From: Maxime Coquelin <maxime.coquelin@redhat.com>
To: stable@dpdk.org
Cc: Maxime Coquelin <maxime.coquelin@redhat.com>
Subject: [dpdk-stable] [PATCH v16.11 LTS 2/6] vhost: ensure all range is mapped when translating QVAs
Date: Mon, 23 Apr 2018 17:59:14 +0200 [thread overview]
Message-ID: <20180423155918.21350-3-maxime.coquelin@redhat.com> (raw)
In-Reply-To: <20180423155918.21350-1-maxime.coquelin@redhat.com>
This patch ensures that all the address range is mapped when
translating addresses from master's addresses (e.g. QEMU host
addressess) to process VAs.
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
---
lib/librte_vhost/vhost_user.c | 41 +++++++++++++++++++++++++++--------------
1 file changed, 27 insertions(+), 14 deletions(-)
diff --git a/lib/librte_vhost/vhost_user.c b/lib/librte_vhost/vhost_user.c
index 94a48a4b0..550a1329d 100644
--- a/lib/librte_vhost/vhost_user.c
+++ b/lib/librte_vhost/vhost_user.c
@@ -303,21 +303,26 @@ numa_realloc(struct virtio_net *dev, int index __rte_unused)
* used to convert the ring addresses to our address space.
*/
static uint64_t
-qva_to_vva(struct virtio_net *dev, uint64_t qva)
+qva_to_vva(struct virtio_net *dev, uint64_t qva, uint64_t *len)
{
- struct virtio_memory_region *reg;
+ struct virtio_memory_region *r;
uint32_t i;
/* Find the region where the address lives. */
for (i = 0; i < dev->mem->nregions; i++) {
- reg = &dev->mem->regions[i];
+ r = &dev->mem->regions[i];
+
+ if (qva >= r->guest_user_addr &&
+ qva < r->guest_user_addr + r->size) {
+
+ if (unlikely(*len > r->guest_user_addr + r->size - qva))
+ *len = r->guest_user_addr + r->size - qva;
- if (qva >= reg->guest_user_addr &&
- qva < reg->guest_user_addr + reg->size) {
- return qva - reg->guest_user_addr +
- reg->host_user_addr;
+ return qva - r->guest_user_addr +
+ r->host_user_addr;
}
}
+ *len = 0;
return 0;
}
@@ -332,6 +337,7 @@ vhost_user_set_vring_addr(struct virtio_net **pdev,
{
struct vhost_virtqueue *vq;
struct virtio_net *dev = *pdev;
+ uint64_t size, req_size;
if (dev->mem == NULL)
return -1;
@@ -340,11 +346,13 @@ vhost_user_set_vring_addr(struct virtio_net **pdev,
vq = dev->virtqueue[addr->index];
/* The addresses are converted from QEMU virtual to Vhost virtual. */
+ req_size = sizeof(struct vring_desc) * vq->size;
+ size = req_size;
vq->desc = (struct vring_desc *)(uintptr_t)qva_to_vva(dev,
- addr->desc_user_addr);
- if (vq->desc == 0) {
+ addr->desc_user_addr, &size);
+ if (vq->desc == 0 || size != req_size) {
RTE_LOG(ERR, VHOST_CONFIG,
- "(%d) failed to find desc ring address.\n",
+ "(%d) failed to map desc ring address.\n",
dev->vid);
return -1;
}
@@ -354,18 +362,23 @@ vhost_user_set_vring_addr(struct virtio_net **pdev,
vq = dev->virtqueue[addr->index];
+ req_size = sizeof(struct vring_avail) + sizeof(uint16_t) * vq->size;
+ size = req_size;
vq->avail = (struct vring_avail *)(uintptr_t)qva_to_vva(dev,
- addr->avail_user_addr);
- if (vq->avail == 0) {
+ addr->avail_user_addr, &size);
+ if (vq->avail == 0 || size != req_size) {
RTE_LOG(ERR, VHOST_CONFIG,
"(%d) failed to find avail ring address.\n",
dev->vid);
return -1;
}
+ req_size = sizeof(struct vring_used);
+ req_size += sizeof(struct vring_used_elem) * vq->size;
+ size = req_size;
vq->used = (struct vring_used *)(uintptr_t)qva_to_vva(dev,
- addr->used_user_addr);
- if (vq->used == 0) {
+ addr->used_user_addr, &size);
+ if (vq->used == 0 || size != req_size) {
RTE_LOG(ERR, VHOST_CONFIG,
"(%d) failed to find used ring address.\n",
dev->vid);
--
2.14.3
next prev parent reply other threads:[~2018-04-23 15:59 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-23 15:59 [dpdk-stable] [PATCH v16.11 LTS 0/6] Vhost: CVE-2018-1059 fixes Maxime Coquelin
2018-04-23 15:59 ` [dpdk-stable] [PATCH v16.11 LTS 1/6] vhost: check all range is mapped when translating GPAs Maxime Coquelin
2018-04-23 15:59 ` Maxime Coquelin [this message]
2018-04-23 15:59 ` [dpdk-stable] [PATCH v16.11 LTS 3/6] vhost: add support for non-contiguous indirect descs tables Maxime Coquelin
2018-04-23 15:59 ` [dpdk-stable] [PATCH v16.11 LTS 4/6] vhost: handle virtually non-contiguous buffers in Tx Maxime Coquelin
2018-04-23 15:59 ` [dpdk-stable] [PATCH v16.11 LTS 5/6] vhost: handle virtually non-contiguous buffers in Rx Maxime Coquelin
2018-04-23 15:59 ` [dpdk-stable] [PATCH v16.11 LTS 6/6] vhost: handle virtually non-contiguous buffers in Rx-mrg Maxime Coquelin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180423155918.21350-3-maxime.coquelin@redhat.com \
--to=maxime.coquelin@redhat.com \
--cc=stable@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).