rpms / qemu-kvm

Clone
Source Code
GIT

Blame SOURCES/kvm-virtio-scsi-Fix-num_queue-input-validation.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-armhfp c7-beta c8-beta-stream-rhel c8-sig-altarch-stream-rhel c8-stream-rhel c8s-stream-rhel c9 c9-beta
  1.   c7-beta
  2.   SOURCES
  3.   kvm-virtio-scsi-Fix-num_queue-input-validation.patch
Blob History Raw
9ae3a8 
From 925c0124d8948ca9e2b9db5e5415beff758c752d Mon Sep 17 00:00:00 2001
9ae3a8 
From: Fam Zheng <famz@redhat.com>
9ae3a8 
Date: Tue, 4 Nov 2014 03:06:41 +0100
9ae3a8 
Subject: [PATCH 7/9] virtio-scsi: Fix num_queue input validation
9ae3a8
9ae3a8 
Message-id: <1415070401-21222-4-git-send-email-famz@redhat.com>
9ae3a8 
Patchwork-id: 62062
9ae3a8 
O-Subject: [RHEL-7.1 qemu-kvm PATCH v2 3/3] virtio-scsi: Fix num_queue input validation
9ae3a8 
Bugzilla: 1089606
9ae3a8 
RH-Acked-by: Markus Armbruster <armbru@redhat.com>
9ae3a8 
RH-Acked-by: Paolo Bonzini <pbonzini@redhat.com>
9ae3a8 
RH-Acked-by: Max Reitz <mreitz@redhat.com>
9ae3a8
9ae3a8 
We need to count the ctrlq and eventq, and also cleanup before
9ae3a8 
returning. Besides, the format string should be unsigned.
9ae3a8
9ae3a8 
The number could never be less than zero.
9ae3a8
9ae3a8 
Signed-off-by: Fam Zheng <famz@redhat.com>
9ae3a8 
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
9ae3a8 
(cherry picked from commit 0ba1f53191221b541b938df86a39eeccfb87f996)
9ae3a8 
Signed-off-by: Fam Zheng <famz@redhat.com>
9ae3a8 
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
9ae3a8
9ae3a8 
Conflicts:
9ae3a8 
	hw/scsi/virtio-scsi.c
9ae3a8 
Straightforward resolution.
9ae3a8 
---
9ae3a8 
 hw/scsi/virtio-scsi.c | 7 ++++---
9ae3a8 
 1 file changed, 4 insertions(+), 3 deletions(-)
9ae3a8
9ae3a8 
diff --git a/hw/scsi/virtio-scsi.c b/hw/scsi/virtio-scsi.c
9ae3a8 
index 13df89d..cda8f8a 100644
9ae3a8 
--- a/hw/scsi/virtio-scsi.c
9ae3a8 
+++ b/hw/scsi/virtio-scsi.c
9ae3a8 
@@ -605,10 +605,11 @@ int virtio_scsi_common_init(VirtIOSCSICommon *s)
9ae3a8 
     virtio_init(VIRTIO_DEVICE(s), "virtio-scsi", VIRTIO_ID_SCSI,
9ae3a8 
                 sizeof(VirtIOSCSIConfig));
9ae3a8
9ae3a8 
-    if (s->conf.num_queues <= 0 || s->conf.num_queues > VIRTIO_PCI_QUEUE_MAX) {
9ae3a8 
-        error_report("Invalid number of queues (= %" PRId32 "), "
9ae3a8 
+    if (s->conf.num_queues == 0 ||
9ae3a8 
+            s->conf.num_queues > VIRTIO_PCI_QUEUE_MAX - 2) {
9ae3a8 
+        error_report("Invalid number of queues (= %" PRIu32 "), "
9ae3a8 
                          "must be a positive integer less than %d.",
9ae3a8 
-                     s->conf.num_queues, VIRTIO_PCI_QUEUE_MAX);
9ae3a8 
+                     s->conf.num_queues, VIRTIO_PCI_QUEUE_MAX - 2);
9ae3a8 
         virtio_cleanup(vdev);
9ae3a8 
         return -1;
9ae3a8 
     }
9ae3a8 
--
9ae3a8 
1.8.3.1
9ae3a8

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation