From: Jason Wang <jasowang@redhat.com>
To: aliguori@us.ibm.com, stefanha@redhat.com, qemu-devel@nongnu.org
Cc: Paolo Bonzini <pbonzini@redhat.com>,
Jason Wang <jasowang@redhat.com>,
Stefan Hajnoczi <shajnocz@redhat.com>,
qemu-stable@nongnu.org, Laszlo Ersek <lersek@redhat.com>
Subject: [Qemu-devel] [PATCH] net: tap: fix NULL dereference when passing both fd and vhostfds to tap
Date: Mon, 3 Jun 2013 17:04:04 +0800 [thread overview]
Message-ID: <1370250244-30058-1-git-send-email-jasowang@redhat.com> (raw)
This is because vhostfdname were passed as NULL to net_init_tap_one() when
vhostfd were not specified, but net_init_tap_one() will still pass it to
monitor_handle_fd_param() when tap->has_vhostfds is true. Since file descriptor
(fd, vhostfd) and file descriptor set (fds, vhostfds) were not compatible, so
this patch forbids passing them to tap in the same time.
This solve the segfault when passing the command line like:
./qemu-system-x86_64 -netdev tap,fd=2,vhost=on,vhostfds=baz,id=xyz
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Stefan Hajnoczi <shajnocz@redhat.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Jason Wang <jasowang@redhat.com>
---
net/tap.c | 10 ++++++----
1 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/net/tap.c b/net/tap.c
index e0b7a2a..477505f 100644
--- a/net/tap.c
+++ b/net/tap.c
@@ -698,9 +698,10 @@ int net_init_tap(const NetClientOptions *opts, const char *name,
if (tap->has_fd) {
if (tap->has_ifname || tap->has_script || tap->has_downscript ||
tap->has_vnet_hdr || tap->has_helper || tap->has_queues ||
- tap->has_fds) {
+ tap->has_fds || tap->has_vhostfds) {
error_report("ifname=, script=, downscript=, vnet_hdr=, "
- "helper=, queues=, and fds= are invalid with fd=");
+ "helper=, queues=, fds=, and vhostfds= "
+ "are invalid with fd=");
return -1;
}
@@ -725,9 +726,10 @@ int net_init_tap(const NetClientOptions *opts, const char *name,
if (tap->has_ifname || tap->has_script || tap->has_downscript ||
tap->has_vnet_hdr || tap->has_helper || tap->has_queues ||
- tap->has_fd) {
+ tap->has_fd || tap->has_vhostfd) {
error_report("ifname=, script=, downscript=, vnet_hdr=, "
- "helper=, queues=, and fd= are invalid with fds=");
+ "helper=, queues=, fd=, and vhostfd= "
+ "are invalid with fds=");
return -1;
}
--
1.7.1
next reply other threads:[~2013-06-03 9:14 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-06-03 9:04 Jason Wang [this message]
2013-06-03 10:48 ` [Qemu-devel] [PATCH] net: tap: fix NULL dereference when passing both fd and vhostfds to tap Laszlo Ersek
2013-06-04 5:25 ` Jason Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1370250244-30058-1-git-send-email-jasowang@redhat.com \
--to=jasowang@redhat.com \
--cc=aliguori@us.ibm.com \
--cc=lersek@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-stable@nongnu.org \
--cc=shajnocz@redhat.com \
--cc=stefanha@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).