From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id D0C9FA04DC; Mon, 19 Oct 2020 19:35:16 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 0E2D1E2F7; Mon, 19 Oct 2020 19:34:37 +0200 (CEST) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [63.128.21.124]) by dpdk.org (Postfix) with ESMTP id 41B17E2AE for ; Mon, 19 Oct 2020 19:34:33 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1603128871; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=wcGhHOB8XLeg1sjT20FH6iMy2CAufTaWrNVRFvUPHRo=; b=ETaIAXYrXbtqocCR3wZ9RNcTyc9r3tCHd0IMN/n6vg3axBi4jJXjMZYFpNLdRZU41gPjTj PM2tKrLvyNnsWQc94EmrxGt5zk21w+gvGkgs3Xr1u5CmYXron5IXGjYXjWORYP3L1TgoLX vWnPS5j0/voEBK8s4WLbBGF+MgKODhQ= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-500-cDppC6wJP4Ks1vAGahPqoQ-1; Mon, 19 Oct 2020 13:34:26 -0400 X-MC-Unique: cDppC6wJP4Ks1vAGahPqoQ-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id D18171006C80; Mon, 19 Oct 2020 17:34:25 +0000 (UTC) Received: from localhost.localdomain (unknown [10.36.110.40]) by smtp.corp.redhat.com (Postfix) with ESMTP id 87B846EF42; Mon, 19 Oct 2020 17:34:24 +0000 (UTC) From: Maxime Coquelin To: dev@dpdk.org, chenbo.xia@intel.com, amorenoz@redhat.com Cc: Maxime Coquelin , stable@dpdk.org Date: Mon, 19 Oct 2020 19:34:09 +0200 Message-Id: <20201019173415.582407-2-maxime.coquelin@redhat.com> In-Reply-To: <20201019173415.582407-1-maxime.coquelin@redhat.com> References: <20201019173415.582407-1-maxime.coquelin@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=maxime.coquelin@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Subject: [dpdk-dev] [PATCH 1/7] vhost: fix virtqueues metadata allocation X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" The Vhost-user backend implementation assumes there will be no holes in the device's array of virtqueues metadata pointers. It can happen though, and would cause segmentation faults, memory leaks or undefined behaviour. This patch keep the assumption that there is no holes in this array, and allocate all uninitialized virtqueues metadata up to requested index. Fixes: 160cbc815b41 ("vhost: remove a hack on queue allocation") Cc: stable@dpdk.org Suggested-by: Adrian Moreno Signed-off-by: Maxime Coquelin --- lib/librte_vhost/vhost.c | 33 ++++++++++++++++++++------------- 1 file changed, 20 insertions(+), 13 deletions(-) diff --git a/lib/librte_vhost/vhost.c b/lib/librte_vhost/vhost.c index 6068c38ec6..0c9ba3b3af 100644 --- a/lib/librte_vhost/vhost.c +++ b/lib/librte_vhost/vhost.c @@ -579,22 +579,29 @@ int alloc_vring_queue(struct virtio_net *dev, uint32_t vring_idx) { struct vhost_virtqueue *vq; + uint32_t i; - vq = rte_malloc(NULL, sizeof(struct vhost_virtqueue), 0); - if (vq == NULL) { - VHOST_LOG_CONFIG(ERR, - "Failed to allocate memory for vring:%u.\n", vring_idx); - return -1; - } + /* Also allocate holes, if any, up to requested vring index. */ + for (i = 0; i <= vring_idx; i++) { + if (dev->virtqueue[i]) + continue; - dev->virtqueue[vring_idx] = vq; - init_vring_queue(dev, vring_idx); - rte_spinlock_init(&vq->access_lock); - vq->avail_wrap_counter = 1; - vq->used_wrap_counter = 1; - vq->signalled_used_valid = false; + vq = rte_malloc(NULL, sizeof(struct vhost_virtqueue), 0); + if (vq == NULL) { + VHOST_LOG_CONFIG(ERR, + "Failed to allocate memory for vring:%u.\n", i); + return -1; + } + + dev->virtqueue[i] = vq; + init_vring_queue(dev, vring_idx); + rte_spinlock_init(&vq->access_lock); + vq->avail_wrap_counter = 1; + vq->used_wrap_counter = 1; + vq->signalled_used_valid = false; + } - dev->nr_vring += 1; + dev->nr_vring = RTE_MAX(dev->nr_vring, vring_idx + 1); return 0; } -- 2.26.2