On Wed, 21 Sep 2016 09:02:35 +0200
Greg Kurz <gr...@kaod.org> wrote:
> On Tue, 20 Sep 2016 15:49:33 +0100
> Stefan Hajnoczi <stefa...@redhat.com> wrote:
>
> > Errors can occur during virtqueue_pop(), especially in
> > virtqueue_map_desc(). In order to handle this we must unmap iov[]
> > before returning NULL. The caller will consider the virtqueue empty and
> > the virtio_error() call will have marked the device broken.
> >
> > Signed-off-by: Stefan Hajnoczi <stefa...@redhat.com>
> > ---
>
> Hi Stefan,
>
> FWIW, Prasad's "virtio: add check for descriptor's mapped address" is already
> in Michael's tree:
>
> https://git.kernel.org/cgit/virt/kvm/mst/qemu.git/commit/?h=pci&id=13c9ed60de6faaed325804620d13e7be37ea8183
>
> I guess this patch should take it into account (as already suggested by
> Laszlo).
Agreed.
(...)
> > +/* Only used by error code paths before we have a VirtQueueElement
> > (therefore
> > + * virtqueue_unmap_sg() can't be used). Assumes buffers weren't written to
> > + * yet.
> > + */
> > +static void virtqueue_undo_map_desc(unsigned out_num, unsigned in_num,
Should the arguments use 'unsigned int' as well, for consistency's sake?
> > + struct iovec *iov)
> > +{
> > + unsigned int i;
> > +
> > + for (i = 0; i < out_num + in_num; i++) {
> > + int is_write = i >= out_num;
> > +
> > + cpu_physical_memory_unmap(iov->iov_base, iov->iov_len, is_write,
> > 0);
> > + iov++;
> > + }
> > }
