From: Maxime Coquelin <maxime.coquelin@redhat.com>
To: jianfeng.tan@intel.com, stefanha@redhat.com, tiwei.bie@intel.com,
jfreimann@redhat.com, dev@dpdk.org
Cc: Maxime Coquelin <maxime.coquelin@redhat.com>
Subject: [dpdk-dev] [RFC 3/3] vhost_user: work around invalid rings addresses sent by QEMU
Date: Thu, 22 Feb 2018 19:19:10 +0100 [thread overview]
Message-ID: <20180222181910.23134-4-maxime.coquelin@redhat.com> (raw)
In-Reply-To: <20180222181910.23134-1-maxime.coquelin@redhat.com>
When the guest driver driver does not initialize all the queues,
QEMU currently sends SET_VRING_ADDR request for these queues.
In this case all the desc, avail and used addresses have GPA 0,
so translating them likely succeed.
The problem is that even if the uninitialized queues remain
disabled, the host application may request to disable the
notifications using rte_vhost_enable_guest_notification().
Doing this results in writing 0 to the used ring flag field,
so resulting in writing 0 in the guest physical address 0.
This patch adds a check to ensure all the ring addresses are
different before their translation.
When VHOST_USER_F_PROTOCOL_VIRTIO_STATUS and VIRTIO_F_VERSION_1
have been negotiated, the uninitialized queues will be removed
when driver sets the DRIVER_OK status bit.
Otherwise, the port will never start to avoid any guest memory
corruption.
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
---
lib/librte_vhost/vhost_user.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/lib/librte_vhost/vhost_user.c b/lib/librte_vhost/vhost_user.c
index 7ab02c44b..ad4d16492 100644
--- a/lib/librte_vhost/vhost_user.c
+++ b/lib/librte_vhost/vhost_user.c
@@ -448,6 +448,19 @@ translate_ring_addresses(struct virtio_net *dev, int vq_index)
if (vq->desc && vq->avail && vq->used)
return dev;
+ /*
+ * QEMU currently sends SET_VRING_ADDR request even for queues
+ * not initialized by the guest driver. In this case, all rings
+ * addresses are identical (GPA 0).
+ */
+ if (addr->desc_user_addr == addr->avail_user_addr &&
+ addr->desc_user_addr == addr->used_user_addr) {
+ RTE_LOG(INFO, VHOST_CONFIG,
+ "Invalid rings addresses for dev %d queue %d\n",
+ dev->vid, vq_index);
+ return dev;
+ }
+
vq->desc = (struct vring_desc *)(uintptr_t)ring_addr_to_vva(dev,
vq, addr->desc_user_addr, sizeof(struct vring_desc));
if (vq->desc == 0) {
--
2.14.3
prev parent reply other threads:[~2018-02-22 18:19 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-22 18:19 [dpdk-dev] [RFC 0/3] vhost: multiqueue improvements Maxime Coquelin
2018-02-22 18:19 ` [dpdk-dev] [RFC 1/3] vhost: invalidate vring addresses in cleanup_vq() Maxime Coquelin
2018-02-27 11:22 ` Jens Freimann
2018-02-27 11:44 ` Maxime Coquelin
2018-02-27 11:54 ` Jens Freimann
2018-02-22 18:19 ` [dpdk-dev] [RFC 2/3] vhost: add SET_VIRTIO_STATUS support Maxime Coquelin
2018-02-27 13:10 ` Jens Freimann
2018-02-27 14:04 ` Maxime Coquelin
2018-02-22 18:19 ` Maxime Coquelin [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180222181910.23134-4-maxime.coquelin@redhat.com \
--to=maxime.coquelin@redhat.com \
--cc=dev@dpdk.org \
--cc=jfreimann@redhat.com \
--cc=jianfeng.tan@intel.com \
--cc=stefanha@redhat.com \
--cc=tiwei.bie@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).