| commit | 45d6cdff48356dc8974497ec0524f971b646dd70 | |
| author | Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> | |
| Wed, 21 Dec 2011 07:07:22 +0000 (21 12:37 +0530) | ||
| committer | Justin M. Forbes <jforbes@redhat.com> | |
| Tue, 10 Jan 2012 15:29:11 +0000 (10 09:29 -0600) | ||
| tree | 9dc8d1b85b019d807a72f68a05ea0e761326a7f3 | treesnapshot (tar.gz zip) |
| parent | ed6857bf98e6c8b8080be208ffe15bb678591466 | commitdiff |
hw/9pfs: replace iovec manipulation with QEMUIOVector
The v9fs_read() and v9fs_write() functions rely on iovec[] manipulation
code should be replaced with QEMUIOVector to avoid duplicating code.
In the future it may be possible to make the code even more concise by
using QEMUIOVector consistently across virtio and 9pfs.
The "v" format specifier for pdu_marshal() and pdu_unmarshal() is
dropped since it does not actually pack/unpack anything. The specifier
was also not implemented to update the offset variable and could only be
used at the end of a format string, another sign that this shouldn't
really be a format specifier. Instead, see the new
v9fs_init_qiov_from_pdu() function.
This change avoids a possible iovec[] buffer overflow when indirect
vrings are used since the number of vectors is now limited by the
underlying VirtQueueElement and cannot be out-of-bounds.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
The v9fs_read() and v9fs_write() functions rely on iovec[] manipulation
code should be replaced with QEMUIOVector to avoid duplicating code.
In the future it may be possible to make the code even more concise by
using QEMUIOVector consistently across virtio and 9pfs.
The "v" format specifier for pdu_marshal() and pdu_unmarshal() is
dropped since it does not actually pack/unpack anything. The specifier
was also not implemented to update the offset variable and could only be
used at the end of a format string, another sign that this shouldn't
really be a format specifier. Instead, see the new
v9fs_init_qiov_from_pdu() function.
This change avoids a possible iovec[] buffer overflow when indirect
vrings are used since the number of vectors is now limited by the
underlying VirtQueueElement and cannot be out-of-bounds.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
| hw/9pfs/virtio-9p.c | diffblobblamehistory |