DPDK patches and discussions
 help / color / mirror / Atom feed
* [dpdk-dev] [PATCH] mem: improve parameter checking on memory hotplug
@ 2021-01-15 12:15 Anatoly Burakov
  2021-01-18  8:26 ` David Marchand
  2021-01-18 15:41 ` [dpdk-dev] [PATCH v2] " Anatoly Burakov
  0 siblings, 2 replies; 8+ messages in thread
From: Anatoly Burakov @ 2021-01-15 12:15 UTC (permalink / raw)
  To: dev

Currently, we don't check anything that comes in through memory hotplug
subsystem using the IPC, because we always assume the data is correct.
This is okay as anyone having access to the IPC socket would also have
rights to crash the DPDK process through other means, but it's still a
good practice to do parameter checking, so fix the code to do that.

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
---
 lib/librte_eal/common/malloc_heap.c |  3 +-
 lib/librte_eal/common/malloc_mp.c   | 70 +++++++++++++++++++++++++----
 lib/librte_eal/common/malloc_mp.h   |  2 +-
 3 files changed, 65 insertions(+), 10 deletions(-)

diff --git a/lib/librte_eal/common/malloc_heap.c b/lib/librte_eal/common/malloc_heap.c
index 5a09247a65..ee400f38ec 100644
--- a/lib/librte_eal/common/malloc_heap.c
+++ b/lib/librte_eal/common/malloc_heap.c
@@ -460,6 +460,7 @@ try_expand_heap_secondary(struct malloc_heap *heap, uint64_t pg_sz,
 		size_t elt_size, int socket, unsigned int flags, size_t align,
 		size_t bound, bool contig)
 {
+	struct rte_mem_config *mcfg = rte_eal_get_configuration()->mem_config;
 	struct malloc_mp_req req;
 	int req_result;
 
@@ -473,7 +474,7 @@ try_expand_heap_secondary(struct malloc_heap *heap, uint64_t pg_sz,
 	req.alloc_req.elt_size = elt_size;
 	req.alloc_req.page_sz = pg_sz;
 	req.alloc_req.socket = socket;
-	req.alloc_req.heap = heap; /* it's in shared memory */
+	req.alloc_req.malloc_heap_idx = heap - mcfg->malloc_heaps;
 
 	req_result = request_to_primary(&req);
 
diff --git a/lib/librte_eal/common/malloc_mp.c b/lib/librte_eal/common/malloc_mp.c
index 1f212f8349..1b0e15b518 100644
--- a/lib/librte_eal/common/malloc_mp.c
+++ b/lib/librte_eal/common/malloc_mp.c
@@ -11,6 +11,7 @@
 
 #include "eal_memalloc.h"
 #include "eal_memcfg.h"
+#include "eal_private.h"
 
 #include "malloc_elem.h"
 #include "malloc_mp.h"
@@ -175,10 +176,49 @@ handle_sync(const struct rte_mp_msg *msg, const void *peer)
 	return 0;
 }
 
+static int
+handle_free_request(const struct malloc_mp_req *m)
+{
+	const struct rte_memseg_list *msl;
+	void *start, *end;
+	uint64_t len;
+
+	len = m->free_req.len;
+	start = m->free_req.addr;
+	end = RTE_PTR_ADD(start, len - 1);
+
+	/* check if the requested memory actually exists */
+	msl = rte_mem_virt2memseg_list(start);
+	if (msl == NULL) {
+		RTE_LOG(ERR, EAL, "Requested to free unknown memory\n");
+		return -1;
+	}
+
+	/* check if end is within the same memory region */
+	if (rte_mem_virt2memseg_list(end) != msl) {
+		RTE_LOG(ERR, EAL, "Requested to free memory spanning multiple regions\n");
+		return -1;
+	}
+
+	/* we're supposed to only free memory that's not external */
+	if (msl->external) {
+		RTE_LOG(ERR, EAL, "Requested to free external memory\n");
+		return -1;
+	}
+
+	/* now that we've validated the request, time for a PSA */
+	eal_memalloc_mem_event_notify(RTE_MEM_EVENT_FREE,
+			m->free_req.addr, m->free_req.len);
+
+	/* now, do the actual freeing */
+	return malloc_heap_free_pages(m->free_req.addr, m->free_req.len);
+}
+
 static int
 handle_alloc_request(const struct malloc_mp_req *m,
 		struct mp_request *req)
 {
+	struct rte_mem_config *mcfg = rte_eal_get_configuration()->mem_config;
 	const struct malloc_req_alloc *ar = &m->alloc_req;
 	struct malloc_heap *heap;
 	struct malloc_elem *elem;
@@ -187,17 +227,35 @@ handle_alloc_request(const struct malloc_mp_req *m,
 	int n_segs;
 	void *map_addr;
 
+	/* this is checked by the API, but we need to prevent divide by zero */
+	if (ar->page_sz == 0 || !rte_is_power_of_2(ar->page_sz)) {
+		RTE_LOG(ERR, EAL, "Attempting to allocate with page size\n");
+		return -1;
+	}
+
+	/* heap idx is index into the heap array, not socket ID */
+	if (ar->malloc_heap_idx >= RTE_MAX_HEAPS) {
+		RTE_LOG(ERR, EAL, "Attempting to allocate from invalid heap\n");
+		return -1;
+	}
+
+	heap = &mcfg->malloc_heaps[ar->malloc_heap_idx];
+
+	/* for allocations, we must only use internal heaps */
+	if (rte_malloc_heap_socket_is_external(heap->socket_id)) {
+		RTE_LOG(ERR, EAL, "Attempting to allocate from external heap\n");
+		return -1;
+	}
+
 	alloc_sz = RTE_ALIGN_CEIL(ar->align + ar->elt_size +
 			MALLOC_ELEM_TRAILER_LEN, ar->page_sz);
 	n_segs = alloc_sz / ar->page_sz;
 
-	heap = ar->heap;
-
 	/* we can't know in advance how many pages we'll need, so we malloc */
 	ms = malloc(sizeof(*ms) * n_segs);
 	if (ms == NULL) {
 		RTE_LOG(ERR, EAL, "Couldn't allocate memory for request state\n");
-		goto fail;
+		return -1;
 	}
 	memset(ms, 0, sizeof(*ms) * n_segs);
 
@@ -261,11 +319,7 @@ handle_request(const struct rte_mp_msg *msg, const void *peer __rte_unused)
 	if (m->t == REQ_TYPE_ALLOC) {
 		ret = handle_alloc_request(m, entry);
 	} else if (m->t == REQ_TYPE_FREE) {
-		eal_memalloc_mem_event_notify(RTE_MEM_EVENT_FREE,
-				m->free_req.addr, m->free_req.len);
-
-		ret = malloc_heap_free_pages(m->free_req.addr,
-				m->free_req.len);
+		ret = handle_free_request(m);
 	} else {
 		RTE_LOG(ERR, EAL, "Unexpected request from secondary\n");
 		goto fail;
diff --git a/lib/librte_eal/common/malloc_mp.h b/lib/librte_eal/common/malloc_mp.h
index 2b86b76f68..015b7ec393 100644
--- a/lib/librte_eal/common/malloc_mp.h
+++ b/lib/librte_eal/common/malloc_mp.h
@@ -30,7 +30,7 @@ enum malloc_req_result {
 };
 
 struct malloc_req_alloc {
-	struct malloc_heap *heap;
+	uint32_t malloc_heap_idx;
 	uint64_t page_sz;
 	size_t elt_size;
 	int socket;
-- 
2.25.1

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [dpdk-dev] [PATCH] mem: improve parameter checking on memory hotplug
  2021-01-15 12:15 [dpdk-dev] [PATCH] mem: improve parameter checking on memory hotplug Anatoly Burakov
@ 2021-01-18  8:26 ` David Marchand
  2021-01-18 11:37   ` Burakov, Anatoly
  2021-01-18 15:41 ` [dpdk-dev] [PATCH v2] " Anatoly Burakov
  1 sibling, 1 reply; 8+ messages in thread
From: David Marchand @ 2021-01-18  8:26 UTC (permalink / raw)
  To: Anatoly Burakov; +Cc: dev

On Fri, Jan 15, 2021 at 1:15 PM Anatoly Burakov
<anatoly.burakov@intel.com> wrote:
>
> Currently, we don't check anything that comes in through memory hotplug
> subsystem using the IPC, because we always assume the data is correct.
> This is okay as anyone having access to the IPC socket would also have
> rights to crash the DPDK process through other means, but it's still a
> good practice to do parameter checking, so fix the code to do that.

Intel CI and GHA caught an issue on 32bits builds:
https://github.com/ovsrobot/dpdk/runs/1708623050?check_suite_focus=true#step:14:558

-- 
David Marchand


^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [dpdk-dev] [PATCH] mem: improve parameter checking on memory hotplug
  2021-01-18  8:26 ` David Marchand
@ 2021-01-18 11:37   ` Burakov, Anatoly
  0 siblings, 0 replies; 8+ messages in thread
From: Burakov, Anatoly @ 2021-01-18 11:37 UTC (permalink / raw)
  To: David Marchand; +Cc: dev

On 18-Jan-21 8:26 AM, David Marchand wrote:
> On Fri, Jan 15, 2021 at 1:15 PM Anatoly Burakov
> <anatoly.burakov@intel.com> wrote:
>>
>> Currently, we don't check anything that comes in through memory hotplug
>> subsystem using the IPC, because we always assume the data is correct.
>> This is okay as anyone having access to the IPC socket would also have
>> rights to crash the DPDK process through other means, but it's still a
>> good practice to do parameter checking, so fix the code to do that.
> 
> Intel CI and GHA caught an issue on 32bits builds:
> https://github.com/ovsrobot/dpdk/runs/1708623050?check_suite_focus=true#step:14:558
> 

Yep, saw that, will fix.

-- 
Thanks,
Anatoly

^ permalink raw reply	[flat|nested] 8+ messages in thread

* [dpdk-dev] [PATCH v2] mem: improve parameter checking on memory hotplug
  2021-01-15 12:15 [dpdk-dev] [PATCH] mem: improve parameter checking on memory hotplug Anatoly Burakov
  2021-01-18  8:26 ` David Marchand
@ 2021-01-18 15:41 ` Anatoly Burakov
  2021-01-19 23:39   ` Thomas Monjalon
  2021-01-22 17:17   ` [dpdk-dev] [PATCH v3] " Anatoly Burakov
  1 sibling, 2 replies; 8+ messages in thread
From: Anatoly Burakov @ 2021-01-18 15:41 UTC (permalink / raw)
  To: dev

Currently, we don't check anything that comes in through memory hotplug
subsystem using the IPC, because we always assume the data is correct.
This is okay as anyone having access to the IPC socket would also have
rights to crash the DPDK process through other means, but it's still a
good practice to do parameter checking, so fix the code to do that.

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
---

Notes:
    v2:
    - Fixed 32-bit compile issues

 lib/librte_eal/common/malloc_heap.c |  3 +-
 lib/librte_eal/common/malloc_mp.c   | 70 +++++++++++++++++++++++++----
 lib/librte_eal/common/malloc_mp.h   |  4 +-
 3 files changed, 66 insertions(+), 11 deletions(-)

diff --git a/lib/librte_eal/common/malloc_heap.c b/lib/librte_eal/common/malloc_heap.c
index 5a09247a65..ee400f38ec 100644
--- a/lib/librte_eal/common/malloc_heap.c
+++ b/lib/librte_eal/common/malloc_heap.c
@@ -460,6 +460,7 @@ try_expand_heap_secondary(struct malloc_heap *heap, uint64_t pg_sz,
 		size_t elt_size, int socket, unsigned int flags, size_t align,
 		size_t bound, bool contig)
 {
+	struct rte_mem_config *mcfg = rte_eal_get_configuration()->mem_config;
 	struct malloc_mp_req req;
 	int req_result;
 
@@ -473,7 +474,7 @@ try_expand_heap_secondary(struct malloc_heap *heap, uint64_t pg_sz,
 	req.alloc_req.elt_size = elt_size;
 	req.alloc_req.page_sz = pg_sz;
 	req.alloc_req.socket = socket;
-	req.alloc_req.heap = heap; /* it's in shared memory */
+	req.alloc_req.malloc_heap_idx = heap - mcfg->malloc_heaps;
 
 	req_result = request_to_primary(&req);
 
diff --git a/lib/librte_eal/common/malloc_mp.c b/lib/librte_eal/common/malloc_mp.c
index 1f212f8349..a3ba62678b 100644
--- a/lib/librte_eal/common/malloc_mp.c
+++ b/lib/librte_eal/common/malloc_mp.c
@@ -11,6 +11,7 @@
 
 #include "eal_memalloc.h"
 #include "eal_memcfg.h"
+#include "eal_private.h"
 
 #include "malloc_elem.h"
 #include "malloc_mp.h"
@@ -175,10 +176,49 @@ handle_sync(const struct rte_mp_msg *msg, const void *peer)
 	return 0;
 }
 
+static int
+handle_free_request(const struct malloc_mp_req *m)
+{
+	const struct rte_memseg_list *msl;
+	void *start, *end;
+	size_t len;
+
+	len = m->free_req.len;
+	start = m->free_req.addr;
+	end = RTE_PTR_ADD(start, len - 1);
+
+	/* check if the requested memory actually exists */
+	msl = rte_mem_virt2memseg_list(start);
+	if (msl == NULL) {
+		RTE_LOG(ERR, EAL, "Requested to free unknown memory\n");
+		return -1;
+	}
+
+	/* check if end is within the same memory region */
+	if (rte_mem_virt2memseg_list(end) != msl) {
+		RTE_LOG(ERR, EAL, "Requested to free memory spanning multiple regions\n");
+		return -1;
+	}
+
+	/* we're supposed to only free memory that's not external */
+	if (msl->external) {
+		RTE_LOG(ERR, EAL, "Requested to free external memory\n");
+		return -1;
+	}
+
+	/* now that we've validated the request, time for a PSA */
+	eal_memalloc_mem_event_notify(RTE_MEM_EVENT_FREE,
+			m->free_req.addr, m->free_req.len);
+
+	/* now, do the actual freeing */
+	return malloc_heap_free_pages(m->free_req.addr, m->free_req.len);
+}
+
 static int
 handle_alloc_request(const struct malloc_mp_req *m,
 		struct mp_request *req)
 {
+	struct rte_mem_config *mcfg = rte_eal_get_configuration()->mem_config;
 	const struct malloc_req_alloc *ar = &m->alloc_req;
 	struct malloc_heap *heap;
 	struct malloc_elem *elem;
@@ -187,17 +227,35 @@ handle_alloc_request(const struct malloc_mp_req *m,
 	int n_segs;
 	void *map_addr;
 
+	/* this is checked by the API, but we need to prevent divide by zero */
+	if (ar->page_sz == 0 || !rte_is_power_of_2(ar->page_sz)) {
+		RTE_LOG(ERR, EAL, "Attempting to allocate with page size\n");
+		return -1;
+	}
+
+	/* heap idx is index into the heap array, not socket ID */
+	if (ar->malloc_heap_idx >= RTE_MAX_HEAPS) {
+		RTE_LOG(ERR, EAL, "Attempting to allocate from invalid heap\n");
+		return -1;
+	}
+
+	heap = &mcfg->malloc_heaps[ar->malloc_heap_idx];
+
+	/* for allocations, we must only use internal heaps */
+	if (rte_malloc_heap_socket_is_external(heap->socket_id)) {
+		RTE_LOG(ERR, EAL, "Attempting to allocate from external heap\n");
+		return -1;
+	}
+
 	alloc_sz = RTE_ALIGN_CEIL(ar->align + ar->elt_size +
 			MALLOC_ELEM_TRAILER_LEN, ar->page_sz);
 	n_segs = alloc_sz / ar->page_sz;
 
-	heap = ar->heap;
-
 	/* we can't know in advance how many pages we'll need, so we malloc */
 	ms = malloc(sizeof(*ms) * n_segs);
 	if (ms == NULL) {
 		RTE_LOG(ERR, EAL, "Couldn't allocate memory for request state\n");
-		goto fail;
+		return -1;
 	}
 	memset(ms, 0, sizeof(*ms) * n_segs);
 
@@ -261,11 +319,7 @@ handle_request(const struct rte_mp_msg *msg, const void *peer __rte_unused)
 	if (m->t == REQ_TYPE_ALLOC) {
 		ret = handle_alloc_request(m, entry);
 	} else if (m->t == REQ_TYPE_FREE) {
-		eal_memalloc_mem_event_notify(RTE_MEM_EVENT_FREE,
-				m->free_req.addr, m->free_req.len);
-
-		ret = malloc_heap_free_pages(m->free_req.addr,
-				m->free_req.len);
+		ret = handle_free_request(m);
 	} else {
 		RTE_LOG(ERR, EAL, "Unexpected request from secondary\n");
 		goto fail;
diff --git a/lib/librte_eal/common/malloc_mp.h b/lib/librte_eal/common/malloc_mp.h
index 2b86b76f68..0095062b72 100644
--- a/lib/librte_eal/common/malloc_mp.h
+++ b/lib/librte_eal/common/malloc_mp.h
@@ -30,7 +30,7 @@ enum malloc_req_result {
 };
 
 struct malloc_req_alloc {
-	struct malloc_heap *heap;
+	uint32_t malloc_heap_idx;
 	uint64_t page_sz;
 	size_t elt_size;
 	int socket;
@@ -46,7 +46,7 @@ struct malloc_req_free {
 		void *addr;
 		uint64_t addr_64;
 	};
-	uint64_t len;
+	size_t len;
 };
 
 struct malloc_mp_req {
-- 
2.25.1

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [dpdk-dev] [PATCH v2] mem: improve parameter checking on memory hotplug
  2021-01-18 15:41 ` [dpdk-dev] [PATCH v2] " Anatoly Burakov
@ 2021-01-19 23:39   ` Thomas Monjalon
  2021-01-21 10:52     ` Burakov, Anatoly
  2021-01-22 17:17   ` [dpdk-dev] [PATCH v3] " Anatoly Burakov
  1 sibling, 1 reply; 8+ messages in thread
From: Thomas Monjalon @ 2021-01-19 23:39 UTC (permalink / raw)
  To: Anatoly Burakov; +Cc: dev

18/01/2021 16:41, Anatoly Burakov:
> +	/* now that we've validated the request, time for a PSA */

What is PSA?

> +	eal_memalloc_mem_event_notify(RTE_MEM_EVENT_FREE,
> +			m->free_req.addr, m->free_req.len);
[...]

> +	/* this is checked by the API, but we need to prevent divide by zero */
> +	if (ar->page_sz == 0 || !rte_is_power_of_2(ar->page_sz)) {
> +		RTE_LOG(ERR, EAL, "Attempting to allocate with page size\n");

Is there a missing part in the log message?




^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [dpdk-dev] [PATCH v2] mem: improve parameter checking on memory hotplug
  2021-01-19 23:39   ` Thomas Monjalon
@ 2021-01-21 10:52     ` Burakov, Anatoly
  0 siblings, 0 replies; 8+ messages in thread
From: Burakov, Anatoly @ 2021-01-21 10:52 UTC (permalink / raw)
  To: Thomas Monjalon; +Cc: dev

On 19-Jan-21 11:39 PM, Thomas Monjalon wrote:
> 18/01/2021 16:41, Anatoly Burakov:
>> +	/* now that we've validated the request, time for a PSA */
> 
> What is PSA?

Public Service Announcement :)

> 
>> +	eal_memalloc_mem_event_notify(RTE_MEM_EVENT_FREE,
>> +			m->free_req.addr, m->free_req.len);
> [...]
> 
>> +	/* this is checked by the API, but we need to prevent divide by zero */
>> +	if (ar->page_sz == 0 || !rte_is_power_of_2(ar->page_sz)) {
>> +		RTE_LOG(ERR, EAL, "Attempting to allocate with page size\n");
> 
> Is there a missing part in the log message?
> 

Seems like it. I'll resubmit.

-- 
Thanks,
Anatoly

^ permalink raw reply	[flat|nested] 8+ messages in thread

* [dpdk-dev] [PATCH v3] mem: improve parameter checking on memory hotplug
  2021-01-18 15:41 ` [dpdk-dev] [PATCH v2] " Anatoly Burakov
  2021-01-19 23:39   ` Thomas Monjalon
@ 2021-01-22 17:17   ` Anatoly Burakov
  2021-01-27 13:23     ` Thomas Monjalon
  1 sibling, 1 reply; 8+ messages in thread
From: Anatoly Burakov @ 2021-01-22 17:17 UTC (permalink / raw)
  To: dev

Currently, we don't check anything that comes in through memory hotplug
subsystem using the IPC, because we always assume the data is correct.
This is okay as anyone having access to the IPC socket would also have
rights to crash the DPDK process through other means, but it's still a
good practice to do parameter checking, so fix the code to do that.

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
---

Notes:
    v3:
    - Fixed typos
    
    v2:
    - Fixed 32-bit compile issues

 lib/librte_eal/common/malloc_heap.c |  3 +-
 lib/librte_eal/common/malloc_mp.c   | 70 +++++++++++++++++++++++++----
 lib/librte_eal/common/malloc_mp.h   |  4 +-
 3 files changed, 66 insertions(+), 11 deletions(-)

diff --git a/lib/librte_eal/common/malloc_heap.c b/lib/librte_eal/common/malloc_heap.c
index 5a09247a65..ee400f38ec 100644
--- a/lib/librte_eal/common/malloc_heap.c
+++ b/lib/librte_eal/common/malloc_heap.c
@@ -460,6 +460,7 @@ try_expand_heap_secondary(struct malloc_heap *heap, uint64_t pg_sz,
 		size_t elt_size, int socket, unsigned int flags, size_t align,
 		size_t bound, bool contig)
 {
+	struct rte_mem_config *mcfg = rte_eal_get_configuration()->mem_config;
 	struct malloc_mp_req req;
 	int req_result;
 
@@ -473,7 +474,7 @@ try_expand_heap_secondary(struct malloc_heap *heap, uint64_t pg_sz,
 	req.alloc_req.elt_size = elt_size;
 	req.alloc_req.page_sz = pg_sz;
 	req.alloc_req.socket = socket;
-	req.alloc_req.heap = heap; /* it's in shared memory */
+	req.alloc_req.malloc_heap_idx = heap - mcfg->malloc_heaps;
 
 	req_result = request_to_primary(&req);
 
diff --git a/lib/librte_eal/common/malloc_mp.c b/lib/librte_eal/common/malloc_mp.c
index 1f212f8349..0b19d4d5fb 100644
--- a/lib/librte_eal/common/malloc_mp.c
+++ b/lib/librte_eal/common/malloc_mp.c
@@ -11,6 +11,7 @@
 
 #include "eal_memalloc.h"
 #include "eal_memcfg.h"
+#include "eal_private.h"
 
 #include "malloc_elem.h"
 #include "malloc_mp.h"
@@ -175,10 +176,49 @@ handle_sync(const struct rte_mp_msg *msg, const void *peer)
 	return 0;
 }
 
+static int
+handle_free_request(const struct malloc_mp_req *m)
+{
+	const struct rte_memseg_list *msl;
+	void *start, *end;
+	size_t len;
+
+	len = m->free_req.len;
+	start = m->free_req.addr;
+	end = RTE_PTR_ADD(start, len - 1);
+
+	/* check if the requested memory actually exists */
+	msl = rte_mem_virt2memseg_list(start);
+	if (msl == NULL) {
+		RTE_LOG(ERR, EAL, "Requested to free unknown memory\n");
+		return -1;
+	}
+
+	/* check if end is within the same memory region */
+	if (rte_mem_virt2memseg_list(end) != msl) {
+		RTE_LOG(ERR, EAL, "Requested to free memory spanning multiple regions\n");
+		return -1;
+	}
+
+	/* we're supposed to only free memory that's not external */
+	if (msl->external) {
+		RTE_LOG(ERR, EAL, "Requested to free external memory\n");
+		return -1;
+	}
+
+	/* now that we've validated the request, announce it */
+	eal_memalloc_mem_event_notify(RTE_MEM_EVENT_FREE,
+			m->free_req.addr, m->free_req.len);
+
+	/* now, do the actual freeing */
+	return malloc_heap_free_pages(m->free_req.addr, m->free_req.len);
+}
+
 static int
 handle_alloc_request(const struct malloc_mp_req *m,
 		struct mp_request *req)
 {
+	struct rte_mem_config *mcfg = rte_eal_get_configuration()->mem_config;
 	const struct malloc_req_alloc *ar = &m->alloc_req;
 	struct malloc_heap *heap;
 	struct malloc_elem *elem;
@@ -187,17 +227,35 @@ handle_alloc_request(const struct malloc_mp_req *m,
 	int n_segs;
 	void *map_addr;
 
+	/* this is checked by the API, but we need to prevent divide by zero */
+	if (ar->page_sz == 0 || !rte_is_power_of_2(ar->page_sz)) {
+		RTE_LOG(ERR, EAL, "Attempting to allocate with invalid page size\n");
+		return -1;
+	}
+
+	/* heap idx is index into the heap array, not socket ID */
+	if (ar->malloc_heap_idx >= RTE_MAX_HEAPS) {
+		RTE_LOG(ERR, EAL, "Attempting to allocate from invalid heap\n");
+		return -1;
+	}
+
+	heap = &mcfg->malloc_heaps[ar->malloc_heap_idx];
+
+	/* for allocations, we must only use internal heaps */
+	if (rte_malloc_heap_socket_is_external(heap->socket_id)) {
+		RTE_LOG(ERR, EAL, "Attempting to allocate from external heap\n");
+		return -1;
+	}
+
 	alloc_sz = RTE_ALIGN_CEIL(ar->align + ar->elt_size +
 			MALLOC_ELEM_TRAILER_LEN, ar->page_sz);
 	n_segs = alloc_sz / ar->page_sz;
 
-	heap = ar->heap;
-
 	/* we can't know in advance how many pages we'll need, so we malloc */
 	ms = malloc(sizeof(*ms) * n_segs);
 	if (ms == NULL) {
 		RTE_LOG(ERR, EAL, "Couldn't allocate memory for request state\n");
-		goto fail;
+		return -1;
 	}
 	memset(ms, 0, sizeof(*ms) * n_segs);
 
@@ -261,11 +319,7 @@ handle_request(const struct rte_mp_msg *msg, const void *peer __rte_unused)
 	if (m->t == REQ_TYPE_ALLOC) {
 		ret = handle_alloc_request(m, entry);
 	} else if (m->t == REQ_TYPE_FREE) {
-		eal_memalloc_mem_event_notify(RTE_MEM_EVENT_FREE,
-				m->free_req.addr, m->free_req.len);
-
-		ret = malloc_heap_free_pages(m->free_req.addr,
-				m->free_req.len);
+		ret = handle_free_request(m);
 	} else {
 		RTE_LOG(ERR, EAL, "Unexpected request from secondary\n");
 		goto fail;
diff --git a/lib/librte_eal/common/malloc_mp.h b/lib/librte_eal/common/malloc_mp.h
index 2b86b76f68..0095062b72 100644
--- a/lib/librte_eal/common/malloc_mp.h
+++ b/lib/librte_eal/common/malloc_mp.h
@@ -30,7 +30,7 @@ enum malloc_req_result {
 };
 
 struct malloc_req_alloc {
-	struct malloc_heap *heap;
+	uint32_t malloc_heap_idx;
 	uint64_t page_sz;
 	size_t elt_size;
 	int socket;
@@ -46,7 +46,7 @@ struct malloc_req_free {
 		void *addr;
 		uint64_t addr_64;
 	};
-	uint64_t len;
+	size_t len;
 };
 
 struct malloc_mp_req {
-- 
2.25.1

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [dpdk-dev] [PATCH v3] mem: improve parameter checking on memory hotplug
  2021-01-22 17:17   ` [dpdk-dev] [PATCH v3] " Anatoly Burakov
@ 2021-01-27 13:23     ` Thomas Monjalon
  0 siblings, 0 replies; 8+ messages in thread
From: Thomas Monjalon @ 2021-01-27 13:23 UTC (permalink / raw)
  To: Anatoly Burakov; +Cc: dev

22/01/2021 18:17, Anatoly Burakov:
> Currently, we don't check anything that comes in through memory hotplug
> subsystem using the IPC, because we always assume the data is correct.
> This is okay as anyone having access to the IPC socket would also have
> rights to crash the DPDK process through other means, but it's still a
> good practice to do parameter checking, so fix the code to do that.
> 
> Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>

Applied, thanks




^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, other threads:[~2021-01-27 13:23 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-01-15 12:15 [dpdk-dev] [PATCH] mem: improve parameter checking on memory hotplug Anatoly Burakov
2021-01-18  8:26 ` David Marchand
2021-01-18 11:37   ` Burakov, Anatoly
2021-01-18 15:41 ` [dpdk-dev] [PATCH v2] " Anatoly Burakov
2021-01-19 23:39   ` Thomas Monjalon
2021-01-21 10:52     ` Burakov, Anatoly
2021-01-22 17:17   ` [dpdk-dev] [PATCH v3] " Anatoly Burakov
2021-01-27 13:23     ` Thomas Monjalon

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).