virtio_ring: check desc == NULL when using indirect with packed

[ Upstream commit fc6d70f40b3d0b3219e2026d05be0409695f620d ]

When using indirect with packed, we don't check for allocation failures.
This patch checks that and fall back on direct.

Fixes: 1ce9e6055fa0 ("virtio_ring: introduce packed ring support")
Signed-off-by: Xuan Zhuo <xuanzhuo@linux.alibaba.com>
Link: https://lore.kernel.org/r/20211020112323.67466-3-xuanzhuo@linux.alibaba.com
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c
index 6c730d6d50f711f24877489279b617d1c9fef7ff..e9432dbbec0a75587cda9bbf95b45b3fbc41375c 100644 (file)
--- a/drivers/virtio/virtio_ring.c
+++ b/drivers/virtio/virtio_ring.c
@@ -992,6 +992,8 @@ static int virtqueue_add_indirect_packed(struct vring_virtqueue *vq,
 
        head = vq->packed.next_avail_idx;
        desc = alloc_indirect_packed(total_sg, gfp);
+       if (!desc)
+               return -ENOMEM;
 
        if (unlikely(vq->vq.num_free < 1)) {
                pr_debug("Can't add buf len 1 - avail = 0\n");
@@ -1103,6 +1105,7 @@ static inline int virtqueue_add_packed(struct virtqueue *_vq,
        unsigned int i, n, c, descs_used, err_idx;
        __le16 head_flags, flags;
        u16 head, id, prev, curr, avail_used_flags;
+       int err;
 
        START_USE(vq);
 
@@ -1118,9 +1121,14 @@ static inline int virtqueue_add_packed(struct virtqueue *_vq,
 
        BUG_ON(total_sg == 0);
 
-       if (virtqueue_use_indirect(_vq, total_sg))
-               return virtqueue_add_indirect_packed(vq, sgs, total_sg,
-                               out_sgs, in_sgs, data, gfp);
+       if (virtqueue_use_indirect(_vq, total_sg)) {
+               err = virtqueue_add_indirect_packed(vq, sgs, total_sg, out_sgs,
+                                                   in_sgs, data, gfp);
+               if (err != -ENOMEM)
+                       return err;
+
+               /* fall back on direct */
+       }
 
        head = vq->packed.next_avail_idx;
        avail_used_flags = vq->packed.avail_used_flags;