[dpdk-dev] [PATCH 7/7] vhost: check virtqueue metadata pointer

DPDK patches and discussions
 help / color / mirror / Atom feed

From: Maxime Coquelin <maxime.coquelin@redhat.com>
To: dev@dpdk.org, chenbo.xia@intel.com, amorenoz@redhat.com
Cc: Maxime Coquelin <maxime.coquelin@redhat.com>
Subject: [dpdk-dev] [PATCH 7/7] vhost: check virtqueue metadata pointer
Date: Mon, 19 Oct 2020 19:34:15 +0200	[thread overview]
Message-ID: <20201019173415.582407-8-maxime.coquelin@redhat.com> (raw)
In-Reply-To: <20201019173415.582407-1-maxime.coquelin@redhat.com>

This patch checks whether the virtqueue metadata pointer
is valid before dereferencing it. It is not considered
a fix as earlier patch ensures there are no holes in the
array of virtqueue metadata pointers.

Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
---
 lib/librte_vhost/vhost.c      | 11 +++++++++++
 lib/librte_vhost/vhost_user.c | 12 ++++++++++++
 2 files changed, 23 insertions(+)

diff --git a/lib/librte_vhost/vhost.c b/lib/librte_vhost/vhost.c
index e92ff618ac..8a151a9c1d 100644
--- a/lib/librte_vhost/vhost.c
+++ b/lib/librte_vhost/vhost.c
@@ -544,6 +544,11 @@ init_vring_queue(struct virtio_net *dev, uint32_t vring_idx)
 	}
 
 	vq = dev->virtqueue[vring_idx];
+	if (!vq) {
+		VHOST_LOG_CONFIG(ERR, "Virtqueue not allocated (%d)\n",
+				vring_idx);
+		return;
+	}
 
 	memset(vq, 0, sizeof(struct vhost_virtqueue));
 
@@ -570,6 +575,12 @@ reset_vring_queue(struct virtio_net *dev, uint32_t vring_idx)
 	}
 
 	vq = dev->virtqueue[vring_idx];
+	if (!vq) {
+		VHOST_LOG_CONFIG(ERR, "Virtqueue not allocated (%d)\n",
+				vring_idx);
+		return;
+	}
+
 	callfd = vq->callfd;
 	init_vring_queue(dev, vring_idx);
 	vq->callfd = callfd;
diff --git a/lib/librte_vhost/vhost_user.c b/lib/librte_vhost/vhost_user.c
index d20c8c57ad..8a8726f8b8 100644
--- a/lib/librte_vhost/vhost_user.c
+++ b/lib/librte_vhost/vhost_user.c
@@ -1235,6 +1235,9 @@ vhost_user_set_mem_table(struct virtio_net **pdev, struct VhostUserMsg *msg,
 	for (i = 0; i < dev->nr_vring; i++) {
 		struct vhost_virtqueue *vq = dev->virtqueue[i];
 
+		if (!vq)
+			continue;
+
 		if (vq->desc || vq->avail || vq->used) {
 			/*
 			 * If the memory table got updated, the ring addresses
@@ -1556,6 +1559,9 @@ vhost_user_set_inflight_fd(struct virtio_net **pdev, VhostUserMsg *msg,
 
 	for (i = 0; i < num_queues; i++) {
 		vq = dev->virtqueue[i];
+		if (!vq)
+			continue;
+
 		if (vq_is_packed(dev)) {
 			vq->inflight_packed = addr;
 			vq->inflight_packed->desc_num = queue_size;
@@ -2310,6 +2316,9 @@ vhost_user_iotlb_msg(struct virtio_net **pdev, struct VhostUserMsg *msg,
 		for (i = 0; i < dev->nr_vring; i++) {
 			struct vhost_virtqueue *vq = dev->virtqueue[i];
 
+			if (!vq)
+				continue;
+
 			vhost_user_iotlb_cache_insert(vq, imsg->iova, vva,
 					len, imsg->perm);
 
@@ -2321,6 +2330,9 @@ vhost_user_iotlb_msg(struct virtio_net **pdev, struct VhostUserMsg *msg,
 		for (i = 0; i < dev->nr_vring; i++) {
 			struct vhost_virtqueue *vq = dev->virtqueue[i];
 
+			if (!vq)
+				continue;
+
 			vhost_user_iotlb_cache_remove(vq, imsg->iova,
 					imsg->size);
 
-- 
2.26.2

next prev parent reply	other threads:[~2020-10-19 17:36 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-10-19 17:34 [dpdk-dev] [PATCH 0/7] vhost: make VQ metadata dereferencing robust Maxime Coquelin
2020-10-19 17:34 ` [dpdk-dev] [PATCH 1/7] vhost: fix virtqueues metadata allocation Maxime Coquelin
2020-10-21 11:10   ` Xia, Chenbo
2020-10-21 12:06     ` Maxime Coquelin
2020-10-22 11:00       ` Xia, Chenbo
2020-10-19 17:34 ` [dpdk-dev] [PATCH 2/7] vhost: validate index in available entries API Maxime Coquelin
2020-10-21 11:28   ` Xia, Chenbo
2020-10-19 17:34 ` [dpdk-dev] [PATCH 3/7] vhost: validate index in guest notification API Maxime Coquelin
2020-10-21 11:30   ` Xia, Chenbo
2020-10-19 17:34 ` [dpdk-dev] [PATCH 4/7] vhost: validate index in live-migration API Maxime Coquelin
2020-10-21 11:30   ` Xia, Chenbo
2020-10-19 17:34 ` [dpdk-dev] [PATCH 5/7] vhost: validate index in inflight API Maxime Coquelin
2020-10-21 11:30   ` Xia, Chenbo
2020-10-19 17:34 ` [dpdk-dev] [PATCH 6/7] vhost: validate index in async API Maxime Coquelin
2020-10-21 11:31   ` Xia, Chenbo
2020-10-19 17:34 ` Maxime Coquelin [this message]
2020-10-21 11:32   ` [dpdk-dev] [PATCH 7/7] vhost: check virtqueue metadata pointer Xia, Chenbo
2020-10-23 11:21 ` [dpdk-dev] [PATCH 0/7] vhost: make VQ metadata dereferencing robust Maxime Coquelin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20201019173415.582407-8-maxime.coquelin@redhat.com \
    --to=maxime.coquelin@redhat.com \
    --cc=amorenoz@redhat.com \
    --cc=chenbo.xia@intel.com \
    --cc=dev@dpdk.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).