Ingo Oeser
2008-Dec-20 11:38 UTC
[PATCH 2/3] virtio: indirect ring entries (VIRTIO_RING_F_INDIRECT_DESC)
Hi Mark, On Thursday 18 December 2008, Mark McLoughlin wrote:> diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c > index 5777196..2330c4b 100644 > --- a/drivers/virtio/virtio_ring.c > +++ b/drivers/virtio/virtio_ring.c > @@ -70,6 +73,55 @@ struct vring_virtqueue > > #define to_vvq(_vq) container_of(_vq, struct vring_virtqueue, vq) > > +/* Set up an indirect table of descriptors and add it to the queue. */ > +static int vring_add_indirect(struct vring_virtqueue *vq, > + struct scatterlist sg[], > + unsigned int out, > + unsigned int in) > +{ > + struct vring_desc *desc; > + unsigned head; > + int i; > + > + desc = kmalloc((out + in) * sizeof(struct vring_desc), GFP_ATOMIC);kmalloc() returns ZERO_SIZE_PTR, if (out + in) == 0> + if (!desc) > + return vq->vring.num; > + > + /* Transfer entries from the sg list into the indirect page */ > + for (i = 0; i < out; i++) { > + desc[i].flags = VRING_DESC_F_NEXT; > + desc[i].addr = sg_phys(sg); > + desc[i].len = sg->length; > + desc[i].next = i+1; > + sg++; > + } > + for (; i < (out + in); i++) { > + desc[i].flags = VRING_DESC_F_NEXT|VRING_DESC_F_WRITE; > + desc[i].addr = sg_phys(sg); > + desc[i].len = sg->length; > + desc[i].next = i+1; > + sg++; > + } > + > + /* Last one doesn't continue. */ > + desc[i-1].flags &= ~VRING_DESC_F_NEXT; > + desc[i-1].next = 0;So this array index can fail (be -1). Please check and avoid within this function. Best Regards Ingo Oeser
Mark McLoughlin
2008-Dec-22 10:17 UTC
[PATCH 2/3] virtio: indirect ring entries (VIRTIO_RING_F_INDIRECT_DESC)
Hi Ingo, On Sat, 2008-12-20 at 12:38 +0100, Ingo Oeser wrote:> Hi Mark, > > On Thursday 18 December 2008, Mark McLoughlin wrote: > > diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c > > index 5777196..2330c4b 100644 > > --- a/drivers/virtio/virtio_ring.c > > +++ b/drivers/virtio/virtio_ring.c > > @@ -70,6 +73,55 @@ struct vring_virtqueue > > > > #define to_vvq(_vq) container_of(_vq, struct vring_virtqueue, vq) > > > > +/* Set up an indirect table of descriptors and add it to the queue. */ > > +static int vring_add_indirect(struct vring_virtqueue *vq, > > + struct scatterlist sg[], > > + unsigned int out, > > + unsigned int in) > > +{ > > + struct vring_desc *desc; > > + unsigned head; > > + int i; > > + > > + desc = kmalloc((out + in) * sizeof(struct vring_desc), GFP_ATOMIC); > > kmalloc() returns ZERO_SIZE_PTR, if (out + in) == 0vring_add_buf() has: BUG_ON(out + in == 0) I should just add that here too before the kmalloc() call. Thanks, Mark.
Reasonably Related Threads
- [PATCH 2/3] virtio: indirect ring entries (VIRTIO_RING_F_INDIRECT_DESC)
- [PATCH 2/3] virtio: indirect ring entries (VIRTIO_RING_F_INDIRECT_DESC)
- [PATCH 2/3] virtio: indirect ring entries (VIRTIO_RING_F_INDIRECT_DESC)
- We hit ext3_warning (inode->i_sb, "ext3_block_to_path", "block < 0");
- [PATCH RFC v8 02/11] vhost: use batched get_vq_desc version