From mboxrd@z Thu Jan 1 00:00:00 1970 From: Rich Lane Subject: [PATCH v3] vhost: fix leak of fds and mmaps Date: Wed, 10 Feb 2016 10:40:55 -0800 Message-ID: <1455129655-25520-1-git-send-email-rlane@bigswitch.com> References: <1453060638-58510-1-git-send-email-rlane@bigswitch.com> To: dev@dpdk.org Return-path: Received: from mail-pf0-f172.google.com (mail-pf0-f172.google.com [209.85.192.172]) by dpdk.org (Postfix) with ESMTP id 4304556A9 for ; Wed, 10 Feb 2016 19:40:57 +0100 (CET) Received: by mail-pf0-f172.google.com with SMTP id c10so16302046pfc.2 for ; Wed, 10 Feb 2016 10:40:57 -0800 (PST) In-Reply-To: <1453060638-58510-1-git-send-email-rlane@bigswitch.com> List-Id: patches and discussions about DPDK List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" The common vhost code only supported a single mmap per device. vhost-user worked around this by saving the address/length/fd of each mmap after the end of the rte_virtio_memory struct. This only works if the vhost-user code frees dev->mem, since the common code is unaware of the extra info. The VHOST_USER_RESET_OWNER message is one situation where the common code frees dev->mem and leaks the fds and mappings. This happens every time I shut down a VM. The new code calls back into the implementation (vhost-user or vhost-cuse) to clean up these resources. The vhost-cuse changes are only compile tested. Signed-off-by: Rich Lane Acked-by: Yuanhan Liu --- v2->v3: - Rename "impl" to "backend". v1->v2: - Call into vhost-user/vhost-cuse to free mmaps. lib/librte_vhost/vhost-net.h | 6 ++++++ lib/librte_vhost/vhost_cuse/virtio-net-cdev.c | 12 ++++++++++++ lib/librte_vhost/vhost_user/vhost-net-user.c | 1 - lib/librte_vhost/vhost_user/virtio-net-user.c | 25 ++++++++++--------------- lib/librte_vhost/vhost_user/virtio-net-user.h | 1 - lib/librte_vhost/virtio-net.c | 8 +------- 6 files changed, 29 insertions(+), 24 deletions(-) diff --git a/lib/librte_vhost/vhost-net.h b/lib/librte_vhost/vhost-net.h index c69b60b..affbd1a 100644 --- a/lib/librte_vhost/vhost-net.h +++ b/lib/librte_vhost/vhost-net.h @@ -115,4 +115,10 @@ struct vhost_net_device_ops { struct vhost_net_device_ops const *get_virtio_net_callbacks(void); + +/* + * Backend-specific cleanup. Defined by vhost-cuse and vhost-user. + */ +void vhost_backend_cleanup(struct virtio_net *dev); + #endif /* _VHOST_NET_CDEV_H_ */ diff --git a/lib/librte_vhost/vhost_cuse/virtio-net-cdev.c b/lib/librte_vhost/vhost_cuse/virtio-net-cdev.c index ae2c3fa..374c884 100644 --- a/lib/librte_vhost/vhost_cuse/virtio-net-cdev.c +++ b/lib/librte_vhost/vhost_cuse/virtio-net-cdev.c @@ -421,3 +421,15 @@ int cuse_set_backend(struct vhost_device_ctx ctx, struct vhost_vring_file *file) return ops->set_backend(ctx, file); } + +void +vhost_backend_cleanup(struct virtio_net *dev) +{ + /* Unmap QEMU memory file if mapped. */ + if (dev->mem) { + munmap((void *)(uintptr_t)dev->mem->mapped_address, + (size_t)dev->mem->mapped_size); + free(dev->mem); + dev->mem = NULL; + } +} diff --git a/lib/librte_vhost/vhost_user/vhost-net-user.c b/lib/librte_vhost/vhost_user/vhost-net-user.c index 8b7a448..336efba 100644 --- a/lib/librte_vhost/vhost_user/vhost-net-user.c +++ b/lib/librte_vhost/vhost_user/vhost-net-user.c @@ -347,7 +347,6 @@ vserver_message_handler(int connfd, void *dat, int *remove) close(connfd); *remove = 1; free(cfd_ctx); - user_destroy_device(ctx); ops->destroy_device(ctx); return; diff --git a/lib/librte_vhost/vhost_user/virtio-net-user.c b/lib/librte_vhost/vhost_user/virtio-net-user.c index 2934d1c..993ed71 100644 --- a/lib/librte_vhost/vhost_user/virtio-net-user.c +++ b/lib/librte_vhost/vhost_user/virtio-net-user.c @@ -339,21 +339,6 @@ user_set_vring_enable(struct vhost_device_ctx ctx, } void -user_destroy_device(struct vhost_device_ctx ctx) -{ - struct virtio_net *dev = get_device(ctx); - - if (dev && (dev->flags & VIRTIO_DEV_RUNNING)) - notify_ops->destroy_device(dev); - - if (dev && dev->mem) { - free_mem_region(dev); - free(dev->mem); - dev->mem = NULL; - } -} - -void user_set_protocol_features(struct vhost_device_ctx ctx, uint64_t protocol_features) { @@ -365,3 +350,13 @@ user_set_protocol_features(struct vhost_device_ctx ctx, dev->protocol_features = protocol_features; } + +void +vhost_backend_cleanup(struct virtio_net *dev) +{ + if (dev->mem) { + free_mem_region(dev); + free(dev->mem); + dev->mem = NULL; + } +} diff --git a/lib/librte_vhost/vhost_user/virtio-net-user.h b/lib/librte_vhost/vhost_user/virtio-net-user.h index b82108d..1140ee1 100644 --- a/lib/librte_vhost/vhost_user/virtio-net-user.h +++ b/lib/librte_vhost/vhost_user/virtio-net-user.h @@ -55,5 +55,4 @@ int user_get_vring_base(struct vhost_device_ctx, struct vhost_vring_state *); int user_set_vring_enable(struct vhost_device_ctx ctx, struct vhost_vring_state *state); -void user_destroy_device(struct vhost_device_ctx); #endif diff --git a/lib/librte_vhost/virtio-net.c b/lib/librte_vhost/virtio-net.c index de78a0f..cf2560e 100644 --- a/lib/librte_vhost/virtio-net.c +++ b/lib/librte_vhost/virtio-net.c @@ -199,13 +199,7 @@ cleanup_device(struct virtio_net *dev, int destroy) { uint32_t i; - /* Unmap QEMU memory file if mapped. */ - if (dev->mem) { - munmap((void *)(uintptr_t)dev->mem->mapped_address, - (size_t)dev->mem->mapped_size); - free(dev->mem); - dev->mem = NULL; - } + vhost_backend_cleanup(dev); for (i = 0; i < dev->virt_qp_nb; i++) { cleanup_vq(dev->virtqueue[i * VIRTIO_QNUM + VIRTIO_RXQ], destroy); -- 1.9.1