* [PATCH v2] virtio-dmabuf: Ensure UUID persistence for hash table insertion
@ 2024-11-07 18:00 Dorinda Bassey
2024-11-08 9:29 ` Stefano Garzarella
2025-12-02 13:50 ` Marc-André Lureau
0 siblings, 2 replies; 8+ messages in thread
From: Dorinda Bassey @ 2024-11-07 18:00 UTC (permalink / raw)
To: qemu-devel; +Cc: aesteve, sgarzare, marcandre.lureau, Dorinda Bassey
In `virtio_add_resource` function, the UUID used as a key for
`g_hash_table_insert` was temporary, which could lead to
invalid lookups when accessed later. This patch ensures that
the UUID remains valid by duplicating it into a newly allocated
memory space. The value is then inserted into the hash table
with this persistent UUID key to ensure that the key stored in
the hash table remains valid as long as the hash table entry
exists.
Fixes: faefdba847 ("hw/display: introduce virtio-dmabuf")
Signed-off-by: Dorinda Bassey <dbassey@redhat.com>
---
hw/display/virtio-dmabuf.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/hw/display/virtio-dmabuf.c b/hw/display/virtio-dmabuf.c
index 3dba4577ca7..5e0395be77c 100644
--- a/hw/display/virtio-dmabuf.c
+++ b/hw/display/virtio-dmabuf.c
@@ -35,11 +35,13 @@ static bool virtio_add_resource(QemuUUID *uuid, VirtioSharedObject *value)
if (resource_uuids == NULL) {
resource_uuids = g_hash_table_new_full(qemu_uuid_hash,
uuid_equal_func,
- NULL,
+ g_free,
g_free);
}
if (g_hash_table_lookup(resource_uuids, uuid) == NULL) {
- g_hash_table_insert(resource_uuids, uuid, value);
+ g_hash_table_insert(resource_uuids,
+ g_memdup2(uuid, sizeof(*uuid)),
+ value);
} else {
result = false;
}
--
2.47.0
^ permalink raw reply related [flat|nested] 8+ messages in thread
* Re: [PATCH v2] virtio-dmabuf: Ensure UUID persistence for hash table insertion
2024-11-07 18:00 [PATCH v2] virtio-dmabuf: Ensure UUID persistence for hash table insertion Dorinda Bassey
@ 2024-11-08 9:29 ` Stefano Garzarella
2025-09-15 9:16 ` Dorinda Bassey
2025-12-02 13:50 ` Marc-André Lureau
1 sibling, 1 reply; 8+ messages in thread
From: Stefano Garzarella @ 2024-11-08 9:29 UTC (permalink / raw)
To: Dorinda Bassey; +Cc: qemu-devel, aesteve, marcandre.lureau
On Thu, Nov 07, 2024 at 07:00:31PM +0100, Dorinda Bassey wrote:
>In `virtio_add_resource` function, the UUID used as a key for
>`g_hash_table_insert` was temporary, which could lead to
>invalid lookups when accessed later. This patch ensures that
>the UUID remains valid by duplicating it into a newly allocated
>memory space. The value is then inserted into the hash table
>with this persistent UUID key to ensure that the key stored in
>the hash table remains valid as long as the hash table entry
>exists.
>
>Fixes: faefdba847 ("hw/display: introduce virtio-dmabuf")
>
>Signed-off-by: Dorinda Bassey <dbassey@redhat.com>
>---
> hw/display/virtio-dmabuf.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
>
>diff --git a/hw/display/virtio-dmabuf.c b/hw/display/virtio-dmabuf.c
>index 3dba4577ca7..5e0395be77c 100644
>--- a/hw/display/virtio-dmabuf.c
>+++ b/hw/display/virtio-dmabuf.c
>@@ -35,11 +35,13 @@ static bool virtio_add_resource(QemuUUID *uuid, VirtioSharedObject *value)
> if (resource_uuids == NULL) {
> resource_uuids = g_hash_table_new_full(qemu_uuid_hash,
> uuid_equal_func,
>- NULL,
>+ g_free,
> g_free);
> }
> if (g_hash_table_lookup(resource_uuids, uuid) == NULL) {
>- g_hash_table_insert(resource_uuids, uuid, value);
>+ g_hash_table_insert(resource_uuids,
>+ g_memdup2(uuid, sizeof(*uuid)),
>+ value);
> } else {
> result = false;
> }
>--
>2.47.0
>
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v2] virtio-dmabuf: Ensure UUID persistence for hash table insertion
2024-11-08 9:29 ` Stefano Garzarella
@ 2025-09-15 9:16 ` Dorinda Bassey
2025-09-15 9:23 ` Albert Esteve
0 siblings, 1 reply; 8+ messages in thread
From: Dorinda Bassey @ 2025-09-15 9:16 UTC (permalink / raw)
To: Stefano Garzarella; +Cc: qemu-devel, aesteve, marcandre.lureau, Michael Tsirkin
[-- Attachment #1: Type: text/plain, Size: 2105 bytes --]
Hi Albert and Michael,
seems this patch fell through the cracks, It was posted but never picked
up. Could you help push it? thanks!
BR,
Dorinda.
On Fri, Nov 8, 2024 at 10:29 AM Stefano Garzarella <sgarzare@redhat.com>
wrote:
> On Thu, Nov 07, 2024 at 07:00:31PM +0100, Dorinda Bassey wrote:
> >In `virtio_add_resource` function, the UUID used as a key for
> >`g_hash_table_insert` was temporary, which could lead to
> >invalid lookups when accessed later. This patch ensures that
> >the UUID remains valid by duplicating it into a newly allocated
> >memory space. The value is then inserted into the hash table
> >with this persistent UUID key to ensure that the key stored in
> >the hash table remains valid as long as the hash table entry
> >exists.
> >
> >Fixes: faefdba847 ("hw/display: introduce virtio-dmabuf")
> >
> >Signed-off-by: Dorinda Bassey <dbassey@redhat.com>
> >---
> > hw/display/virtio-dmabuf.c | 6 ++++--
> > 1 file changed, 4 insertions(+), 2 deletions(-)
>
> Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
>
> >
> >diff --git a/hw/display/virtio-dmabuf.c b/hw/display/virtio-dmabuf.c
> >index 3dba4577ca7..5e0395be77c 100644
> >--- a/hw/display/virtio-dmabuf.c
> >+++ b/hw/display/virtio-dmabuf.c
> >@@ -35,11 +35,13 @@ static bool virtio_add_resource(QemuUUID *uuid,
> VirtioSharedObject *value)
> > if (resource_uuids == NULL) {
> > resource_uuids = g_hash_table_new_full(qemu_uuid_hash,
> > uuid_equal_func,
> >- NULL,
> >+ g_free,
> > g_free);
> > }
> > if (g_hash_table_lookup(resource_uuids, uuid) == NULL) {
> >- g_hash_table_insert(resource_uuids, uuid, value);
> >+ g_hash_table_insert(resource_uuids,
> >+ g_memdup2(uuid, sizeof(*uuid)),
> >+ value);
> > } else {
> > result = false;
> > }
> >--
> >2.47.0
> >
>
>
[-- Attachment #2: Type: text/html, Size: 2959 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v2] virtio-dmabuf: Ensure UUID persistence for hash table insertion
2025-09-15 9:16 ` Dorinda Bassey
@ 2025-09-15 9:23 ` Albert Esteve
0 siblings, 0 replies; 8+ messages in thread
From: Albert Esteve @ 2025-09-15 9:23 UTC (permalink / raw)
To: Dorinda Bassey
Cc: Stefano Garzarella, qemu-devel, marcandre.lureau, Michael Tsirkin
On Mon, Sep 15, 2025 at 11:16 AM Dorinda Bassey <dbassey@redhat.com> wrote:
>
> Hi Albert and Michael,
>
> seems this patch fell through the cracks, It was posted but never picked up. Could you help push it? thanks!
I do not remember this patch! Great that you checked, as this fixes a
legitimate issue. Hopefully will get integrated this time.
>
> BR,
> Dorinda.
>
> On Fri, Nov 8, 2024 at 10:29 AM Stefano Garzarella <sgarzare@redhat.com> wrote:
>>
>> On Thu, Nov 07, 2024 at 07:00:31PM +0100, Dorinda Bassey wrote:
>> >In `virtio_add_resource` function, the UUID used as a key for
>> >`g_hash_table_insert` was temporary, which could lead to
>> >invalid lookups when accessed later. This patch ensures that
>> >the UUID remains valid by duplicating it into a newly allocated
>> >memory space. The value is then inserted into the hash table
>> >with this persistent UUID key to ensure that the key stored in
>> >the hash table remains valid as long as the hash table entry
>> >exists.
>> >
>> >Fixes: faefdba847 ("hw/display: introduce virtio-dmabuf")
>> >
>> >Signed-off-by: Dorinda Bassey <dbassey@redhat.com>
>> >---
>> > hw/display/virtio-dmabuf.c | 6 ++++--
>> > 1 file changed, 4 insertions(+), 2 deletions(-)
>>
>> Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: Albert Esteve <aesteve@redhat.com>
>>
>> >
>> >diff --git a/hw/display/virtio-dmabuf.c b/hw/display/virtio-dmabuf.c
>> >index 3dba4577ca7..5e0395be77c 100644
>> >--- a/hw/display/virtio-dmabuf.c
>> >+++ b/hw/display/virtio-dmabuf.c
>> >@@ -35,11 +35,13 @@ static bool virtio_add_resource(QemuUUID *uuid, VirtioSharedObject *value)
>> > if (resource_uuids == NULL) {
>> > resource_uuids = g_hash_table_new_full(qemu_uuid_hash,
>> > uuid_equal_func,
>> >- NULL,
>> >+ g_free,
>> > g_free);
>> > }
>> > if (g_hash_table_lookup(resource_uuids, uuid) == NULL) {
>> >- g_hash_table_insert(resource_uuids, uuid, value);
>> >+ g_hash_table_insert(resource_uuids,
>> >+ g_memdup2(uuid, sizeof(*uuid)),
>> >+ value);
>> > } else {
>> > result = false;
>> > }
>> >--
>> >2.47.0
>> >
>>
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v2] virtio-dmabuf: Ensure UUID persistence for hash table insertion
2024-11-07 18:00 [PATCH v2] virtio-dmabuf: Ensure UUID persistence for hash table insertion Dorinda Bassey
2024-11-08 9:29 ` Stefano Garzarella
@ 2025-12-02 13:50 ` Marc-André Lureau
2025-12-02 14:01 ` Stefano Garzarella
1 sibling, 1 reply; 8+ messages in thread
From: Marc-André Lureau @ 2025-12-02 13:50 UTC (permalink / raw)
To: Dorinda Bassey; +Cc: qemu-devel, aesteve, sgarzare
Hi
On Thu, Nov 7, 2024 at 10:04 PM Dorinda Bassey <dbassey@redhat.com> wrote:
>
> In `virtio_add_resource` function, the UUID used as a key for
> `g_hash_table_insert` was temporary, which could lead to
> invalid lookups when accessed later. This patch ensures that
> the UUID remains valid by duplicating it into a newly allocated
> memory space. The value is then inserted into the hash table
> with this persistent UUID key to ensure that the key stored in
> the hash table remains valid as long as the hash table entry
> exists.
>
> Fixes: faefdba847 ("hw/display: introduce virtio-dmabuf")
>
> Signed-off-by: Dorinda Bassey <dbassey@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
We missed this patch during the -rc period. Can it be included?
it fixes invalid memory access / use-after-free .
Note: I think the original intent was that the @uuid argument
ownership was passed:
virtio_add_dmabuf/virtio_add_vhost_device
* @uuid: new resource's UUID
It could be clarified and be passed as const like getters to eventually help...
> ---
> hw/display/virtio-dmabuf.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/hw/display/virtio-dmabuf.c b/hw/display/virtio-dmabuf.c
> index 3dba4577ca7..5e0395be77c 100644
> --- a/hw/display/virtio-dmabuf.c
> +++ b/hw/display/virtio-dmabuf.c
> @@ -35,11 +35,13 @@ static bool virtio_add_resource(QemuUUID *uuid, VirtioSharedObject *value)
> if (resource_uuids == NULL) {
> resource_uuids = g_hash_table_new_full(qemu_uuid_hash,
> uuid_equal_func,
> - NULL,
> + g_free,
> g_free);
> }
> if (g_hash_table_lookup(resource_uuids, uuid) == NULL) {
> - g_hash_table_insert(resource_uuids, uuid, value);
> + g_hash_table_insert(resource_uuids,
> + g_memdup2(uuid, sizeof(*uuid)),
> + value);
> } else {
> result = false;
> }
> --
> 2.47.0
>
>
--
Marc-André Lureau
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v2] virtio-dmabuf: Ensure UUID persistence for hash table insertion
2025-12-02 13:50 ` Marc-André Lureau
@ 2025-12-02 14:01 ` Stefano Garzarella
0 siblings, 0 replies; 8+ messages in thread
From: Stefano Garzarella @ 2025-12-02 14:01 UTC (permalink / raw)
To: Marc-André Lureau
Cc: Dorinda Bassey, qemu-devel, aesteve, Michael Tsirkin
On Tue, 2 Dec 2025 at 14:51, Marc-André Lureau
<marcandre.lureau@gmail.com> wrote:
>
> Hi
>
> On Thu, Nov 7, 2024 at 10:04 PM Dorinda Bassey <dbassey@redhat.com> wrote:
> >
> > In `virtio_add_resource` function, the UUID used as a key for
> > `g_hash_table_insert` was temporary, which could lead to
> > invalid lookups when accessed later. This patch ensures that
> > the UUID remains valid by duplicating it into a newly allocated
> > memory space. The value is then inserted into the hash table
> > with this persistent UUID key to ensure that the key stored in
> > the hash table remains valid as long as the hash table entry
> > exists.
> >
> > Fixes: faefdba847 ("hw/display: introduce virtio-dmabuf")
> >
> > Signed-off-by: Dorinda Bassey <dbassey@redhat.com>
>
> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
>
> We missed this patch during the -rc period. Can it be included?
I guess we missed this in several releases since it was sent 1 year ago :-)
BTW I think the main issue here was not ccing Michael (now in CC):
$ ./scripts/get_maintainer.pl -f hw/display/virtio-dmabuf.c
Albert Esteve <aesteve@redhat.com> (supporter:virtio-dmabuf)
"Michael S. Tsirkin" <mst@redhat.com> (supporter:virtio)
qemu-devel@nongnu.org (open list:All patches CC here)
So, I'm not sure if it's better to rebase and resend (including the
R-b) with the right maintainers in CC.
Stefano
>
> it fixes invalid memory access / use-after-free .
>
> Note: I think the original intent was that the @uuid argument
> ownership was passed:
> virtio_add_dmabuf/virtio_add_vhost_device
> * @uuid: new resource's UUID
>
> It could be clarified and be passed as const like getters to eventually help...
>
> > ---
> > hw/display/virtio-dmabuf.c | 6 ++++--
> > 1 file changed, 4 insertions(+), 2 deletions(-)
> >
> > diff --git a/hw/display/virtio-dmabuf.c b/hw/display/virtio-dmabuf.c
> > index 3dba4577ca7..5e0395be77c 100644
> > --- a/hw/display/virtio-dmabuf.c
> > +++ b/hw/display/virtio-dmabuf.c
> > @@ -35,11 +35,13 @@ static bool virtio_add_resource(QemuUUID *uuid, VirtioSharedObject *value)
> > if (resource_uuids == NULL) {
> > resource_uuids = g_hash_table_new_full(qemu_uuid_hash,
> > uuid_equal_func,
> > - NULL,
> > + g_free,
> > g_free);
> > }
> > if (g_hash_table_lookup(resource_uuids, uuid) == NULL) {
> > - g_hash_table_insert(resource_uuids, uuid, value);
> > + g_hash_table_insert(resource_uuids,
> > + g_memdup2(uuid, sizeof(*uuid)),
> > + value);
> > } else {
> > result = false;
> > }
> > --
> > 2.47.0
> >
> >
>
>
> --
> Marc-André Lureau
>
^ permalink raw reply [flat|nested] 8+ messages in thread
* [PATCH v2] virtio-dmabuf: Ensure UUID persistence for hash table insertion
@ 2025-12-04 15:26 Dorinda Bassey
2025-12-04 15:43 ` Michael S. Tsirkin
0 siblings, 1 reply; 8+ messages in thread
From: Dorinda Bassey @ 2025-12-04 15:26 UTC (permalink / raw)
To: qemu-devel; +Cc: mst, sgarzare, aesteve, marcandre.lureau, Dorinda Bassey
In `virtio_add_resource` function, the UUID used as a key for
`g_hash_table_insert` was temporary, which could lead to
invalid lookups when accessed later. This patch ensures that
the UUID remains valid by duplicating it into a newly allocated
memory space. The value is then inserted into the hash table
with this persistent UUID key to ensure that the key stored in
the hash table remains valid as long as the hash table entry
exists.
Fixes: faefdba847 ("hw/display: introduce virtio-dmabuf")
Signed-off-by: Dorinda Bassey <dbassey@redhat.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: Albert Esteve <aesteve@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
---
hw/display/virtio-dmabuf.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/hw/display/virtio-dmabuf.c b/hw/display/virtio-dmabuf.c
index 3dba4577ca..5e0395be77 100644
--- a/hw/display/virtio-dmabuf.c
+++ b/hw/display/virtio-dmabuf.c
@@ -35,11 +35,13 @@ static bool virtio_add_resource(QemuUUID *uuid, VirtioSharedObject *value)
if (resource_uuids == NULL) {
resource_uuids = g_hash_table_new_full(qemu_uuid_hash,
uuid_equal_func,
- NULL,
+ g_free,
g_free);
}
if (g_hash_table_lookup(resource_uuids, uuid) == NULL) {
- g_hash_table_insert(resource_uuids, uuid, value);
+ g_hash_table_insert(resource_uuids,
+ g_memdup2(uuid, sizeof(*uuid)),
+ value);
} else {
result = false;
}
--
2.51.0
^ permalink raw reply related [flat|nested] 8+ messages in thread
* Re: [PATCH v2] virtio-dmabuf: Ensure UUID persistence for hash table insertion
2025-12-04 15:26 Dorinda Bassey
@ 2025-12-04 15:43 ` Michael S. Tsirkin
0 siblings, 0 replies; 8+ messages in thread
From: Michael S. Tsirkin @ 2025-12-04 15:43 UTC (permalink / raw)
To: Dorinda Bassey; +Cc: qemu-devel, sgarzare, aesteve, marcandre.lureau
On Thu, Dec 04, 2025 at 04:26:07PM +0100, Dorinda Bassey wrote:
> In `virtio_add_resource` function, the UUID used as a key for
> `g_hash_table_insert` was temporary, which could lead to
> invalid lookups when accessed later. This patch ensures that
> the UUID remains valid by duplicating it into a newly allocated
> memory space. The value is then inserted into the hash table
> with this persistent UUID key to ensure that the key stored in
> the hash table remains valid as long as the hash table entry
> exists.
>
> Fixes: faefdba847 ("hw/display: introduce virtio-dmabuf")
>
> Signed-off-by: Dorinda Bassey <dbassey@redhat.com>
>
> Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
> Reviewed-by: Albert Esteve <aesteve@redhat.com>
> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
all the trailers should be adjacent with no empty lines
in between. thanks!
> ---
> hw/display/virtio-dmabuf.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/hw/display/virtio-dmabuf.c b/hw/display/virtio-dmabuf.c
> index 3dba4577ca..5e0395be77 100644
> --- a/hw/display/virtio-dmabuf.c
> +++ b/hw/display/virtio-dmabuf.c
> @@ -35,11 +35,13 @@ static bool virtio_add_resource(QemuUUID *uuid, VirtioSharedObject *value)
> if (resource_uuids == NULL) {
> resource_uuids = g_hash_table_new_full(qemu_uuid_hash,
> uuid_equal_func,
> - NULL,
> + g_free,
> g_free);
> }
> if (g_hash_table_lookup(resource_uuids, uuid) == NULL) {
> - g_hash_table_insert(resource_uuids, uuid, value);
> + g_hash_table_insert(resource_uuids,
> + g_memdup2(uuid, sizeof(*uuid)),
> + value);
> } else {
> result = false;
> }
> --
> 2.51.0
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2025-12-04 15:44 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-11-07 18:00 [PATCH v2] virtio-dmabuf: Ensure UUID persistence for hash table insertion Dorinda Bassey
2024-11-08 9:29 ` Stefano Garzarella
2025-09-15 9:16 ` Dorinda Bassey
2025-09-15 9:23 ` Albert Esteve
2025-12-02 13:50 ` Marc-André Lureau
2025-12-02 14:01 ` Stefano Garzarella
-- strict thread matches above, loose matches on Subject: below --
2025-12-04 15:26 Dorinda Bassey
2025-12-04 15:43 ` Michael S. Tsirkin
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).