qemu/include/hw/xen/xen-bus.h
Paul Durrant 3809f7583b xen: perform XenDevice clean-up in XenBus watch handler
Cleaning up offline XenDevice objects directly in
xen_device_backend_changed() is dangerous as xen_device_unrealize() will
modify the watch list that is being walked. Even the QLIST_FOREACH_SAFE()
used in notifier_list_notify() is insufficient as *two* notifiers (for
the frontend and backend watches) are removed, thus potentially rendering
the 'next' pointer unsafe.

The solution is to use the XenBus backend_watch handler to do the clean-up
instead, as it is invoked whilst walking a separate watch list.

This patch therefore adds a new 'inactive_devices' list to XenBus, to which
offline devices are added by xen_device_backend_changed(). The XenBus
backend_watch registration is also changed to not only invoke
xen_bus_enumerate() but also a new xen_bus_cleanup() function, which will
walk 'inactive_devices' and perform the necessary actions.
For safety an extra 'online' check is also added to xen_bus_type_enumerate()
to make sure that no attempt is made to create a new XenDevice object for a
backend that is offline.

NOTE: This patch also includes some cosmetic changes:
      - substitute the local variable name 'backend_state'
        in xen_bus_type_enumerate() with 'state', since there
        is no ambiguity with any other state in that context.
      - change xen_device_state_is_active() to
        xen_device_frontend_is_active() (and pass a XenDevice directly)
        since the state tests contained therein only apply to a frontend.
      - use 'state' rather then 'xendev->backend_state' in
        xen_device_backend_changed() to shorten the code.

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>
Message-Id: <20190913082159.31338-4-paul.durrant@citrix.com>
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
2019-09-24 12:18:47 +01:00

143 lines
4.8 KiB
C

/*
* Copyright (c) 2018 Citrix Systems Inc.
*
* This work is licensed under the terms of the GNU GPL, version 2 or later.
* See the COPYING file in the top-level directory.
*/
#ifndef HW_XEN_BUS_H
#define HW_XEN_BUS_H
#include "hw/xen/xen_common.h"
#include "hw/sysbus.h"
#include "qemu/notify.h"
typedef void (*XenWatchHandler)(void *opaque);
typedef struct XenWatchList XenWatchList;
typedef struct XenWatch XenWatch;
typedef struct XenEventChannel XenEventChannel;
typedef struct XenDevice {
DeviceState qdev;
domid_t frontend_id;
char *name;
struct xs_handle *xsh;
XenWatchList *watch_list;
char *backend_path, *frontend_path;
enum xenbus_state backend_state, frontend_state;
Notifier exit;
XenWatch *backend_state_watch, *frontend_state_watch;
bool backend_online;
XenWatch *backend_online_watch;
xengnttab_handle *xgth;
bool feature_grant_copy;
bool inactive;
QLIST_HEAD(, XenEventChannel) event_channels;
QLIST_ENTRY(XenDevice) list;
} XenDevice;
typedef char *(*XenDeviceGetName)(XenDevice *xendev, Error **errp);
typedef void (*XenDeviceRealize)(XenDevice *xendev, Error **errp);
typedef void (*XenDeviceFrontendChanged)(XenDevice *xendev,
enum xenbus_state frontend_state,
Error **errp);
typedef void (*XenDeviceUnrealize)(XenDevice *xendev, Error **errp);
typedef struct XenDeviceClass {
/*< private >*/
DeviceClass parent_class;
/*< public >*/
const char *backend;
const char *device;
XenDeviceGetName get_name;
XenDeviceRealize realize;
XenDeviceFrontendChanged frontend_changed;
XenDeviceUnrealize unrealize;
} XenDeviceClass;
#define TYPE_XEN_DEVICE "xen-device"
#define XEN_DEVICE(obj) \
OBJECT_CHECK(XenDevice, (obj), TYPE_XEN_DEVICE)
#define XEN_DEVICE_CLASS(class) \
OBJECT_CLASS_CHECK(XenDeviceClass, (class), TYPE_XEN_DEVICE)
#define XEN_DEVICE_GET_CLASS(obj) \
OBJECT_GET_CLASS(XenDeviceClass, (obj), TYPE_XEN_DEVICE)
typedef struct XenBus {
BusState qbus;
domid_t backend_id;
struct xs_handle *xsh;
XenWatchList *watch_list;
XenWatch *backend_watch;
QLIST_HEAD(, XenDevice) inactive_devices;
} XenBus;
typedef struct XenBusClass {
/*< private >*/
BusClass parent_class;
} XenBusClass;
#define TYPE_XEN_BUS "xen-bus"
#define XEN_BUS(obj) \
OBJECT_CHECK(XenBus, (obj), TYPE_XEN_BUS)
#define XEN_BUS_CLASS(class) \
OBJECT_CLASS_CHECK(XenBusClass, (class), TYPE_XEN_BUS)
#define XEN_BUS_GET_CLASS(obj) \
OBJECT_GET_CLASS(XenBusClass, (obj), TYPE_XEN_BUS)
void xen_bus_init(void);
void xen_device_backend_set_state(XenDevice *xendev,
enum xenbus_state state);
enum xenbus_state xen_device_backend_get_state(XenDevice *xendev);
void xen_device_backend_printf(XenDevice *xendev, const char *key,
const char *fmt, ...)
GCC_FMT_ATTR(3, 4);
void xen_device_frontend_printf(XenDevice *xendev, const char *key,
const char *fmt, ...)
GCC_FMT_ATTR(3, 4);
int xen_device_frontend_scanf(XenDevice *xendev, const char *key,
const char *fmt, ...);
void xen_device_set_max_grant_refs(XenDevice *xendev, unsigned int nr_refs,
Error **errp);
void *xen_device_map_grant_refs(XenDevice *xendev, uint32_t *refs,
unsigned int nr_refs, int prot,
Error **errp);
void xen_device_unmap_grant_refs(XenDevice *xendev, void *map,
unsigned int nr_refs, Error **errp);
typedef struct XenDeviceGrantCopySegment {
union {
void *virt;
struct {
uint32_t ref;
off_t offset;
} foreign;
} source, dest;
size_t len;
} XenDeviceGrantCopySegment;
void xen_device_copy_grant_refs(XenDevice *xendev, bool to_domain,
XenDeviceGrantCopySegment segs[],
unsigned int nr_segs, Error **errp);
typedef bool (*XenEventHandler)(void *opaque);
XenEventChannel *xen_device_bind_event_channel(XenDevice *xendev,
AioContext *ctx,
unsigned int port,
XenEventHandler handler,
void *opaque, Error **errp);
void xen_device_notify_event_channel(XenDevice *xendev,
XenEventChannel *channel,
Error **errp);
void xen_device_unbind_event_channel(XenDevice *xendev,
XenEventChannel *channel,
Error **errp);
#endif /* HW_XEN_BUS_H */