thebeanogamer / rpms / qemu-kvm

Forked from rpms/qemu-kvm 5 months ago
Clone

Blame SOURCES/kvm-vhost-stop-transfer-elem-ownership-in-vhost_handle_g.patch

586cba
From 45305ab202fa2191962152e5a501a9a13e31a0b2 Mon Sep 17 00:00:00 2001
586cba
From: =?UTF-8?q?Eugenio=20P=C3=A9rez?= <eperezma@redhat.com>
586cba
Date: Tue, 23 Aug 2022 20:30:26 +0200
586cba
Subject: [PATCH 11/23] vhost: stop transfer elem ownership in
586cba
 vhost_handle_guest_kick
586cba
MIME-Version: 1.0
586cba
Content-Type: text/plain; charset=UTF-8
586cba
Content-Transfer-Encoding: 8bit
586cba
586cba
RH-Author: Eugenio Pérez <eperezma@redhat.com>
586cba
RH-MergeRequest: 116: vdpa: Restore device state on destination
586cba
RH-Bugzilla: 2114060
586cba
RH-Acked-by: Cindy Lu <lulu@redhat.com>
586cba
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
586cba
RH-Commit: [10/21] 697a5c0ad59efe27abf447f7965091993bc39756 (eperezmartin/qemu-kvm)
586cba
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2114060
586cba
Upstream status: git@github.com:jasowang/qemu.git net-next
586cba
586cba
It was easier to allow vhost_svq_add to handle the memory. Now that we
586cba
will allow qemu to add elements to a SVQ without the guest's knowledge,
586cba
it's better to handle it in the caller.
586cba
586cba
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
586cba
Acked-by: Jason Wang <jasowang@redhat.com>
586cba
Signed-off-by: Jason Wang <jasowang@redhat.com>
586cba
(cherry picked from commit eb42df8bb2c92a7313343d97409cd99ccba25b25)
586cba
---
586cba
 hw/virtio/vhost-shadow-virtqueue.c | 10 ++++------
586cba
 1 file changed, 4 insertions(+), 6 deletions(-)
586cba
586cba
diff --git a/hw/virtio/vhost-shadow-virtqueue.c b/hw/virtio/vhost-shadow-virtqueue.c
586cba
index f420311b89..2ae47d90a1 100644
586cba
--- a/hw/virtio/vhost-shadow-virtqueue.c
586cba
+++ b/hw/virtio/vhost-shadow-virtqueue.c
586cba
@@ -233,9 +233,6 @@ static void vhost_svq_kick(VhostShadowVirtqueue *svq)
586cba
 /**
586cba
  * Add an element to a SVQ.
586cba
  *
586cba
- * The caller must check that there is enough slots for the new element. It
586cba
- * takes ownership of the element: In case of failure not ENOSPC, it is free.
586cba
- *
586cba
  * Return -EINVAL if element is invalid, -ENOSPC if dev queue is full
586cba
  */
586cba
 int vhost_svq_add(VhostShadowVirtqueue *svq, const struct iovec *out_sg,
586cba
@@ -252,7 +249,6 @@ int vhost_svq_add(VhostShadowVirtqueue *svq, const struct iovec *out_sg,
586cba
 
586cba
     ok = vhost_svq_add_split(svq, out_sg, out_num, in_sg, in_num, &qemu_head);
586cba
     if (unlikely(!ok)) {
586cba
-        g_free(elem);
586cba
         return -EINVAL;
586cba
     }
586cba
 
586cba
@@ -293,7 +289,7 @@ static void vhost_handle_guest_kick(VhostShadowVirtqueue *svq)
586cba
         virtio_queue_set_notification(svq->vq, false);
586cba
 
586cba
         while (true) {
586cba
-            VirtQueueElement *elem;
586cba
+            g_autofree VirtQueueElement *elem;
586cba
             int r;
586cba
 
586cba
             if (svq->next_guest_avail_elem) {
586cba
@@ -324,12 +320,14 @@ static void vhost_handle_guest_kick(VhostShadowVirtqueue *svq)
586cba
                      * queue the current guest descriptor and ignore kicks
586cba
                      * until some elements are used.
586cba
                      */
586cba
-                    svq->next_guest_avail_elem = elem;
586cba
+                    svq->next_guest_avail_elem = g_steal_pointer(&elem);
586cba
                 }
586cba
 
586cba
                 /* VQ is full or broken, just return and ignore kicks */
586cba
                 return;
586cba
             }
586cba
+            /* elem belongs to SVQ or external caller now */
586cba
+            elem = NULL;
586cba
         }
586cba
 
586cba
         virtio_queue_set_notification(svq->vq, true);
586cba
-- 
586cba
2.31.1
586cba