Skip to content

Commit 7c05661

Browse files
CopilotCopilot
authored
[virtio] Fix queue_sel ordering in virtio_queue_init and virtio_queue_destroy #11114 
1 parent 4463dbc commit 7c05661

File tree

1 file changed

+10
-5
lines changed

1 file changed

+10
-5
lines changed

components/drivers/virtio/virtio.c

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -96,12 +96,16 @@ rt_err_t virtio_queue_init(struct virtio_device *dev, rt_uint32_t queue_index, r
9696

9797
_virtio_dev_check(dev);
9898

99-
RT_ASSERT(dev->mmio_config->queue_num_max > 0);
100-
RT_ASSERT(dev->mmio_config->queue_num_max > queue_index);
99+
RT_ASSERT(queue_index < dev->queues_num);
101100
/* ring_size is power of 2 */
102101
RT_ASSERT(ring_size > 0);
103102
RT_ASSERT(((ring_size - 1) & ring_size) == 0);
104103

104+
/* Select the queue first, then read queue_num_max */
105+
dev->mmio_config->queue_sel = queue_index;
106+
RT_ASSERT(dev->mmio_config->queue_num_max > 0);
107+
RT_ASSERT(ring_size <= dev->mmio_config->queue_num_max);
108+
105109
queue = &dev->queues[queue_index];
106110
pages_total_size = VIRTIO_PAGE_ALIGN(
107111
VIRTQ_DESC_TOTAL_SIZE(ring_size) + VIRTQ_AVAIL_TOTAL_SIZE(ring_size)) + VIRTQ_USED_TOTAL_SIZE(ring_size);
@@ -124,7 +128,6 @@ rt_err_t virtio_queue_init(struct virtio_device *dev, rt_uint32_t queue_index, r
124128
rt_memset(pages, 0, pages_total_size);
125129

126130
dev->mmio_config->guest_page_size = VIRTIO_PAGE_SIZE;
127-
dev->mmio_config->queue_sel = queue_index;
128131
dev->mmio_config->queue_num = ring_size;
129132
dev->mmio_config->queue_align = VIRTIO_PAGE_SIZE;
130133
dev->mmio_config->queue_pfn = VIRTIO_VA2PA(pages) >> VIRTIO_PAGE_SHIFT;
@@ -154,8 +157,11 @@ void virtio_queue_destroy(struct virtio_device *dev, rt_uint32_t queue_index)
154157

155158
_virtio_dev_check(dev);
156159

160+
RT_ASSERT(queue_index < dev->queues_num);
161+
162+
/* Select the queue first, then read queue_num_max */
163+
dev->mmio_config->queue_sel = queue_index;
157164
RT_ASSERT(dev->mmio_config->queue_num_max > 0);
158-
RT_ASSERT(dev->mmio_config->queue_num_max > queue_index);
159165

160166
queue = &dev->queues[queue_index];
161167

@@ -164,7 +170,6 @@ void virtio_queue_destroy(struct virtio_device *dev, rt_uint32_t queue_index)
164170
rt_free(queue->free);
165171
rt_free_align((void *)queue->desc);
166172

167-
dev->mmio_config->queue_sel = queue_index;
168173
dev->mmio_config->queue_pfn = RT_NULL;
169174

170175
queue->num = 0;

0 commit comments

Comments
 (0)