Xuan Zhuo
2021-Oct-19 11:52 UTC
[PATCH v4 0/2] virtio_ring: check desc == NULL when packed and indirect
In the case of packed, use indirect desc, since desc is allocated by kmalloc_array(), we should check whether its return value is NULL. v4: Inside the #2 patch, virtqueue_add_indirect_packed() return -EAGAIN when desc == NULL. v3: Update commit message of the #1 patch. v2: Separate the style fix into a single patch. Xuan Zhuo (2): virtio_ring: fix style of virtqueue_add_indirect_packed virtio_ring: check desc == NULL when using indirect with packed drivers/virtio/virtio_ring.c | 25 ++++++++++++++++--------- 1 file changed, 16 insertions(+), 9 deletions(-) -- 2.31.0
Xuan Zhuo
2021-Oct-19 11:52 UTC
[PATCH v4 1/2] virtio_ring: fix style of virtqueue_add_indirect_packed
Align the arguments of virtqueue_add_indirect_packed() to the open ( to make it look prettier. Signed-off-by: Xuan Zhuo <xuanzhuo at linux.alibaba.com> Acked-by: Jason Wang <jasowang at redhat.com> --- drivers/virtio/virtio_ring.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c index dd95dfd85e98..91a46c4da87d 100644 --- a/drivers/virtio/virtio_ring.c +++ b/drivers/virtio/virtio_ring.c @@ -1050,12 +1050,12 @@ static struct vring_packed_desc *alloc_indirect_packed(unsigned int total_sg, } static int virtqueue_add_indirect_packed(struct vring_virtqueue *vq, - struct scatterlist *sgs[], - unsigned int total_sg, - unsigned int out_sgs, - unsigned int in_sgs, - void *data, - gfp_t gfp) + struct scatterlist *sgs[], + unsigned int total_sg, + unsigned int out_sgs, + unsigned int in_sgs, + void *data, + gfp_t gfp) { struct vring_packed_desc *desc; struct scatterlist *sg; -- 2.31.0
Xuan Zhuo
2021-Oct-19 11:52 UTC
[PATCH v4 2/2] virtio_ring: check desc == NULL when using indirect with packed
When using indirect with packed, we don't check for allocation failures. This patch checks that and fall back on direct. Fixes: 1ce9e6055fa ("virtio_ring: introduce packed ring support") Signed-off-by: Xuan Zhuo <xuanzhuo at linux.alibaba.com> --- drivers/virtio/virtio_ring.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c index 91a46c4da87d..44a03b6e4dc4 100644 --- a/drivers/virtio/virtio_ring.c +++ b/drivers/virtio/virtio_ring.c @@ -1065,6 +1065,9 @@ static int virtqueue_add_indirect_packed(struct vring_virtqueue *vq, head = vq->packed.next_avail_idx; desc = alloc_indirect_packed(total_sg, gfp); + if (!desc) + /* fall back on direct */ + return -EAGAIN; if (unlikely(vq->vq.num_free < 1)) { pr_debug("Can't add buf len 1 - avail = 0\n"); @@ -1176,6 +1179,7 @@ static inline int virtqueue_add_packed(struct virtqueue *_vq, unsigned int i, n, c, descs_used, err_idx; __le16 head_flags, flags; u16 head, id, prev, curr, avail_used_flags; + int err; START_USE(vq); @@ -1191,9 +1195,12 @@ static inline int virtqueue_add_packed(struct virtqueue *_vq, BUG_ON(total_sg == 0); - if (virtqueue_use_indirect(_vq, total_sg)) - return virtqueue_add_indirect_packed(vq, sgs, total_sg, - out_sgs, in_sgs, data, gfp); + if (virtqueue_use_indirect(_vq, total_sg)) { + err = virtqueue_add_indirect_packed(vq, sgs, total_sg, out_sgs, + in_sgs, data, gfp); + if (err != -EAGAIN) + return err; + } head = vq->packed.next_avail_idx; avail_used_flags = vq->packed.avail_used_flags; -- 2.31.0
Michael S. Tsirkin
2021-Oct-19 13:23 UTC
[PATCH v4 0/2] virtio_ring: check desc == NULL when packed and indirect
On Tue, Oct 19, 2021 at 07:52:33PM +0800, Xuan Zhuo wrote:> In the case of packed, use indirect desc, since desc is allocated by > kmalloc_array(), we should check whether its return value is NULL. >a better description here: fix theoretical issues in virtio_ring (so I'm guessing - or did you observe any null pointer dereferences?)> v4: > Inside the #2 patch, virtqueue_add_indirect_packed() return -EAGAIN when > desc == NULL. > > v3: > Update commit message of the #1 patch. > > v2: > Separate the style fix into a single patch. > > > Xuan Zhuo (2): > virtio_ring: fix style of virtqueue_add_indirect_packed > virtio_ring: check desc == NULL when using indirect with packed > > drivers/virtio/virtio_ring.c | 25 ++++++++++++++++--------- > 1 file changed, 16 insertions(+), 9 deletions(-) > > -- > 2.31.0