Commit 0739c2c6 authored by Cong Zhang's avatar Cong Zhang Committed by Jens Axboe
Browse files

virtio_blk: NULL out vqs to avoid double free on failed resume 



The vblk->vqs releases during freeze. If resume fails before vblk->vqs
is allocated, later freeze/remove may attempt to free vqs again.
Set vblk->vqs to NULL after freeing to avoid double free.

Signed-off-by: default avatarCong Zhang <cong.zhang@oss.qualcomm.com>
Acked-by: default avatarJason Wang <jasowang@redhat.com>
Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>
parent 3451cf34

drivers/block/virtio_blk.c

+12 −1
Original line number Diff line number Diff line
@@ -1027,8 +1027,13 @@ static int init_vq(struct virtio_blk *vblk) 
out:

	kfree(vqs);

	kfree(vqs_info);

	if (err)

	if (err) {

		kfree(vblk->vqs);

		/*

		 * Set to NULL to prevent freeing vqs again during freezing.

		 */

		vblk->vqs = NULL;

	}

	return err;

}
@@ -1599,6 +1604,12 @@ static int virtblk_freeze_priv(struct virtio_device *vdev) 


	vdev->config->del_vqs(vdev);

	kfree(vblk->vqs);

	/*

	 * Set to NULL to prevent freeing vqs again after a failed vqs

	 * allocation during resume. Note that kfree() already handles NULL

	 * pointers safely.

	 */

	vblk->vqs = NULL;



	return 0;

}