rpms / qemu-kvm

Clone
Source Code
GIT

Blame SOURCES/kvm-virtio-scsi-Fix-num_queue-input-validation.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-armhfp c7-beta c8-beta-stream-rhel c8-sig-altarch-stream-rhel c8-stream-rhel c8s-stream-rhel c9 c9-beta
  1.   c461a1ca0e247ad0c01dc9e217fa0203207c9414
  2.   SOURCES
  3.   kvm-virtio-scsi-Fix-num_queue-input-validation.patch
Blob History Raw
958e1b 
From 925c0124d8948ca9e2b9db5e5415beff758c752d Mon Sep 17 00:00:00 2001
958e1b 
From: Fam Zheng <famz@redhat.com>
958e1b 
Date: Tue, 4 Nov 2014 03:06:41 +0100
958e1b 
Subject: [PATCH 7/9] virtio-scsi: Fix num_queue input validation
958e1b
958e1b 
Message-id: <1415070401-21222-4-git-send-email-famz@redhat.com>
958e1b 
Patchwork-id: 62062
958e1b 
O-Subject: [RHEL-7.1 qemu-kvm PATCH v2 3/3] virtio-scsi: Fix num_queue input validation
958e1b 
Bugzilla: 1089606
958e1b 
RH-Acked-by: Markus Armbruster <armbru@redhat.com>
958e1b 
RH-Acked-by: Paolo Bonzini <pbonzini@redhat.com>
958e1b 
RH-Acked-by: Max Reitz <mreitz@redhat.com>
958e1b
958e1b 
We need to count the ctrlq and eventq, and also cleanup before
958e1b 
returning. Besides, the format string should be unsigned.
958e1b
958e1b 
The number could never be less than zero.
958e1b
958e1b 
Signed-off-by: Fam Zheng <famz@redhat.com>
958e1b 
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
958e1b 
(cherry picked from commit 0ba1f53191221b541b938df86a39eeccfb87f996)
958e1b 
Signed-off-by: Fam Zheng <famz@redhat.com>
958e1b 
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
958e1b
958e1b 
Conflicts:
958e1b 
	hw/scsi/virtio-scsi.c
958e1b 
Straightforward resolution.
958e1b 
---
958e1b 
 hw/scsi/virtio-scsi.c | 7 ++++---
958e1b 
 1 file changed, 4 insertions(+), 3 deletions(-)
958e1b
958e1b 
diff --git a/hw/scsi/virtio-scsi.c b/hw/scsi/virtio-scsi.c
958e1b 
index 13df89d..cda8f8a 100644
958e1b 
--- a/hw/scsi/virtio-scsi.c
958e1b 
+++ b/hw/scsi/virtio-scsi.c
958e1b 
@@ -605,10 +605,11 @@ int virtio_scsi_common_init(VirtIOSCSICommon *s)
958e1b 
     virtio_init(VIRTIO_DEVICE(s), "virtio-scsi", VIRTIO_ID_SCSI,
958e1b 
                 sizeof(VirtIOSCSIConfig));
958e1b
958e1b 
-    if (s->conf.num_queues <= 0 || s->conf.num_queues > VIRTIO_PCI_QUEUE_MAX) {
958e1b 
-        error_report("Invalid number of queues (= %" PRId32 "), "
958e1b 
+    if (s->conf.num_queues == 0 ||
958e1b 
+            s->conf.num_queues > VIRTIO_PCI_QUEUE_MAX - 2) {
958e1b 
+        error_report("Invalid number of queues (= %" PRIu32 "), "
958e1b 
                          "must be a positive integer less than %d.",
958e1b 
-                     s->conf.num_queues, VIRTIO_PCI_QUEUE_MAX);
958e1b 
+                     s->conf.num_queues, VIRTIO_PCI_QUEUE_MAX - 2);
958e1b 
         virtio_cleanup(vdev);
958e1b 
         return -1;
958e1b 
     }
958e1b 
--
958e1b 
1.8.3.1
958e1b

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation