qemu/hw/core
Michael Roth f7b879e072 qdev: defer DEVICE_DEL event until instance_finalize()
DEVICE_DEL is currently emitted when a Device is unparented, as
opposed to when it is finalized. The main design motivation for this
seems to be that after unparent()/unrealize(), the Device is no
longer visible to the guest, and thus the operation is complete
from the perspective of management.

However, there are cases where remaining host-side cleanup is also
pertinent to management. The is generally handled by treating these
resources as aspects of the "backend", which can be managed via
separate interfaces/events, such as blockdev_add/del, netdev_add/del,
object_add/del, etc, but some devices do not have this level of
compartmentalization, namely vfio-pci, and possibly to lend themselves
well to it.

In the case of vfio-pci, the "backend" cleanup happens as part of
the finalization of the vfio-pci device itself, in particular the
cleanup of the VFIO group FD. Failing to wait for this cleanup can
result in tools like libvirt attempting to rebind the device to
the host while it's still being used by VFIO, which can result in
host crashes or other misbehavior depending on the host driver.

Deferring DEVICE_DEL still affords us the ability to manage backends
explicitly, while also addressing cases like vfio-pci's, so we
implement that approach here.

An alternative proposal involving having VFIO emit a separate event
to denote completion of host-side cleanup was discussed, but the
prevailing opinion seems to be that it is not worth the added
complexity, and leaves the issue open for other Device implementations
to solve in the future.

Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
Tested-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Message-Id: <20171016222315.407-4-mdroth@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-10-18 10:34:50 +02:00
..
bus.c bus: do not unref hotplug handler 2017-03-01 11:51:28 +04:00
empty_slot.c hw/core: Clean up includes 2016-01-29 15:07:25 +00:00
fw-path-provider.c hw/core: Clean up includes 2016-01-29 15:07:25 +00:00
generic-loader.c hw/core/generic-loader: Fix crash when running without CPU 2017-05-10 10:19:23 +03:00
hotplug.c qdev: hotplug: drop HotplugHandler.post_plug callback 2016-11-15 17:20:37 +02:00
irq.c tcg: drop global lock during TCG code execution 2017-02-24 10:32:45 +00:00
loader-fit.c loader: Support Flattened Image Trees (FIT images) 2017-02-21 23:47:40 +00:00
loader.c fw_cfg: rename read callback 2017-09-08 16:15:17 +03:00
machine.c machine: Add a valid_cpu_types property 2017-10-09 23:21:52 -03:00
Makefile.objs hw/core: nmi.c can be compiled as common-obj nowadays 2017-06-05 17:23:36 +03:00
nmi.c nmi: remove x86 specific nmi handling 2016-05-23 16:53:46 +02:00
null-machine.c hw/core/null-machine: Print error message when using the -kernel parameter 2017-04-20 15:22:41 -03:00
or-irq.c qdev: Replace cannot_instantiate_with_device_add_yet with !user_creatable 2017-05-17 10:37:00 -03:00
platform-bus.c platform-bus: use get_uint() for "addr" property 2017-06-20 14:31:32 +02:00
ptimer.c qemu-timer: do not include sysemu/cpus.h from util/qemu-timer.h 2017-03-14 13:28:18 +01:00
qdev-properties-system.c qdev: Add const qualifier to PropertyInfo definitions 2017-07-14 12:04:42 +02:00
qdev-properties.c qapi: Change data type of the FOO_lookup generated for enum FOO 2017-09-04 13:09:13 +02:00
qdev.c qdev: defer DEVICE_DEL event until instance_finalize() 2017-10-18 10:34:50 +02:00
register.c register: display register prefix (name) since it is available 2017-06-04 18:42:55 +03:00
reset.c hw: move reset handlers from vl.c to hw/core 2017-01-16 17:52:35 +01:00
stream.c hw/core: Clean up includes 2016-01-29 15:07:25 +00:00
sysbus.c sysbus: Set user_creatable=false by default on TYPE_SYS_BUS_DEVICE 2017-05-17 10:37:01 -03:00
uboot_image.h Clean up ill-advised or unusual header guards 2016-07-12 16:20:46 +02:00