Commit c4f75385 authored Oct 08, 2018 by Ilya Maximets Committed by Dr. David Alan Gilbert Oct 11, 2018

vhost-user: Fix userfaultfd leak



'fd' received from the vhost side is never freed.
Also, everything (including 'postcopy_listen' state) should be
cleaned up on vhost cleanup.

Fixes: 46343570 ("vhost+postcopy: Wire up POSTCOPY_END notify")
Fixes: f82c1116 ("vhost+postcopy: Register shared ufd with postcopy")
Cc: qemu-stable@nongnu.org
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Message-Id: <20181008160536.6332-3-i.maximets@samsung.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>

parent 55d0fe82

hw/virtio/vhost-user.c

+7 −0

Original line number	Diff line number	Diff line
		@@ -1291,6 +1291,7 @@ static int vhost_user_postcopy_end(struct vhost_dev dev, Error *errp)
		return ret;
		}
		postcopy_unregister_shared_ufd(&u->postcopy_fd);
		close(u->postcopy_fd.fd);
		u->postcopy_fd.handler = NULL;

		trace_vhost_user_postcopy_end_exit();
		@@ -1430,6 +1431,12 @@ static int vhost_user_backend_cleanup(struct vhost_dev *dev)
		postcopy_remove_notifier(&u->postcopy_notifier);
		u->postcopy_notifier.notify = NULL;
		}
		u->postcopy_listen = false;
		if (u->postcopy_fd.handler) {
		postcopy_unregister_shared_ufd(&u->postcopy_fd);
		close(u->postcopy_fd.fd);
		u->postcopy_fd.handler = NULL;
		}
		if (u->slave_fd >= 0) {
		qemu_set_fd_handler(u->slave_fd, NULL, NULL, NULL);
		close(u->slave_fd);