diff mbox series

usb: call usb_packet_cleanup on usb_packet_map failure

Message ID 20200901052723.15492-1-kraxel@redhat.com (mailing list archive)
State New, archived
Headers show
Series usb: call usb_packet_cleanup on usb_packet_map failure | expand

Commit Message

Gerd Hoffmann Sept. 1, 2020, 5:27 a.m. UTC 
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 hw/usb/hcd-ehci.c | 2 ++
 hw/usb/hcd-xhci.c | 1 +
 2 files changed, 3 insertions(+)

Comments

Philippe Mathieu-Daudé Sept. 1, 2020, 9:33 a.m. UTC | #1 
On 9/1/20 7:27 AM, Gerd Hoffmann wrote:

Reported-by: Prasad J Pandit <pjp@fedoraproject.org>

> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>

> ---
>  hw/usb/hcd-ehci.c | 2 ++
>  hw/usb/hcd-xhci.c | 1 +
>  2 files changed, 3 insertions(+)
> 
> diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
> index 2b995443fbfd..67847a9cf5f1 100644
> --- a/hw/usb/hcd-ehci.c
> +++ b/hw/usb/hcd-ehci.c
> @@ -1373,6 +1373,7 @@ static int ehci_execute(EHCIPacket *p, const char *action)
>          usb_packet_setup(&p->packet, p->pid, ep, 0, p->qtdaddr, spd,
>                           (p->qtd.token & QTD_TOKEN_IOC) != 0);
>          if (usb_packet_map(&p->packet, &p->sgl)) {
> +            usb_packet_cleanup(&p->packet);
>              qemu_sglist_destroy(&p->sgl);
>              return -1;
>          }
> @@ -1456,6 +1457,7 @@ static int ehci_process_itd(EHCIState *ehci,
>                  usb_packet_setup(&ehci->ipacket, pid, ep, 0, addr, false,
>                                   (itd->transact[i] & ITD_XACT_IOC) != 0);
>                  if (usb_packet_map(&ehci->ipacket, &ehci->isgl)) {
> +                    usb_packet_cleanup(&ehci->ipacket);
>                      qemu_sglist_destroy(&ehci->isgl);
>                      return -1;
>                  }
> diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
> index 46a2186d912a..9b156048920d 100644
> --- a/hw/usb/hcd-xhci.c
> +++ b/hw/usb/hcd-xhci.c
> @@ -1616,6 +1616,7 @@ static int xhci_setup_packet(XHCITransfer *xfer)
>      usb_packet_setup(&xfer->packet, dir, ep, xfer->streamid,
>                       xfer->trbs[0].addr, false, xfer->int_req);
>      if (usb_packet_map(&xfer->packet, &xfer->sgl)) {
> +        usb_packet_cleanup(&xfer->packet);
>          qemu_sglist_destroy(&xfer->sgl);
>          return -1;
>      }
>
Li Qiang Sept. 1, 2020, 9:51 a.m. UTC | #2 
Gerd Hoffmann <kraxel@redhat.com> 于2020年9月1日周二 下午1:28写道:
>
> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
> ---
>  hw/usb/hcd-ehci.c | 2 ++
>  hw/usb/hcd-xhci.c | 1 +
>  2 files changed, 3 insertions(+)
>
> diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
> index 2b995443fbfd..67847a9cf5f1 100644
> --- a/hw/usb/hcd-ehci.c
> +++ b/hw/usb/hcd-ehci.c
> @@ -1373,6 +1373,7 @@ static int ehci_execute(EHCIPacket *p, const char *action)
>          usb_packet_setup(&p->packet, p->pid, ep, 0, p->qtdaddr, spd,
>                           (p->qtd.token & QTD_TOKEN_IOC) != 0);

Hi Gerd,

’usb_packet_setup‘ doesn't modify the 'iov' and other resources.

'usb_packet_cleanup' is paired with 'usb_packet_init' which I think should be
processed in the more up layer.

If 'usb_packet_map' fails, we need to clean the 'iov' in
'usb_packet_map' itself.


Thanks,
Li Qiang

>          if (usb_packet_map(&p->packet, &p->sgl)) {
> +            usb_packet_cleanup(&p->packet);
>              qemu_sglist_destroy(&p->sgl);
>              return -1;
>          }
> @@ -1456,6 +1457,7 @@ static int ehci_process_itd(EHCIState *ehci,
>                  usb_packet_setup(&ehci->ipacket, pid, ep, 0, addr, false,
>                                   (itd->transact[i] & ITD_XACT_IOC) != 0);
>                  if (usb_packet_map(&ehci->ipacket, &ehci->isgl)) {
> +                    usb_packet_cleanup(&ehci->ipacket);
>                      qemu_sglist_destroy(&ehci->isgl);
>                      return -1;
>                  }
> diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
> index 46a2186d912a..9b156048920d 100644
> --- a/hw/usb/hcd-xhci.c
> +++ b/hw/usb/hcd-xhci.c
> @@ -1616,6 +1616,7 @@ static int xhci_setup_packet(XHCITransfer *xfer)
>      usb_packet_setup(&xfer->packet, dir, ep, xfer->streamid,
>                       xfer->trbs[0].addr, false, xfer->int_req);
>      if (usb_packet_map(&xfer->packet, &xfer->sgl)) {
> +        usb_packet_cleanup(&xfer->packet);
>          qemu_sglist_destroy(&xfer->sgl);
>          return -1;
>      }
> --
> 2.27.0
>
>
diff mbox series

Patch

diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
index 2b995443fbfd..67847a9cf5f1 100644
--- a/hw/usb/hcd-ehci.c
+++ b/hw/usb/hcd-ehci.c
@@ -1373,6 +1373,7 @@  static int ehci_execute(EHCIPacket *p, const char *action)
         usb_packet_setup(&p->packet, p->pid, ep, 0, p->qtdaddr, spd,
                          (p->qtd.token & QTD_TOKEN_IOC) != 0);
         if (usb_packet_map(&p->packet, &p->sgl)) {
+            usb_packet_cleanup(&p->packet);
             qemu_sglist_destroy(&p->sgl);
             return -1;
         }
@@ -1456,6 +1457,7 @@  static int ehci_process_itd(EHCIState *ehci,
                 usb_packet_setup(&ehci->ipacket, pid, ep, 0, addr, false,
                                  (itd->transact[i] & ITD_XACT_IOC) != 0);
                 if (usb_packet_map(&ehci->ipacket, &ehci->isgl)) {
+                    usb_packet_cleanup(&ehci->ipacket);
                     qemu_sglist_destroy(&ehci->isgl);
                     return -1;
                 }
diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
index 46a2186d912a..9b156048920d 100644
--- a/hw/usb/hcd-xhci.c
+++ b/hw/usb/hcd-xhci.c
@@ -1616,6 +1616,7 @@  static int xhci_setup_packet(XHCITransfer *xfer)
     usb_packet_setup(&xfer->packet, dir, ep, xfer->streamid,
                      xfer->trbs[0].addr, false, xfer->int_req);
     if (usb_packet_map(&xfer->packet, &xfer->sgl)) {
+        usb_packet_cleanup(&xfer->packet);
         qemu_sglist_destroy(&xfer->sgl);
         return -1;
     }