Jason Wang
2017-Feb-03 07:54 UTC
[PATCH 2/9] virtio_pci: use shared interrupts for virtqueues
On 2017?01?27? 16:16, Christoph Hellwig wrote:> + snprintf(vp_dev->msix_names[i + 1], > + sizeof(*vp_dev->msix_names), "%s-%s", > dev_name(&vp_dev->vdev.dev), names[i]); > err = request_irq(pci_irq_vector(vp_dev->pci_dev, msix_vec), > - vring_interrupt, 0, > - vp_dev->msix_names[msix_vec], > - vqs[i]); > + vring_interrupt, IRQF_SHARED, > + vp_dev->msix_names[i + 1], vqs[i]);Do we need to check per_vq_vectors before dereferencing msix_names[i + 1] ? Thanks
Christoph Hellwig
2017-Feb-03 08:26 UTC
[PATCH 2/9] virtio_pci: use shared interrupts for virtqueues
On Fri, Feb 03, 2017 at 03:54:54PM +0800, Jason Wang wrote:> On 2017?01?27? 16:16, Christoph Hellwig wrote: >> + snprintf(vp_dev->msix_names[i + 1], >> + sizeof(*vp_dev->msix_names), "%s-%s", >> dev_name(&vp_dev->vdev.dev), names[i]); >> err = request_irq(pci_irq_vector(vp_dev->pci_dev, msix_vec), >> - vring_interrupt, 0, >> - vp_dev->msix_names[msix_vec], >> - vqs[i]); >> + vring_interrupt, IRQF_SHARED, >> + vp_dev->msix_names[i + 1], vqs[i]); > > Do we need to check per_vq_vectors before dereferencing msix_names[i + 1] ?No, we need to allocate the array larger in that case as want proper names for the interrupts.
Jason Wang
2017-Feb-03 09:47 UTC
[PATCH 2/9] virtio_pci: use shared interrupts for virtqueues
On 2017?02?03? 16:26, Christoph Hellwig wrote:> On Fri, Feb 03, 2017 at 03:54:54PM +0800, Jason Wang wrote: >> On 2017?01?27? 16:16, Christoph Hellwig wrote: >>> + snprintf(vp_dev->msix_names[i + 1], >>> + sizeof(*vp_dev->msix_names), "%s-%s", >>> dev_name(&vp_dev->vdev.dev), names[i]); >>> err = request_irq(pci_irq_vector(vp_dev->pci_dev, msix_vec), >>> - vring_interrupt, 0, >>> - vp_dev->msix_names[msix_vec], >>> - vqs[i]); >>> + vring_interrupt, IRQF_SHARED, >>> + vp_dev->msix_names[i + 1], vqs[i]); >> Do we need to check per_vq_vectors before dereferencing msix_names[i + 1] ? > No, we need to allocate the array larger in that case as want proper > names for the interrupts.Consider the case of !per_vq_vectors, the size of msix_names is 2, but snprintf can do out of bound accessing here. (We name the msix shared by virtqueues with something like "%s-virtqueues" before the patch). Thanks
Apparently Analagous Threads
- [PATCH 2/9] virtio_pci: use shared interrupts for virtqueues
- [PATCH 2/9] virtio_pci: use shared interrupts for virtqueues
- [PATCH 2/9] virtio_pci: use shared interrupts for virtqueues
- [PATCH 2/9] virtio_pci: use shared interrupts for virtqueues
- [PATCH 2/9] virtio_pci: use shared interrupts for virtqueues