From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 109E6A0032 for ; Tue, 13 Sep 2022 17:02:49 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id DBAF94021D; Tue, 13 Sep 2022 17:02:48 +0200 (CEST) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mails.dpdk.org (Postfix) with ESMTP id 5786740151 for ; Tue, 13 Sep 2022 17:02:48 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1663081367; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=fEipghYMptmN+GCH0vm5ujL7Sxr+y6Ys9yjkuJP8aRw=; b=aY7MlBoEpcMzm1H01aUYdjDNtmP2ZbjWSr/ILxQ7dFgA5yMrXlbRswHGIl/hvuTIKuidO0 0uwqpZrOFPHsWc9lSlpl/08H4uNB9Vo8N43wuUN6izld4eJF9Xm+VK0ydQpxxZSnuCQ4HM 8PBSoGL3QGKe6ilmCggYUjM8vruOCMw= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-589-nmmslyKfOLWetdW6TRIFGQ-1; Tue, 13 Sep 2022 11:02:45 -0400 X-MC-Unique: nmmslyKfOLWetdW6TRIFGQ-1 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id E1BF93814953; Tue, 13 Sep 2022 15:02:44 +0000 (UTC) Received: from [10.39.208.26] (unknown [10.39.208.26]) by smtp.corp.redhat.com (Postfix) with ESMTPS id CE1C349BB61; Tue, 13 Sep 2022 15:02:43 +0000 (UTC) Message-ID: <0ea85d1e-e741-b6ae-1426-638e219e4058@redhat.com> Date: Tue, 13 Sep 2022 17:02:42 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.12.0 From: Maxime Coquelin To: David Marchand , Chenbo Xia , Thomas Monjalon Cc: stable@dpdk.org, dev@dpdk.org References: <20220722135320.109269-1-david.marchand@redhat.com> <20220725203206.427083-1-david.marchand@redhat.com> <20220725203206.427083-2-david.marchand@redhat.com> Subject: Re: [PATCH v3 1/4] vhost: fix vq use after free on NUMA reallocation In-Reply-To: X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Hi, On 7/26/22 09:55, Maxime Coquelin wrote: > > > On 7/25/22 22:32, David Marchand wrote: >> translate_ring_addresses (via numa_realloc) may change a virtio device >> and >> virtio queue. >> The virtqueue object must be refreshed before accessing the lock. >> >> Fixes: 04c27cb673b9 ("vhost: fix unsafe vring addresses modifications") >> Cc: stable@dpdk.org >> >> Signed-off-by: David Marchand >> --- >>   lib/vhost/vhost_user.c | 1 + >>   1 file changed, 1 insertion(+) >> >> diff --git a/lib/vhost/vhost_user.c b/lib/vhost/vhost_user.c >> index 4ad28bac45..91d40e32fc 100644 >> --- a/lib/vhost/vhost_user.c >> +++ b/lib/vhost/vhost_user.c >> @@ -2596,6 +2596,7 @@ vhost_user_iotlb_msg(struct virtio_net **pdev, >>               if (is_vring_iotlb(dev, vq, imsg)) { >>                   rte_spinlock_lock(&vq->access_lock); >>                   *pdev = dev = translate_ring_addresses(dev, i); >> +                vq = dev->virtqueue[i]; >>                   rte_spinlock_unlock(&vq->access_lock); >>               } >>           } > > Reviewed-by: Maxime Coquelin > > Thanks, > Maxime The bug this patch is fixing is being reproduced downstream. It would be great it gets merged in main branch rapidly so that we can perform the backport. Chenbo, are you planning a pull request for vhost/virtio in the next few days? If not, should the main branch maintainer pick this single patch directly and let the rest of the series more time for reviews? Thanks, Maxime