From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by dpdk.org (Postfix) with ESMTP id 074981B4FC for ; Fri, 23 Nov 2018 11:28:52 +0100 (CET) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 6F4C6A4023; Fri, 23 Nov 2018 10:28:51 +0000 (UTC) Received: from ktraynor.remote.csb (unknown [10.36.118.7]) by smtp.corp.redhat.com (Postfix) with ESMTP id D62486128A; Fri, 23 Nov 2018 10:28:49 +0000 (UTC) From: Kevin Traynor To: Darek Stojaczyk Cc: Anatoly Burakov , dpdk stable Date: Fri, 23 Nov 2018 10:26:13 +0000 Message-Id: <20181123102713.17309-9-ktraynor@redhat.com> In-Reply-To: <20181123102713.17309-1-ktraynor@redhat.com> References: <20181123102713.17309-1-ktraynor@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Fri, 23 Nov 2018 10:28:51 +0000 (UTC) Subject: [dpdk-stable] patch 'vfio: fix read of freed memory on getting container fd' has been queued to stable release 18.08.1 X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Nov 2018 10:28:52 -0000 Hi, FYI, your patch has been queued to stable release 18.08.1 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objections before 11/29/18. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. If the code is different (ie: not only metadata diffs), due for example to a change in context or macro names, please double check it. Thanks. Kevin Traynor --- >>From c682a52044a0ff987385c0ecb34efe0762a1cc72 Mon Sep 17 00:00:00 2001 From: Darek Stojaczyk Date: Thu, 25 Oct 2018 12:49:10 +0200 Subject: [PATCH] vfio: fix read of freed memory on getting container fd [ upstream commit 88e2d78a20fae4cccde351e38e0b1ef534ad3302 ] We were reading some memory just after freeing it. Fixes: 83a73c5fef66 ("vfio: use generic multi-process channel") Signed-off-by: Darek Stojaczyk Acked-by: Anatoly Burakov --- lib/librte_eal/linuxapp/eal/eal_vfio.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/librte_eal/linuxapp/eal/eal_vfio.c b/lib/librte_eal/linuxapp/eal/eal_vfio.c index 957844ad8..3fd5be79f 100644 --- a/lib/librte_eal/linuxapp/eal/eal_vfio.c +++ b/lib/librte_eal/linuxapp/eal/eal_vfio.c @@ -1029,6 +1029,7 @@ rte_vfio_get_container_fd(void) p = (struct vfio_mp_param *)mp_rep->param; if (p->result == SOCKET_OK && mp_rep->num_fds == 1) { + vfio_container_fd = mp_rep->fds[0]; free(mp_reply.msgs); - return mp_rep->fds[0]; + return vfio_container_fd; } free(mp_reply.msgs); -- 2.19.0 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2018-11-23 10:22:54.480356441 +0000 +++ 0009-vfio-fix-read-of-freed-memory-on-getting-container-f.patch 2018-11-23 10:22:54.000000000 +0000 @@ -1,12 +1,13 @@ -From 88e2d78a20fae4cccde351e38e0b1ef534ad3302 Mon Sep 17 00:00:00 2001 +From c682a52044a0ff987385c0ecb34efe0762a1cc72 Mon Sep 17 00:00:00 2001 From: Darek Stojaczyk Date: Thu, 25 Oct 2018 12:49:10 +0200 Subject: [PATCH] vfio: fix read of freed memory on getting container fd +[ upstream commit 88e2d78a20fae4cccde351e38e0b1ef534ad3302 ] + We were reading some memory just after freeing it. Fixes: 83a73c5fef66 ("vfio: use generic multi-process channel") -Cc: stable@dpdk.org Signed-off-by: Darek Stojaczyk Acked-by: Anatoly Burakov @@ -15,10 +16,10 @@ 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/librte_eal/linuxapp/eal/eal_vfio.c b/lib/librte_eal/linuxapp/eal/eal_vfio.c -index 7d5b96426..13a8b1811 100644 +index 957844ad8..3fd5be79f 100644 --- a/lib/librte_eal/linuxapp/eal/eal_vfio.c +++ b/lib/librte_eal/linuxapp/eal/eal_vfio.c -@@ -1043,6 +1043,7 @@ rte_vfio_get_container_fd(void) +@@ -1029,6 +1029,7 @@ rte_vfio_get_container_fd(void) p = (struct vfio_mp_param *)mp_rep->param; if (p->result == SOCKET_OK && mp_rep->num_fds == 1) { + vfio_container_fd = mp_rep->fds[0];