From: Stefan Hajnoczi <stefanha@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Marc Marí" <marc.mari.barcelo@gmail.com>,
"Peter Maydell" <peter.maydell@linaro.org>,
"Stefan Hajnoczi" <stefanha@redhat.com>
Subject: [Qemu-devel] [PULL 44/55] virtio-blk: Correct bug in support for flexible descriptor layout
Date: Fri, 15 Aug 2014 18:06:51 +0100 [thread overview]
Message-ID: <1408122422-13935-45-git-send-email-stefanha@redhat.com> (raw)
In-Reply-To: <1408122422-13935-1-git-send-email-stefanha@redhat.com>
From: Marc Marí <marc.mari.barcelo@gmail.com>
Without this correction, only a three descriptor layout is accepted, and
requests with just two descriptors are not completed and no error message is
displayed.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Marc Marí <marc.mari.barcelo@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
hw/block/virtio-blk.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c
index c241c50..302c39e 100644
--- a/hw/block/virtio-blk.c
+++ b/hw/block/virtio-blk.c
@@ -404,19 +404,19 @@ void virtio_blk_handle_request(VirtIOBlockReq *req, MultiReqBuffer *mrb)
* NB: per existing s/n string convention the string is
* terminated by '\0' only when shorter than buffer.
*/
- strncpy(req->elem.in_sg[0].iov_base,
- s->blk.serial ? s->blk.serial : "",
- MIN(req->elem.in_sg[0].iov_len, VIRTIO_BLK_ID_BYTES));
+ const char *serial = s->blk.serial ? s->blk.serial : "";
+ size_t size = MIN(strlen(serial) + 1,
+ MIN(iov_size(in_iov, in_num),
+ VIRTIO_BLK_ID_BYTES));
+ iov_from_buf(in_iov, in_num, 0, serial, size);
virtio_blk_req_complete(req, VIRTIO_BLK_S_OK);
virtio_blk_free_request(req);
} else if (type & VIRTIO_BLK_T_OUT) {
- qemu_iovec_init_external(&req->qiov, &req->elem.out_sg[1],
- req->elem.out_num - 1);
+ qemu_iovec_init_external(&req->qiov, iov, out_num);
virtio_blk_handle_write(req, mrb);
} else if (type == VIRTIO_BLK_T_IN || type == VIRTIO_BLK_T_BARRIER) {
/* VIRTIO_BLK_T_IN is 0, so we can't just & it. */
- qemu_iovec_init_external(&req->qiov, &req->elem.in_sg[0],
- req->elem.in_num - 1);
+ qemu_iovec_init_external(&req->qiov, in_iov, in_num);
virtio_blk_handle_read(req);
} else {
virtio_blk_req_complete(req, VIRTIO_BLK_S_UNSUPP);
--
1.9.3
next prev parent reply other threads:[~2014-08-15 17:08 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-15 17:06 [Qemu-devel] [PULL 00/55] Block patches Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 01/55] blkdebug: report errors on flush too Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 02/55] libqtest: add QTEST_LOG for debugging qtest testcases Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 03/55] ide-test: add test for werror=stop Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 04/55] ide: stash aiocb for flushes Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 05/55] ide: simplify reset callbacks Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 06/55] ide: simplify set_inactive callbacks Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 07/55] ide: simplify async_cmd_done callbacks Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 08/55] ide: simplify start_transfer callbacks Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 09/55] ide: wrap start_dma callback Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 10/55] ide: remove wrong setting of BM_STATUS_INT Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 11/55] ide: fold add_status callback into set_inactive Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 12/55] ide: move BM_STATUS bits to pci.[ch] Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 13/55] ide: move retry constants out of BM_STATUS_* namespace Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 14/55] ahci: remove duplicate PORT_IRQ_* constants Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 15/55] ide: stop PIO transfer on errors Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 16/55] ide: make all commands go through cmd_done Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 17/55] ahci: construct PIO Setup FIS for PIO commands Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 18/55] q35: Enable the ioapic device to be seen by qtest Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 19/55] qtest: Adding qtest_memset and qmemset Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 20/55] libqos: Correct memory leak Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 21/55] libqtest: Correct small " Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 22/55] libqos: Fixes a " Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 23/55] libqos: allow qpci_iomap to return BAR mapping size Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 24/55] qtest/ide: Fix small memory leak Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 25/55] cmd646: add constants for CNTRL register access Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 26/55] cmd646: synchronise DMA interrupt status with UDMA interrupt status Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 27/55] cmd646: switch cmd646_update_irq() to accept PCIDevice instead of PCIIDEState Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 28/55] cmd646: allow MRDMODE interrupt status bits clearing from PCI config space Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 29/55] cmd646: synchronise UDMA interrupt status with DMA interrupt status Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 30/55] qemu-char: using qemu_set_nonblock() instead of fcntl(O_NONBLOCK) Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 31/55] channel-posix: " Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 32/55] dataplane: print why starting failed Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 33/55] dataplane: fail notifier setting gracefully Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 34/55] dataplane: stop trying on notifier error Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 35/55] parallels: extend parallels format header with actual data values Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 36/55] parallels: replace tabs with spaces in block/parallels.c Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 37/55] parallels: split check for parallels format in parallels_open Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 38/55] parallels: 2TB+ parallels images support Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 39/55] qemu-options: add missing -drive discard option to cmdline help Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 40/55] ide: Fix segfault when flushing a device that doesn't exist Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 41/55] libqtest: add QTEST_LOG for debugging qtest testcases Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 42/55] libqos: Correct mask to align size to PAGE_SIZE in malloc-pc Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 43/55] libqos: Change free function called in malloc Stefan Hajnoczi
2014-08-15 17:06 ` Stefan Hajnoczi [this message]
2014-08-15 17:06 ` [Qemu-devel] [PULL 45/55] ide: only constrain read/write requests to drive size, not other types Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 46/55] docs: Specification for the image fuzzer Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 47/55] image-fuzzer: Tool for fuzz tests execution Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 48/55] image-fuzzer: Fuzzing functions for qcow2 images Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 49/55] image-fuzzer: Generator of fuzzed " Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 50/55] image-fuzzer: Public API for image-fuzzer/runner/runner.py Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 51/55] docs: Expand the list of supported image elements with L1/L2 tables Stefan Hajnoczi
2014-08-15 17:06 ` [Qemu-devel] [PULL 52/55] image-fuzzer: Add fuzzing functions for L1/L2 table entries Stefan Hajnoczi
2014-08-15 17:07 ` [Qemu-devel] [PULL 53/55] image-fuzzer: Add generators of L1/L2 tables Stefan Hajnoczi
2014-08-15 17:07 ` [Qemu-devel] [PULL 54/55] image-fuzzer: Reduce number of generator functions in __init__ Stefan Hajnoczi
2014-08-15 17:07 ` [Qemu-devel] [PULL 55/55] qcow2: fix new_blocks double-free in alloc_refcount_block() Stefan Hajnoczi
2014-08-18 11:54 ` [Qemu-devel] [PULL 00/55] Block patches Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1408122422-13935-45-git-send-email-stefanha@redhat.com \
--to=stefanha@redhat.com \
--cc=marc.mari.barcelo@gmail.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).