git.proxmox.com Git - mirror

author	Laszlo Ersek <lersek@redhat.com>
	Fri, 16 Oct 2015 19:52:24 +0000 (19:52 +0000)
committer	lersek <lersek@Edk2>
	Fri, 16 Oct 2015 19:52:24 +0000 (19:52 +0000)
commit	fcb636ea4244cb29d3f6a6d938dd9f7692ecfa7c
tree	47edee84837f0496e5bfc1d28e497d74199e15c4	tree
parent	fbc80813eeb0cff1c102666046a4483bf44b7414	commit \| diff

OvmfPkg: VirtioBlkDxe: reset device at ExitBootServices()

(1) VirtioLib allocates the virtio ring in EfiBootServicesData memory.
    (This is intentional.) Code that executes after ExitBootServices() is
    permitted to reuse such memory.

(2) The hypervisor is allowed to look at, and act upon, a live virtio ring
    at any time, even without explicit virtio kicks from the guest.

Should boot loader code or kernel code, running between ExitBootServices()
and the kernel's own virtio drivers resetting the device, overwrite the
pages that used to contain the virtio ring before ExitBootServices(), QEMU
could theoretically interpret that unrelated data as garbage ring
contents, and abort the guest.

Although we have seen no such reports, better be prudent and reset the
device in an ExitBootServices() event handler. Among other things, this
causes QEMU to forget about the device's virtio ring.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18624 6f19259b-4bc3-4df7-8a09-765794883524

OvmfPkg/VirtioBlkDxe/VirtioBlk.c		diff \| blob \| blame \| history
OvmfPkg/VirtioBlkDxe/VirtioBlk.h		diff \| blob \| blame \| history