From 01db417e0aee3e51df4f5f3775535fd1fb15e329 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 8 May 2024 19:45:30 +0200 Subject: Merging upstream version 5.10.216. Signed-off-by: Daniel Baumann --- drivers/vhost/vhost.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'drivers/vhost/vhost.c') diff --git a/drivers/vhost/vhost.c b/drivers/vhost/vhost.c index de110363a..8ed9c9b63 100644 --- a/drivers/vhost/vhost.c +++ b/drivers/vhost/vhost.c @@ -2513,9 +2513,19 @@ bool vhost_vq_avail_empty(struct vhost_dev *dev, struct vhost_virtqueue *vq) r = vhost_get_avail_idx(vq, &avail_idx); if (unlikely(r)) return false; + vq->avail_idx = vhost16_to_cpu(vq, avail_idx); + if (vq->avail_idx != vq->last_avail_idx) { + /* Since we have updated avail_idx, the following + * call to vhost_get_vq_desc() will read available + * ring entries. Make sure that read happens after + * the avail_idx read. + */ + smp_rmb(); + return false; + } - return vq->avail_idx == vq->last_avail_idx; + return true; } EXPORT_SYMBOL_GPL(vhost_vq_avail_empty); @@ -2577,12 +2587,11 @@ EXPORT_SYMBOL_GPL(vhost_disable_notify); /* Create a new message. */ struct vhost_msg_node *vhost_new_msg(struct vhost_virtqueue *vq, int type) { - struct vhost_msg_node *node = kmalloc(sizeof *node, GFP_KERNEL); + /* Make sure all padding within the structure is initialized. */ + struct vhost_msg_node *node = kzalloc(sizeof(*node), GFP_KERNEL); if (!node) return NULL; - /* Make sure all padding within the structure is initialized. */ - memset(&node->msg, 0, sizeof node->msg); node->vq = vq; node->msg.type = type; return node; -- cgit v1.2.3