On Fri, Jun 9, 2023 at 3:28 PM Laurent Vivier <[email protected]> wrote: > > The socket netdev with a file descriptor (fd) cannot be removed > and then added again because the fd is closed when the backend is > removed and thus is not available anymore when we want to add the > backend again. > > But this can bring to a core dump: > 1- boot a VM with an fd socket netdev > 2- remove the netdev > 3- reboot > 4- add the netdev again, it fails because the fd is not a > socket, and then closed > 5- stop QEMU -> core dump > > On reboot (step 3) the fd is allocated to another use in QEMU, and when > we try to use it with a socket netdev, it fails. But the netdev backend > closes the file descriptor that is in use by another part of QEMU. > We can see the core dump on QEMU exit because it tries to close > an invalid file descriptor. > > It happens for instance when we have a PCI device and the fd is allocated > to a VirtIOIRQFD on reboot. > > Moreover, using "netdev socket,fd=X" allows an user to close any QEMU > internal file descriptor from an HMP or QMP interface. > > Laurent Vivier (3): > net: socket: prepare to cleanup net_init_socket() > net: socket: move fd type checking to its own function > net: socket: remove net_init_socket() > > net/socket.c | 53 +++++++++++++++++++++++++++------------------------- > 1 file changed, 28 insertions(+), 25 deletions(-)
Queued. Thanks > > -- > 2.39.2 > >
