* [dpdk-dev] [PATCH v2] vhost: fix null pointer checking
@ 2019-04-04 8:53 Mohammad Abdul Awal
2019-04-04 8:53 ` Mohammad Abdul Awal
2019-04-08 3:38 ` Tiwei Bie
0 siblings, 2 replies; 6+ messages in thread
From: Mohammad Abdul Awal @ 2019-04-04 8:53 UTC (permalink / raw)
To: dev; +Cc: maxime.coquelin, tiwei.bie, zhihong.wang, Mohammad Abdul Awal, stable
Null value for parameters will cause segfault.
Fixes: d7280c9fff ("vhost: support selective datapath")
Fixes: 72e8543093df ("vhost: add API to get MTU value")
Fixes: a277c71598 ("vhost: refactor code structure")
Fixes: ca33faf9ef ("vhost: introduce API to fetch negotiated features")
Fixes: eb32247457 ("vhost: export guest memory regions")
Fixes: 40ef286f23 ("vhost: export vhost vring info")
Fixes: bd2e0c3fe5 ("vhost: add APIs for live migration")
Fixes: 0b8572a0c1 ("vhost: add external message handling to the API")
Fixes: b4953225ce ("vhost: add APIs for datapath configuration")
Cc: stable@dpdk.org
Signed-off-by: Mohammad Abdul Awal <mohammad.abdul.awal@intel.com>
---
lib/librte_vhost/socket.c | 2 +-
lib/librte_vhost/vdpa.c | 5 ++++-
lib/librte_vhost/vhost.c | 16 ++++++++--------
3 files changed, 13 insertions(+), 10 deletions(-)
diff --git a/lib/librte_vhost/socket.c b/lib/librte_vhost/socket.c
index 3da9de62c..a89665946 100644
--- a/lib/librte_vhost/socket.c
+++ b/lib/librte_vhost/socket.c
@@ -562,7 +562,7 @@ rte_vhost_driver_attach_vdpa_device(const char *path, int did)
{
struct vhost_user_socket *vsocket;
- if (rte_vdpa_get_device(did) == NULL)
+ if (rte_vdpa_get_device(did) == NULL || path == NULL)
return -1;
pthread_mutex_lock(&vhost_user.mutex);
diff --git a/lib/librte_vhost/vdpa.c b/lib/librte_vhost/vdpa.c
index 321e11f17..e91548843 100644
--- a/lib/librte_vhost/vdpa.c
+++ b/lib/librte_vhost/vdpa.c
@@ -49,7 +49,7 @@ rte_vdpa_register_device(struct rte_vdpa_dev_addr *addr,
char device_name[MAX_VDPA_NAME_LEN];
int i;
- if (vdpa_device_num >= MAX_VHOST_DEVICE)
+ if (vdpa_device_num >= MAX_VHOST_DEVICE || addr == NULL || ops == NULL)
return -1;
for (i = 0; i < MAX_VHOST_DEVICE; i++) {
@@ -99,6 +99,9 @@ rte_vdpa_find_device_id(struct rte_vdpa_dev_addr *addr)
struct rte_vdpa_device *dev;
int i;
+ if (addr == NULL)
+ return -1;
+
for (i = 0; i < MAX_VHOST_DEVICE; ++i) {
dev = vdpa_devices[i];
if (dev && is_same_vdpa_device(&dev->addr, addr))
diff --git a/lib/librte_vhost/vhost.c b/lib/librte_vhost/vhost.c
index e480aeac9..163f4595e 100644
--- a/lib/librte_vhost/vhost.c
+++ b/lib/librte_vhost/vhost.c
@@ -447,7 +447,7 @@ rte_vhost_get_mtu(int vid, uint16_t *mtu)
{
struct virtio_net *dev = get_device(vid);
- if (!dev)
+ if (dev == NULL || mtu == NULL)
return -ENODEV;
if (!(dev->flags & VIRTIO_DEV_READY))
@@ -515,7 +515,7 @@ rte_vhost_get_ifname(int vid, char *buf, size_t len)
{
struct virtio_net *dev = get_device(vid);
- if (dev == NULL)
+ if (dev == NULL || buf == NULL)
return -1;
len = RTE_MIN(len, sizeof(dev->ifname));
@@ -532,7 +532,7 @@ rte_vhost_get_negotiated_features(int vid, uint64_t *features)
struct virtio_net *dev;
dev = get_device(vid);
- if (!dev)
+ if (dev == NULL || features == NULL)
return -1;
*features = dev->features;
@@ -547,7 +547,7 @@ rte_vhost_get_mem_table(int vid, struct rte_vhost_memory **mem)
size_t size;
dev = get_device(vid);
- if (!dev)
+ if (dev == NULL || mem == NULL)
return -1;
size = dev->mem->nregions * sizeof(struct rte_vhost_mem_region);
@@ -570,7 +570,7 @@ rte_vhost_get_vhost_vring(int vid, uint16_t vring_idx,
struct vhost_virtqueue *vq;
dev = get_device(vid);
- if (!dev)
+ if (dev == NULL || vring == NULL)
return -1;
if (vring_idx >= VHOST_MAX_VRING)
@@ -763,7 +763,7 @@ int rte_vhost_get_log_base(int vid, uint64_t *log_base,
{
struct virtio_net *dev = get_device(vid);
- if (!dev)
+ if (dev == NULL || log_base == NULL || log_size == NULL)
return -1;
*log_base = dev->log_base;
@@ -777,7 +777,7 @@ int rte_vhost_get_vring_base(int vid, uint16_t queue_id,
{
struct virtio_net *dev = get_device(vid);
- if (!dev)
+ if (dev == NULL || last_avail_idx == NULL || last_used_idx == NULL)
return -1;
*last_avail_idx = dev->virtqueue[queue_id]->last_avail_idx;
@@ -805,7 +805,7 @@ int rte_vhost_extern_callback_register(int vid,
{
struct virtio_net *dev = get_device(vid);
- if (!dev)
+ if (dev == NULL || ops == NULL)
return -1;
dev->extern_ops = *ops;
--
2.17.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* [dpdk-dev] [PATCH v2] vhost: fix null pointer checking
2019-04-04 8:53 [dpdk-dev] [PATCH v2] vhost: fix null pointer checking Mohammad Abdul Awal
@ 2019-04-04 8:53 ` Mohammad Abdul Awal
2019-04-08 3:38 ` Tiwei Bie
1 sibling, 0 replies; 6+ messages in thread
From: Mohammad Abdul Awal @ 2019-04-04 8:53 UTC (permalink / raw)
To: dev; +Cc: maxime.coquelin, tiwei.bie, zhihong.wang, Mohammad Abdul Awal, stable
Null value for parameters will cause segfault.
Fixes: d7280c9fff ("vhost: support selective datapath")
Fixes: 72e8543093df ("vhost: add API to get MTU value")
Fixes: a277c71598 ("vhost: refactor code structure")
Fixes: ca33faf9ef ("vhost: introduce API to fetch negotiated features")
Fixes: eb32247457 ("vhost: export guest memory regions")
Fixes: 40ef286f23 ("vhost: export vhost vring info")
Fixes: bd2e0c3fe5 ("vhost: add APIs for live migration")
Fixes: 0b8572a0c1 ("vhost: add external message handling to the API")
Fixes: b4953225ce ("vhost: add APIs for datapath configuration")
Cc: stable@dpdk.org
Signed-off-by: Mohammad Abdul Awal <mohammad.abdul.awal@intel.com>
---
lib/librte_vhost/socket.c | 2 +-
lib/librte_vhost/vdpa.c | 5 ++++-
lib/librte_vhost/vhost.c | 16 ++++++++--------
3 files changed, 13 insertions(+), 10 deletions(-)
diff --git a/lib/librte_vhost/socket.c b/lib/librte_vhost/socket.c
index 3da9de62c..a89665946 100644
--- a/lib/librte_vhost/socket.c
+++ b/lib/librte_vhost/socket.c
@@ -562,7 +562,7 @@ rte_vhost_driver_attach_vdpa_device(const char *path, int did)
{
struct vhost_user_socket *vsocket;
- if (rte_vdpa_get_device(did) == NULL)
+ if (rte_vdpa_get_device(did) == NULL || path == NULL)
return -1;
pthread_mutex_lock(&vhost_user.mutex);
diff --git a/lib/librte_vhost/vdpa.c b/lib/librte_vhost/vdpa.c
index 321e11f17..e91548843 100644
--- a/lib/librte_vhost/vdpa.c
+++ b/lib/librte_vhost/vdpa.c
@@ -49,7 +49,7 @@ rte_vdpa_register_device(struct rte_vdpa_dev_addr *addr,
char device_name[MAX_VDPA_NAME_LEN];
int i;
- if (vdpa_device_num >= MAX_VHOST_DEVICE)
+ if (vdpa_device_num >= MAX_VHOST_DEVICE || addr == NULL || ops == NULL)
return -1;
for (i = 0; i < MAX_VHOST_DEVICE; i++) {
@@ -99,6 +99,9 @@ rte_vdpa_find_device_id(struct rte_vdpa_dev_addr *addr)
struct rte_vdpa_device *dev;
int i;
+ if (addr == NULL)
+ return -1;
+
for (i = 0; i < MAX_VHOST_DEVICE; ++i) {
dev = vdpa_devices[i];
if (dev && is_same_vdpa_device(&dev->addr, addr))
diff --git a/lib/librte_vhost/vhost.c b/lib/librte_vhost/vhost.c
index e480aeac9..163f4595e 100644
--- a/lib/librte_vhost/vhost.c
+++ b/lib/librte_vhost/vhost.c
@@ -447,7 +447,7 @@ rte_vhost_get_mtu(int vid, uint16_t *mtu)
{
struct virtio_net *dev = get_device(vid);
- if (!dev)
+ if (dev == NULL || mtu == NULL)
return -ENODEV;
if (!(dev->flags & VIRTIO_DEV_READY))
@@ -515,7 +515,7 @@ rte_vhost_get_ifname(int vid, char *buf, size_t len)
{
struct virtio_net *dev = get_device(vid);
- if (dev == NULL)
+ if (dev == NULL || buf == NULL)
return -1;
len = RTE_MIN(len, sizeof(dev->ifname));
@@ -532,7 +532,7 @@ rte_vhost_get_negotiated_features(int vid, uint64_t *features)
struct virtio_net *dev;
dev = get_device(vid);
- if (!dev)
+ if (dev == NULL || features == NULL)
return -1;
*features = dev->features;
@@ -547,7 +547,7 @@ rte_vhost_get_mem_table(int vid, struct rte_vhost_memory **mem)
size_t size;
dev = get_device(vid);
- if (!dev)
+ if (dev == NULL || mem == NULL)
return -1;
size = dev->mem->nregions * sizeof(struct rte_vhost_mem_region);
@@ -570,7 +570,7 @@ rte_vhost_get_vhost_vring(int vid, uint16_t vring_idx,
struct vhost_virtqueue *vq;
dev = get_device(vid);
- if (!dev)
+ if (dev == NULL || vring == NULL)
return -1;
if (vring_idx >= VHOST_MAX_VRING)
@@ -763,7 +763,7 @@ int rte_vhost_get_log_base(int vid, uint64_t *log_base,
{
struct virtio_net *dev = get_device(vid);
- if (!dev)
+ if (dev == NULL || log_base == NULL || log_size == NULL)
return -1;
*log_base = dev->log_base;
@@ -777,7 +777,7 @@ int rte_vhost_get_vring_base(int vid, uint16_t queue_id,
{
struct virtio_net *dev = get_device(vid);
- if (!dev)
+ if (dev == NULL || last_avail_idx == NULL || last_used_idx == NULL)
return -1;
*last_avail_idx = dev->virtqueue[queue_id]->last_avail_idx;
@@ -805,7 +805,7 @@ int rte_vhost_extern_callback_register(int vid,
{
struct virtio_net *dev = get_device(vid);
- if (!dev)
+ if (dev == NULL || ops == NULL)
return -1;
dev->extern_ops = *ops;
--
2.17.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [dpdk-dev] [PATCH v2] vhost: fix null pointer checking
2019-04-04 8:53 [dpdk-dev] [PATCH v2] vhost: fix null pointer checking Mohammad Abdul Awal
2019-04-04 8:53 ` Mohammad Abdul Awal
@ 2019-04-08 3:38 ` Tiwei Bie
2019-04-08 3:38 ` Tiwei Bie
2019-04-17 7:13 ` Maxime Coquelin
1 sibling, 2 replies; 6+ messages in thread
From: Tiwei Bie @ 2019-04-08 3:38 UTC (permalink / raw)
To: Mohammad Abdul Awal; +Cc: dev, maxime.coquelin, zhihong.wang, stable
On Thu, Apr 04, 2019 at 09:53:17AM +0100, Mohammad Abdul Awal wrote:
> Null value for parameters will cause segfault.
>
> Fixes: d7280c9fff ("vhost: support selective datapath")
> Fixes: 72e8543093df ("vhost: add API to get MTU value")
> Fixes: a277c71598 ("vhost: refactor code structure")
> Fixes: ca33faf9ef ("vhost: introduce API to fetch negotiated features")
> Fixes: eb32247457 ("vhost: export guest memory regions")
> Fixes: 40ef286f23 ("vhost: export vhost vring info")
> Fixes: bd2e0c3fe5 ("vhost: add APIs for live migration")
> Fixes: 0b8572a0c1 ("vhost: add external message handling to the API")
> Fixes: b4953225ce ("vhost: add APIs for datapath configuration")
Would be better to use the same length (12) for hashes.
> Cc: stable@dpdk.org
>
> Signed-off-by: Mohammad Abdul Awal <mohammad.abdul.awal@intel.com>
> ---
> lib/librte_vhost/socket.c | 2 +-
> lib/librte_vhost/vdpa.c | 5 ++++-
> lib/librte_vhost/vhost.c | 16 ++++++++--------
> 3 files changed, 13 insertions(+), 10 deletions(-)
>
> diff --git a/lib/librte_vhost/socket.c b/lib/librte_vhost/socket.c
> index 3da9de62c..a89665946 100644
> --- a/lib/librte_vhost/socket.c
> +++ b/lib/librte_vhost/socket.c
> @@ -562,7 +562,7 @@ rte_vhost_driver_attach_vdpa_device(const char *path, int did)
> {
> struct vhost_user_socket *vsocket;
>
> - if (rte_vdpa_get_device(did) == NULL)
> + if (rte_vdpa_get_device(did) == NULL || path == NULL)
There are multiple APIs accepting `path` parameter without
validating it in socket.c. I meant we can do the check for
most of them in find_vhost_user_socket():
https://github.com/DPDK/dpdk/blob/bdcfcceb7a0b7534a0dba669279d18bd0f98d5e5/lib/librte_vhost/socket.c#L546
For the cases which can't be covered by the check in
find_vhost_user_socket(), we need to do the check separately,
e.g.:
https://github.com/DPDK/dpdk/blob/bdcfcceb7a0b7534a0dba669279d18bd0f98d5e5/lib/librte_vhost/socket.c#L972
For the rest,
Reviewed-by: Tiwei Bie <tiwei.bie@intel.com>
Thanks!
Tiwei
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [dpdk-dev] [PATCH v2] vhost: fix null pointer checking
2019-04-08 3:38 ` Tiwei Bie
@ 2019-04-08 3:38 ` Tiwei Bie
2019-04-17 7:13 ` Maxime Coquelin
1 sibling, 0 replies; 6+ messages in thread
From: Tiwei Bie @ 2019-04-08 3:38 UTC (permalink / raw)
To: Mohammad Abdul Awal; +Cc: dev, maxime.coquelin, zhihong.wang, stable
On Thu, Apr 04, 2019 at 09:53:17AM +0100, Mohammad Abdul Awal wrote:
> Null value for parameters will cause segfault.
>
> Fixes: d7280c9fff ("vhost: support selective datapath")
> Fixes: 72e8543093df ("vhost: add API to get MTU value")
> Fixes: a277c71598 ("vhost: refactor code structure")
> Fixes: ca33faf9ef ("vhost: introduce API to fetch negotiated features")
> Fixes: eb32247457 ("vhost: export guest memory regions")
> Fixes: 40ef286f23 ("vhost: export vhost vring info")
> Fixes: bd2e0c3fe5 ("vhost: add APIs for live migration")
> Fixes: 0b8572a0c1 ("vhost: add external message handling to the API")
> Fixes: b4953225ce ("vhost: add APIs for datapath configuration")
Would be better to use the same length (12) for hashes.
> Cc: stable@dpdk.org
>
> Signed-off-by: Mohammad Abdul Awal <mohammad.abdul.awal@intel.com>
> ---
> lib/librte_vhost/socket.c | 2 +-
> lib/librte_vhost/vdpa.c | 5 ++++-
> lib/librte_vhost/vhost.c | 16 ++++++++--------
> 3 files changed, 13 insertions(+), 10 deletions(-)
>
> diff --git a/lib/librte_vhost/socket.c b/lib/librte_vhost/socket.c
> index 3da9de62c..a89665946 100644
> --- a/lib/librte_vhost/socket.c
> +++ b/lib/librte_vhost/socket.c
> @@ -562,7 +562,7 @@ rte_vhost_driver_attach_vdpa_device(const char *path, int did)
> {
> struct vhost_user_socket *vsocket;
>
> - if (rte_vdpa_get_device(did) == NULL)
> + if (rte_vdpa_get_device(did) == NULL || path == NULL)
There are multiple APIs accepting `path` parameter without
validating it in socket.c. I meant we can do the check for
most of them in find_vhost_user_socket():
https://github.com/DPDK/dpdk/blob/bdcfcceb7a0b7534a0dba669279d18bd0f98d5e5/lib/librte_vhost/socket.c#L546
For the cases which can't be covered by the check in
find_vhost_user_socket(), we need to do the check separately,
e.g.:
https://github.com/DPDK/dpdk/blob/bdcfcceb7a0b7534a0dba669279d18bd0f98d5e5/lib/librte_vhost/socket.c#L972
For the rest,
Reviewed-by: Tiwei Bie <tiwei.bie@intel.com>
Thanks!
Tiwei
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [dpdk-dev] [PATCH v2] vhost: fix null pointer checking
2019-04-08 3:38 ` Tiwei Bie
2019-04-08 3:38 ` Tiwei Bie
@ 2019-04-17 7:13 ` Maxime Coquelin
2019-04-17 7:13 ` Maxime Coquelin
1 sibling, 1 reply; 6+ messages in thread
From: Maxime Coquelin @ 2019-04-17 7:13 UTC (permalink / raw)
To: Tiwei Bie, Mohammad Abdul Awal; +Cc: dev, zhihong.wang, stable
On 4/8/19 5:38 AM, Tiwei Bie wrote:
> On Thu, Apr 04, 2019 at 09:53:17AM +0100, Mohammad Abdul Awal wrote:
>> Null value for parameters will cause segfault.
>>
>> Fixes: d7280c9fff ("vhost: support selective datapath")
>> Fixes: 72e8543093df ("vhost: add API to get MTU value")
>> Fixes: a277c71598 ("vhost: refactor code structure")
>> Fixes: ca33faf9ef ("vhost: introduce API to fetch negotiated features")
>> Fixes: eb32247457 ("vhost: export guest memory regions")
>> Fixes: 40ef286f23 ("vhost: export vhost vring info")
>> Fixes: bd2e0c3fe5 ("vhost: add APIs for live migration")
>> Fixes: 0b8572a0c1 ("vhost: add external message handling to the API")
>> Fixes: b4953225ce ("vhost: add APIs for datapath configuration")
>
> Would be better to use the same length (12) for hashes.
Just FYI, it is possible to define a git alias to do that:
$ git config --get alias.fixline
log -1 --abbrev=12 --format='Fixes: %h ("%s")%nCc: %ae'
$ git fixline c5f21bdae4650bc168638c7b4a2c789e245ba562
Fixes: c5f21bdae465 ("fix indentation in symbol maps")
Cc: thomas@monjalon.net
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [dpdk-dev] [PATCH v2] vhost: fix null pointer checking
2019-04-17 7:13 ` Maxime Coquelin
@ 2019-04-17 7:13 ` Maxime Coquelin
0 siblings, 0 replies; 6+ messages in thread
From: Maxime Coquelin @ 2019-04-17 7:13 UTC (permalink / raw)
To: Tiwei Bie, Mohammad Abdul Awal; +Cc: dev, zhihong.wang, stable
On 4/8/19 5:38 AM, Tiwei Bie wrote:
> On Thu, Apr 04, 2019 at 09:53:17AM +0100, Mohammad Abdul Awal wrote:
>> Null value for parameters will cause segfault.
>>
>> Fixes: d7280c9fff ("vhost: support selective datapath")
>> Fixes: 72e8543093df ("vhost: add API to get MTU value")
>> Fixes: a277c71598 ("vhost: refactor code structure")
>> Fixes: ca33faf9ef ("vhost: introduce API to fetch negotiated features")
>> Fixes: eb32247457 ("vhost: export guest memory regions")
>> Fixes: 40ef286f23 ("vhost: export vhost vring info")
>> Fixes: bd2e0c3fe5 ("vhost: add APIs for live migration")
>> Fixes: 0b8572a0c1 ("vhost: add external message handling to the API")
>> Fixes: b4953225ce ("vhost: add APIs for datapath configuration")
>
> Would be better to use the same length (12) for hashes.
Just FYI, it is possible to define a git alias to do that:
$ git config --get alias.fixline
log -1 --abbrev=12 --format='Fixes: %h ("%s")%nCc: %ae'
$ git fixline c5f21bdae4650bc168638c7b4a2c789e245ba562
Fixes: c5f21bdae465 ("fix indentation in symbol maps")
Cc: thomas@monjalon.net
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2019-04-17 7:13 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-04-04 8:53 [dpdk-dev] [PATCH v2] vhost: fix null pointer checking Mohammad Abdul Awal
2019-04-04 8:53 ` Mohammad Abdul Awal
2019-04-08 3:38 ` Tiwei Bie
2019-04-08 3:38 ` Tiwei Bie
2019-04-17 7:13 ` Maxime Coquelin
2019-04-17 7:13 ` Maxime Coquelin
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).