DPDK patches and discussions
 help / color / mirror / Atom feed
From: "Xia, Chenbo" <chenbo.xia@intel.com>
To: Maxime Coquelin <maxime.coquelin@redhat.com>,
	"dev@dpdk.org" <dev@dpdk.org>,
	"amorenoz@redhat.com" <amorenoz@redhat.com>
Cc: "stable@dpdk.org" <stable@dpdk.org>
Subject: Re: [dpdk-dev] [PATCH 1/7] vhost: fix virtqueues metadata allocation
Date: Wed, 21 Oct 2020 11:10:35 +0000
Message-ID: <MN2PR11MB40632B50C26BB548CD94F8689C1C0@MN2PR11MB4063.namprd11.prod.outlook.com> (raw)
In-Reply-To: <20201019173415.582407-2-maxime.coquelin@redhat.com>

Hi Maxime,

> -----Original Message-----
> From: Maxime Coquelin <maxime.coquelin@redhat.com>
> Sent: Tuesday, October 20, 2020 1:34 AM
> To: dev@dpdk.org; Xia, Chenbo <chenbo.xia@intel.com>; amorenoz@redhat.com
> Cc: Maxime Coquelin <maxime.coquelin@redhat.com>; stable@dpdk.org
> Subject: [PATCH 1/7] vhost: fix virtqueues metadata allocation
> 
> The Vhost-user backend implementation assumes there will be
> no holes in the device's array of virtqueues metadata
> pointers.
> 
> It can happen though, and would cause segmentation faults,
> memory leaks or undefined behaviour.

Could I ask when will this happen? 

When QEMU does not configure all virtqueues? I'm not very sure.
Could you point that out for me?

Thanks!
Chenbo

> 
> This patch keep the assumption that there is no holes in this
> array, and allocate all uninitialized virtqueues metadata up
> to requested index.
> 
> Fixes: 160cbc815b41 ("vhost: remove a hack on queue allocation")
> Cc: stable@dpdk.org
> 
> Suggested-by: Adrian Moreno <amorenoz@redhat.com>
> Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
> ---
>  lib/librte_vhost/vhost.c | 33 ++++++++++++++++++++-------------
>  1 file changed, 20 insertions(+), 13 deletions(-)
> 
> diff --git a/lib/librte_vhost/vhost.c b/lib/librte_vhost/vhost.c
> index 6068c38ec6..0c9ba3b3af 100644
> --- a/lib/librte_vhost/vhost.c
> +++ b/lib/librte_vhost/vhost.c
> @@ -579,22 +579,29 @@ int
>  alloc_vring_queue(struct virtio_net *dev, uint32_t vring_idx)
>  {
>  	struct vhost_virtqueue *vq;
> +	uint32_t i;
> 
> -	vq = rte_malloc(NULL, sizeof(struct vhost_virtqueue), 0);
> -	if (vq == NULL) {
> -		VHOST_LOG_CONFIG(ERR,
> -			"Failed to allocate memory for vring:%u.\n", vring_idx);
> -		return -1;
> -	}
> +	/* Also allocate holes, if any, up to requested vring index. */
> +	for (i = 0; i <= vring_idx; i++) {
> +		if (dev->virtqueue[i])
> +			continue;
> 
> -	dev->virtqueue[vring_idx] = vq;
> -	init_vring_queue(dev, vring_idx);
> -	rte_spinlock_init(&vq->access_lock);
> -	vq->avail_wrap_counter = 1;
> -	vq->used_wrap_counter = 1;
> -	vq->signalled_used_valid = false;
> +		vq = rte_malloc(NULL, sizeof(struct vhost_virtqueue), 0);
> +		if (vq == NULL) {
> +			VHOST_LOG_CONFIG(ERR,
> +				"Failed to allocate memory for vring:%u.\n", i);
> +			return -1;
> +		}
> +
> +		dev->virtqueue[i] = vq;
> +		init_vring_queue(dev, vring_idx);
> +		rte_spinlock_init(&vq->access_lock);
> +		vq->avail_wrap_counter = 1;
> +		vq->used_wrap_counter = 1;
> +		vq->signalled_used_valid = false;
> +	}
> 
> -	dev->nr_vring += 1;
> +	dev->nr_vring = RTE_MAX(dev->nr_vring, vring_idx + 1);
> 
>  	return 0;
>  }
> --
> 2.26.2


  reply	other threads:[~2020-10-21 11:10 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-10-19 17:34 [dpdk-dev] [PATCH 0/7] vhost: make VQ metadata dereferencing robust Maxime Coquelin
2020-10-19 17:34 ` [dpdk-dev] [PATCH 1/7] vhost: fix virtqueues metadata allocation Maxime Coquelin
2020-10-21 11:10   ` Xia, Chenbo [this message]
2020-10-21 12:06     ` Maxime Coquelin
2020-10-22 11:00       ` Xia, Chenbo
2020-10-19 17:34 ` [dpdk-dev] [PATCH 2/7] vhost: validate index in available entries API Maxime Coquelin
2020-10-21 11:28   ` Xia, Chenbo
2020-10-19 17:34 ` [dpdk-dev] [PATCH 3/7] vhost: validate index in guest notification API Maxime Coquelin
2020-10-21 11:30   ` Xia, Chenbo
2020-10-19 17:34 ` [dpdk-dev] [PATCH 4/7] vhost: validate index in live-migration API Maxime Coquelin
2020-10-21 11:30   ` Xia, Chenbo
2020-10-19 17:34 ` [dpdk-dev] [PATCH 5/7] vhost: validate index in inflight API Maxime Coquelin
2020-10-21 11:30   ` Xia, Chenbo
2020-10-19 17:34 ` [dpdk-dev] [PATCH 6/7] vhost: validate index in async API Maxime Coquelin
2020-10-21 11:31   ` Xia, Chenbo
2020-10-19 17:34 ` [dpdk-dev] [PATCH 7/7] vhost: check virtqueue metadata pointer Maxime Coquelin
2020-10-21 11:32   ` Xia, Chenbo
2020-10-23 11:21 ` [dpdk-dev] [PATCH 0/7] vhost: make VQ metadata dereferencing robust Maxime Coquelin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=MN2PR11MB40632B50C26BB548CD94F8689C1C0@MN2PR11MB4063.namprd11.prod.outlook.com \
    --to=chenbo.xia@intel.com \
    --cc=amorenoz@redhat.com \
    --cc=dev@dpdk.org \
    --cc=maxime.coquelin@redhat.com \
    --cc=stable@dpdk.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

DPDK patches and discussions

This inbox may be cloned and mirrored by anyone:

	git clone --mirror https://inbox.dpdk.org/dev/0 dev/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 dev dev/ https://inbox.dpdk.org/dev \
		dev@dpdk.org
	public-inbox-index dev

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://inbox.dpdk.org/inbox.dpdk.dev


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git