]> git.ipfire.org Git - thirdparty/qemu.git/commit
projects / thirdparty / qemu.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 433c71e) | patch
hw/nvme: fix aio cancel in flush
authorKlaus Jensen <k.jensen@samsung.com>
Thu, 10 Nov 2022 06:59:44 +0000 (07:59 +0100)
committerKlaus Jensen <k.jensen@samsung.com>
Thu, 1 Dec 2022 07:44:52 +0000 (08:44 +0100)
commit3dbc1708ea37d03dd18ce498039e31d8565e673a
tree476c6cb356c4285f6d45191184f9d603635fc8c3tree
parent433c71e494ec66a7455b8ef2e6b2b42118426e50commit | diff
hw/nvme: fix aio cancel in flush

Make sure that iocb->aiocb is NULL'ed when cancelling.

Fix a potential use-after-free by removing the bottom half and enqueuing
the completion directly.

Fixes: 38f4ac65ac88 ("hw/nvme: reimplement flush to allow cancellation")
Reviewed-by: Keith Busch <kbusch@kernel.org>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
hw/nvme/ctrl.c diff | blob | blame | history
Mirror of https://git.qemu.org/git/qemu.git