Jason Wang
2017-Feb-03 09:47 UTC
[PATCH 2/9] virtio_pci: use shared interrupts for virtqueues
On 2017?02?03? 16:26, Christoph Hellwig wrote:> On Fri, Feb 03, 2017 at 03:54:54PM +0800, Jason Wang wrote: >> On 2017?01?27? 16:16, Christoph Hellwig wrote: >>> + snprintf(vp_dev->msix_names[i + 1], >>> + sizeof(*vp_dev->msix_names), "%s-%s", >>> dev_name(&vp_dev->vdev.dev), names[i]); >>> err = request_irq(pci_irq_vector(vp_dev->pci_dev, msix_vec), >>> - vring_interrupt, 0, >>> - vp_dev->msix_names[msix_vec], >>> - vqs[i]); >>> + vring_interrupt, IRQF_SHARED, >>> + vp_dev->msix_names[i + 1], vqs[i]); >> Do we need to check per_vq_vectors before dereferencing msix_names[i + 1] ? > No, we need to allocate the array larger in that case as want proper > names for the interrupts.Consider the case of !per_vq_vectors, the size of msix_names is 2, but snprintf can do out of bound accessing here. (We name the msix shared by virtqueues with something like "%s-virtqueues" before the patch). Thanks
Christoph Hellwig
2017-Feb-03 09:52 UTC
[PATCH 2/9] virtio_pci: use shared interrupts for virtqueues
On Fri, Feb 03, 2017 at 05:47:41PM +0800, Jason Wang wrote:>> No, we need to allocate the array larger in that case as want proper >> names for the interrupts. > > Consider the case of !per_vq_vectors, the size of msix_names is 2, but > snprintf can do out of bound accessing here. (We name the msix shared by > virtqueues with something like "%s-virtqueues" before the patch).Yes, that's what I meant above - we need to allocate a large array starting with this patch. I'll fix it up for the next version.
Jason Wang
2017-Feb-03 09:56 UTC
[PATCH 2/9] virtio_pci: use shared interrupts for virtqueues
On 2017?02?03? 17:52, Christoph Hellwig wrote:> On Fri, Feb 03, 2017 at 05:47:41PM +0800, Jason Wang wrote: >>> No, we need to allocate the array larger in that case as want proper >>> names for the interrupts. >> Consider the case of !per_vq_vectors, the size of msix_names is 2, but >> snprintf can do out of bound accessing here. (We name the msix shared by >> virtqueues with something like "%s-virtqueues" before the patch). > Yes, that's what I meant above - we need to allocate a large array > starting with this patch. I'll fix it up for the next version.I see. Thanks
Possibly Parallel Threads
- [PATCH 2/9] virtio_pci: use shared interrupts for virtqueues
- [PATCH 2/9] virtio_pci: use shared interrupts for virtqueues
- [PATCH 2/9] virtio_pci: use shared interrupts for virtqueues
- [PATCH 2/9] virtio_pci: use shared interrupts for virtqueues
- [PATCH 2/9] virtio_pci: use shared interrupts for virtqueues