[PATCH] virtio: update memory region cache when queue size changes

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH] virtio: update memory region cache when queue size changes

From:	Konstantin Khlebnikov
Subject:	[PATCH] virtio: update memory region cache when queue size changes
Date:	Thu, 10 Feb 2022 14:44:48 +0300
User-agent:	StGit/1.4.dev11+gd5bef96

Fuzzing found that queue size could be changed after writing queue address.
Resulting cached regions might be shorter than that and cause assert later.

Let's update cached memory regions after changing queue size.
This is no-op if queue address isn't set yet.

Buglink: https://gitlab.com/qemu-project/qemu/-/issues/781
Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
---
 hw/virtio/virtio.c |    1 +
 1 file changed, 1 insertion(+)

diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
index 9e8f51dfb0..cd525a0f9a 100644
--- a/hw/virtio/virtio.c
+++ b/hw/virtio/virtio.c
@@ -2245,6 +2245,7 @@ void virtio_queue_set_num(VirtIODevice *vdev, int n, int 
num)
         return;
     }
     vdev->vq[n].vring.num = num;
+    virtio_init_region_cache(vdev, n);
 }
 
 VirtQueue *virtio_vector_first_queue(VirtIODevice *vdev, uint16_t vector)

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH] virtio: update memory region cache when queue size changes, Konstantin Khlebnikov <=

Prev by Date: [PATCH] virtio-net: break gracefully on packet without valid header
Next by Date: [PATCH 1/2] vhost-user-blk: handle errors in vhost_user_blk_connect
Previous by thread: [PATCH] virtio-net: break gracefully on packet without valid header
Next by thread: [PATCH 1/2] vhost-user-blk: handle errors in vhost_user_blk_connect
Index(es):
- Date
- Thread