From: Michael S. Tsirkin <mst@redhat.com>
Date: Mon, 7 Oct 2019 17:56:59 +0000 (-0400)
Subject: vhost/test: stop device before reset
X-Git-Tag: v5.4-rc4~29^2
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=245cdd9fbd396483d501db83047116e2530f245f;p=platform%2Fkernel%2Flinux-rpi.git

vhost/test: stop device before reset

When device stop was moved out of reset, test device wasn't updated to
stop before reset, this resulted in a use after free.  Fix by invoking
stop appropriately.

Fixes: b211616d7125 ("vhost: move -net specific code out")
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
---

diff --git a/drivers/vhost/test.c b/drivers/vhost/test.c
index 7804869..0563080 100644
--- a/drivers/vhost/test.c
+++ b/drivers/vhost/test.c
@@ -161,6 +161,7 @@ static int vhost_test_release(struct inode *inode, struct file *f)
 
 	vhost_test_stop(n, &private);
 	vhost_test_flush(n);
+	vhost_dev_stop(&n->dev);
 	vhost_dev_cleanup(&n->dev);
 	/* We do an extra flush before freeing memory,
 	 * since jobs can re-queue themselves. */
@@ -237,6 +238,7 @@ static long vhost_test_reset_owner(struct vhost_test *n)
 	}
 	vhost_test_stop(n, &priv);
 	vhost_test_flush(n);
+	vhost_dev_stop(&n->dev);
 	vhost_dev_reset_owner(&n->dev, umem);
 done:
 	mutex_unlock(&n->dev.mutex);