|
 |
586cba |
From aa99cf129923e0203c0caeb3b4e94a0eb973746f Mon Sep 17 00:00:00 2001
|
|
|
586cba |
From: =?UTF-8?q?Eugenio=20P=C3=A9rez?= <eperezma@redhat.com>
|
|
|
586cba |
Date: Thu, 21 Jul 2022 15:36:38 +0200
|
|
|
586cba |
Subject: [PATCH 04/32] vhost: Fix element in vhost_svq_add failure
|
|
|
586cba |
MIME-Version: 1.0
|
|
|
586cba |
Content-Type: text/plain; charset=UTF-8
|
|
|
586cba |
Content-Transfer-Encoding: 8bit
|
|
|
586cba |
|
|
|
586cba |
RH-Author: Eugenio Pérez <eperezma@redhat.com>
|
|
|
586cba |
RH-MergeRequest: 108: Net Control Virtqueue shadow Support
|
|
|
586cba |
RH-Commit: [4/27] 96689c99a47dd49591c0d126cb1fbb975b2f79b4 (eperezmartin/qemu-kvm)
|
|
|
586cba |
RH-Bugzilla: 1939363
|
|
|
586cba |
RH-Acked-by: Stefano Garzarella <sgarzare@redhat.com>
|
|
|
586cba |
RH-Acked-by: Cindy Lu <lulu@redhat.com>
|
|
|
586cba |
RH-Acked-by: Laurent Vivier <lvivier@redhat.com>
|
|
|
586cba |
|
|
|
586cba |
Bugzilla: https://bugzilla.redhat.com/1939363
|
|
|
586cba |
|
|
|
586cba |
Upstream Status: git://git.qemu.org/qemu.git
|
|
|
586cba |
|
|
|
586cba |
commit 5181db132b587754dda3a520eec923b87a65bbb7
|
|
|
586cba |
Author: Eugenio Pérez <eperezma@redhat.com>
|
|
|
586cba |
Date: Thu May 12 19:57:47 2022 +0200
|
|
|
586cba |
|
|
|
586cba |
vhost: Fix element in vhost_svq_add failure
|
|
|
586cba |
|
|
|
586cba |
Coverity rightly reports that is not free in that case.
|
|
|
586cba |
|
|
|
586cba |
Fixes: Coverity CID 1487559
|
|
|
586cba |
Fixes: 100890f7ca ("vhost: Shadow virtqueue buffers forwarding")
|
|
|
586cba |
|
|
|
586cba |
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
|
|
|
586cba |
Message-Id: <20220512175747.142058-7-eperezma@redhat.com>
|
|
|
586cba |
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
|
|
|
586cba |
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
|
|
|
586cba |
|
|
|
586cba |
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
|
|
|
586cba |
---
|
|
|
586cba |
hw/virtio/vhost-shadow-virtqueue.c | 8 ++++++++
|
|
|
586cba |
1 file changed, 8 insertions(+)
|
|
|
586cba |
|
|
|
586cba |
diff --git a/hw/virtio/vhost-shadow-virtqueue.c b/hw/virtio/vhost-shadow-virtqueue.c
|
|
|
586cba |
index 31fc50907d..06d0bb39d9 100644
|
|
|
586cba |
--- a/hw/virtio/vhost-shadow-virtqueue.c
|
|
|
586cba |
+++ b/hw/virtio/vhost-shadow-virtqueue.c
|
|
|
586cba |
@@ -199,11 +199,19 @@ static bool vhost_svq_add_split(VhostShadowVirtqueue *svq,
|
|
|
586cba |
return true;
|
|
|
586cba |
}
|
|
|
586cba |
|
|
|
586cba |
+/**
|
|
|
586cba |
+ * Add an element to a SVQ.
|
|
|
586cba |
+ *
|
|
|
586cba |
+ * The caller must check that there is enough slots for the new element. It
|
|
|
586cba |
+ * takes ownership of the element: In case of failure, it is free and the SVQ
|
|
|
586cba |
+ * is considered broken.
|
|
|
586cba |
+ */
|
|
|
586cba |
static bool vhost_svq_add(VhostShadowVirtqueue *svq, VirtQueueElement *elem)
|
|
|
586cba |
{
|
|
|
586cba |
unsigned qemu_head;
|
|
|
586cba |
bool ok = vhost_svq_add_split(svq, elem, &qemu_head);
|
|
|
586cba |
if (unlikely(!ok)) {
|
|
|
586cba |
+ g_free(elem);
|
|
|
586cba |
return false;
|
|
|
586cba |
}
|
|
|
586cba |
|
|
|
586cba |
--
|
|
|
586cba |
2.31.1
|
|
|
586cba |
|