On Wed, 1 Feb 2023 21:55:47 -0800
John Johnson <john.g.john...@oracle.com> wrote:
> diff --git a/hw/vfio/common.c b/hw/vfio/common.c
> index 792e247..d26b325 100644
> --- a/hw/vfio/common.c
> +++ b/hw/vfio/common.c
> @@ -1584,6 +1584,11 @@ int vfio_region_setup(Object *obj, VFIODevice
> *vbasedev, VFIORegion *region,
> region->size = info->size;
> region->fd_offset = info->offset;
> region->nr = index;
> + if (vbasedev->regfds != NULL) {
> + region->fd = vbasedev->regfds[index];
> + } else {
> + region->fd = vbasedev->fd;
> + }
>
> if (region->size) {
> region->mem = g_new0(MemoryRegion, 1);
> @@ -1635,7 +1640,7 @@ int vfio_region_mmap(VFIORegion *region)
>
> for (i = 0; i < region->nr_mmaps; i++) {
> region->mmaps[i].mmap = mmap(NULL, region->mmaps[i].size, prot,
> - MAP_SHARED, region->vbasedev->fd,
> + MAP_SHARED, region->fd,
> region->fd_offset +
> region->mmaps[i].offset);
> if (region->mmaps[i].mmap == MAP_FAILED) {
> @@ -2442,10 +2447,17 @@ void vfio_put_base_device(VFIODevice *vbasedev)
> int i;
>
> for (i = 0; i < vbasedev->num_regions; i++) {
> + if (vbasedev->regfds != NULL && vbasedev->regfds[i] != -1) {
> + close(vbasedev->regfds[i]);
> + }
There's an exit in vfio_get_region_info() where regfds is allocated and
the regfd[i] could still be zero initialized, ie. if .get_region_info()
fails. vfio_get_all_regions() ignores the return value of
vfio_get_region_info(). We could close(0) here. Thanks,
Alex
