mirror of
https://github.com/torvalds/linux.git
synced 2025-12-07 20:06:24 +00:00
virtio_blk: NULL out vqs to avoid double free on failed resume
The vblk->vqs releases during freeze. If resume fails before vblk->vqs is allocated, later freeze/remove may attempt to free vqs again. Set vblk->vqs to NULL after freeing to avoid double free. Signed-off-by: Cong Zhang <cong.zhang@oss.qualcomm.com> Acked-by: Jason Wang <jasowang@redhat.com> Signed-off-by: Jens Axboe <axboe@kernel.dk>
This commit is contained in:
Cong Zhang
@@ -1027,8 +1027,13 @@ static int init_vq(struct virtio_blk *vblk)
|
|||||||
out:
|
out:
|
||||||
kfree(vqs);
|
kfree(vqs);
|
||||||
kfree(vqs_info);
|
kfree(vqs_info);
|
||||||
if (err)
|
if (err) {
|
||||||
kfree(vblk->vqs);
|
kfree(vblk->vqs);
|
||||||
|
/*
|
||||||
|
* Set to NULL to prevent freeing vqs again during freezing.
|
||||||
|
*/
|
||||||
|
vblk->vqs = NULL;
|
||||||
|
}
|
||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1599,6 +1604,12 @@ static int virtblk_freeze_priv(struct virtio_device *vdev)
|
|||||||
|
|
||||||
vdev->config->del_vqs(vdev);
|
vdev->config->del_vqs(vdev);
|
||||||
kfree(vblk->vqs);
|
kfree(vblk->vqs);
|
||||||
|
/*
|
||||||
|
* Set to NULL to prevent freeing vqs again after a failed vqs
|
||||||
|
* allocation during resume. Note that kfree() already handles NULL
|
||||||
|
* pointers safely.
|
||||||
|
*/
|
||||||
|
vblk->vqs = NULL;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user