From: "Michael S. Tsirkin" <mst@redhat.com>
To: Jason Wang <jasowang@redhat.com>
Cc: cornelia.huck@de.ibm.com, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PATCH V4 07/19] virtio-net: validate backend queue numbers against bus limitation
Date: Wed, 18 Mar 2015 14:05:14 +0100 [thread overview]
Message-ID: <20150318140232-mutt-send-email-mst@redhat.com> (raw)
In-Reply-To: <1426671309-13645-8-git-send-email-jasowang@redhat.com>
On Wed, Mar 18, 2015 at 05:34:57PM +0800, Jason Wang wrote:
> We don't validate the backend queue numbers against bus limitation,
> this will easily crash qemu if it exceeds the limitation. Fixing this
> by doing the validation and fail early.
>
> Cc: Michael S. Tsirkin <mst@redhat.com>
> Signed-off-by: Jason Wang <jasowang@redhat.com>
Bugfix? needed in 2.3?
> ---
> hw/net/virtio-net.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
> index 27adcc5..59f76bc 100644
> --- a/hw/net/virtio-net.c
> +++ b/hw/net/virtio-net.c
> @@ -1588,6 +1588,13 @@ static void virtio_net_device_realize(DeviceState *dev, Error **errp)
> virtio_init(vdev, "virtio-net", VIRTIO_ID_NET, n->config_size);
>
> n->max_queues = MAX(n->nic_conf.peers.queues, 1);
> + if (n->max_queues * 2 + 1 > VIRTIO_PCI_QUEUE_MAX) {
We have this * 2 + 1 logic in several other places in this file too.
Pls wrap it up in a helper.
> + error_setg(errp, "Invalid number of queues (= %" PRIu32 "), "
> + "must be a postive integer less than %d.",
> + n->max_queues, (VIRTIO_PCI_QUEUE_MAX - 1) / 2);
> + virtio_cleanup(vdev);
> + return;
> + }
> n->vqs = g_malloc0(sizeof(VirtIONetQueue) * n->max_queues);
> n->vqs[0].rx_vq = virtio_add_queue(vdev, 256, virtio_net_handle_rx);
> n->curr_queues = 1;
> --
> 2.1.0
next prev parent reply other threads:[~2015-03-18 13:05 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-18 9:34 [Qemu-devel] [PATCH V4 00/19] Support more virtio queues Jason Wang
2015-03-18 9:34 ` [Qemu-devel] [PATCH V4 01/19] pc: add 2.4 machine types Jason Wang
2015-03-18 9:34 ` [Qemu-devel] [PATCH V4 02/19] spapr: add machine type specific instance init function Jason Wang
2015-03-18 9:34 ` [Qemu-devel] [PATCH V4 03/19] ppc: spapr: add 2.4 machine type Jason Wang
2015-03-18 9:34 ` [Qemu-devel] [PATCH V4 04/19] monitor: replace the magic number 255 with MAX_QUEUE_NUM Jason Wang
2015-03-18 9:34 ` [Qemu-devel] [PATCH V4 05/19] monitor: check return value of qemu_find_net_clients_except() Jason Wang
2015-03-18 9:34 ` [Qemu-devel] [PATCH V4 06/19] virtio-ccw: using VIRTIO_NO_VECTOR instead of 0 for invalid virtqueue Jason Wang
2015-03-18 13:08 ` Michael S. Tsirkin
2015-03-20 7:39 ` Cornelia Huck
2015-03-21 18:27 ` Michael S. Tsirkin
2015-03-23 9:02 ` Cornelia Huck
2015-03-18 9:34 ` [Qemu-devel] [PATCH V4 07/19] virtio-net: validate backend queue numbers against bus limitation Jason Wang
2015-03-18 13:05 ` Michael S. Tsirkin [this message]
2015-03-19 5:26 ` Jason Wang
2015-03-18 9:34 ` [Qemu-devel] [PATCH V4 08/19] virtio-net: fix the upper bound when trying to delete queues Jason Wang
2015-03-18 13:06 ` Michael S. Tsirkin
2015-03-19 5:28 ` Jason Wang
2015-03-18 9:34 ` [Qemu-devel] [PATCH V4 09/19] virito: introduce bus specific queue limit Jason Wang
2015-03-20 10:20 ` Cornelia Huck
2015-03-31 2:34 ` Jason Wang
2015-03-18 9:35 ` [Qemu-devel] [PATCH V4 10/19] virtio-ccw: introduce ccw " Jason Wang
2015-03-20 11:33 ` Cornelia Huck
2015-03-31 2:36 ` Jason Wang
2015-03-18 9:35 ` [Qemu-devel] [PATCH V4 11/19] virtio-s390: switch to bus " Jason Wang
2015-03-20 11:34 ` Cornelia Huck
2015-03-18 9:35 ` [Qemu-devel] [PATCH V4 12/19] virtio-mmio: " Jason Wang
2015-03-18 9:35 ` [Qemu-devel] [PATCH V4 13/19] virtio-pci: switch to use " Jason Wang
2015-03-18 9:35 ` [Qemu-devel] [PATCH V4 14/19] virtio: introduce vector to virtqueues mapping Jason Wang
2015-03-20 11:39 ` Cornelia Huck
2015-03-31 2:37 ` Jason Wang
2015-03-18 9:35 ` [Qemu-devel] [PATCH V4 15/19] virtio: introduce virtio_queue_get_index() Jason Wang
2015-03-18 9:35 ` [Qemu-devel] [PATCH V4 16/19] virtio-pci: speedup MSI-X masking and unmasking Jason Wang
2015-03-18 9:35 ` [Qemu-devel] [PATCH V4 17/19] virtio-pci: increase the maximum number of virtqueues to 513 Jason Wang
2015-03-18 9:35 ` [Qemu-devel] [PATCH V4 18/19] pci: remove hard-coded bar size in msix_init_exclusive_bar() Jason Wang
2015-03-18 12:52 ` Michael S. Tsirkin
2015-03-19 5:19 ` Jason Wang
2015-03-19 10:09 ` Michael S. Tsirkin
2015-03-20 5:43 ` Jason Wang
2015-03-18 9:35 ` [Qemu-devel] [PATCH V4 19/19] virtio-pci: introduce auto_msix_bar_size property Jason Wang
2015-03-18 12:57 ` Michael S. Tsirkin
2015-03-19 5:23 ` Jason Wang
2015-03-19 10:01 ` Michael S. Tsirkin
2015-03-20 5:35 ` Jason Wang
2015-03-19 5:23 ` Jason Wang
2015-03-19 10:02 ` Michael S. Tsirkin
2015-03-20 5:38 ` Jason Wang
2015-03-18 12:58 ` [Qemu-devel] [PATCH V4 00/19] Support more virtio queues Michael S. Tsirkin
2015-03-19 5:24 ` Jason Wang
2015-03-19 7:32 ` Michael S. Tsirkin
2015-03-19 7:42 ` Jason Wang
2015-03-19 9:23 ` Michael S. Tsirkin
2015-03-20 5:11 ` Jason Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150318140232-mutt-send-email-mst@redhat.com \
--to=mst@redhat.com \
--cc=cornelia.huck@de.ibm.com \
--cc=jasowang@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.