virtio: update MemoryRegionCaches when guest set bad features
authorLi Qiang <liq3ea@163.com>
Sat, 19 Sep 2020 08:27:06 +0000 (01:27 -0700)
committerMichael S. Tsirkin <mst@redhat.com>
Tue, 29 Sep 2020 06:15:24 +0000 (02:15 -0400)
commit2d69eba5fe52045b2c8b0d04fd3806414352afc1
tree6790a25a6d1fca04016cd6455d5710a59b3e5b8a
parenta6704a34cf02add13964149e0de6453ae62bd9db
virtio: update MemoryRegionCaches when guest set bad features

Current the 'virtio_set_features' only update the 'MemorRegionCaches'
when the 'virtio_set_features_nocheck' return '0' which means it is
not bad features. However the guest can still trigger the access of the
used vring after set bad features. In this situation it will cause assert
failure in 'ADDRESS_SPACE_ST_CACHED'.

Buglink: https://bugs.launchpad.net/qemu/+bug/1890333
Fixes: db812c4073c7 ("virtio: update MemoryRegionCaches when guest negotiates features")
Reported-by: Alexander Bulekov <alxndr@bu.edu>
Signed-off-by: Li Qiang <liq3ea@163.com>
Message-Id: <20200919082706.6703-1-liq3ea@163.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
hw/virtio/virtio.c