• Michael S. Tsirkin's avatar
    virtio: order index/descriptor reads · a821ce59
    Michael S. Tsirkin authored
    virtio has the equivalent of:
    
    	if (vq->last_avail_index != vring_avail_idx(vq)) {
    		read descriptor head at vq->last_avail_index;
    	}
    
    In theory, processor can reorder descriptor head
    read to happen speculatively before the index read.
    this would trigger the following race:
    
    	host descriptor head read <- reads invalid head from ring
    		guest writes valid descriptor head
    		guest writes avail index
    	host avail index read <- observes valid index
    
    as a result host will use an invalid head value.
    This was not observed in the field by me but after
    the experience with the previous two races
    I think it is prudent to address this theoretical race condition.
    Signed-off-by: default avatarMichael S. Tsirkin <mst@redhat.com>
    a821ce59
qemu-barrier.h 1.78 KB