following path is taken without holding the lock to the main loop mutex:
h_random()
rng_backend_request_entropy()
rng_random_request_entropy()
qemu_set_fd_handler()
The consequence is that entropy_available() may be called before the vCPU
thread could even queue the request: depending on the scheduling, it may
happen that entropy_available() does not call random_recv()->qemu_sem_post().
The vCPU thread will then sleep forever in h_random()->qemu_sem_wait().
This could not happen before 60253ed1e6ec because entropy_available() used
to call random_recv() unconditionally.
This patch ensures the lock is held to avoid the race.
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Reviewed-by: Cédric Le Goater <clg@fr.ibm.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Diffstat (limited to 'hw/vfio')
0 files changed, 0 insertions, 0 deletions
