All of lore.kernel.org
 help / color / mirror / Atom feed
From: Maxime Coquelin <maxime.coquelin@redhat.com>
To: dev@dpdk.org, chenbo.xia@intel.com, amorenoz@redhat.com
Cc: Maxime Coquelin <maxime.coquelin@redhat.com>
Subject: [dpdk-dev] [PATCH 7/7] vhost: check virtqueue metadata pointer
Date: Mon, 19 Oct 2020 19:34:15 +0200	[thread overview]
Message-ID: <20201019173415.582407-8-maxime.coquelin@redhat.com> (raw)
In-Reply-To: <20201019173415.582407-1-maxime.coquelin@redhat.com>

This patch checks whether the virtqueue metadata pointer
is valid before dereferencing it. It is not considered
a fix as earlier patch ensures there are no holes in the
array of virtqueue metadata pointers.

Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
---
 lib/librte_vhost/vhost.c      | 11 +++++++++++
 lib/librte_vhost/vhost_user.c | 12 ++++++++++++
 2 files changed, 23 insertions(+)

diff --git a/lib/librte_vhost/vhost.c b/lib/librte_vhost/vhost.c
index e92ff618ac..8a151a9c1d 100644
--- a/lib/librte_vhost/vhost.c
+++ b/lib/librte_vhost/vhost.c
@@ -544,6 +544,11 @@ init_vring_queue(struct virtio_net *dev, uint32_t vring_idx)
 	}
 
 	vq = dev->virtqueue[vring_idx];
+	if (!vq) {
+		VHOST_LOG_CONFIG(ERR, "Virtqueue not allocated (%d)\n",
+				vring_idx);
+		return;
+	}
 
 	memset(vq, 0, sizeof(struct vhost_virtqueue));
 
@@ -570,6 +575,12 @@ reset_vring_queue(struct virtio_net *dev, uint32_t vring_idx)
 	}
 
 	vq = dev->virtqueue[vring_idx];
+	if (!vq) {
+		VHOST_LOG_CONFIG(ERR, "Virtqueue not allocated (%d)\n",
+				vring_idx);
+		return;
+	}
+
 	callfd = vq->callfd;
 	init_vring_queue(dev, vring_idx);
 	vq->callfd = callfd;
diff --git a/lib/librte_vhost/vhost_user.c b/lib/librte_vhost/vhost_user.c
index d20c8c57ad..8a8726f8b8 100644
--- a/lib/librte_vhost/vhost_user.c
+++ b/lib/librte_vhost/vhost_user.c
@@ -1235,6 +1235,9 @@ vhost_user_set_mem_table(struct virtio_net **pdev, struct VhostUserMsg *msg,
 	for (i = 0; i < dev->nr_vring; i++) {
 		struct vhost_virtqueue *vq = dev->virtqueue[i];
 
+		if (!vq)
+			continue;
+
 		if (vq->desc || vq->avail || vq->used) {
 			/*
 			 * If the memory table got updated, the ring addresses
@@ -1556,6 +1559,9 @@ vhost_user_set_inflight_fd(struct virtio_net **pdev, VhostUserMsg *msg,
 
 	for (i = 0; i < num_queues; i++) {
 		vq = dev->virtqueue[i];
+		if (!vq)
+			continue;
+
 		if (vq_is_packed(dev)) {
 			vq->inflight_packed = addr;
 			vq->inflight_packed->desc_num = queue_size;
@@ -2310,6 +2316,9 @@ vhost_user_iotlb_msg(struct virtio_net **pdev, struct VhostUserMsg *msg,
 		for (i = 0; i < dev->nr_vring; i++) {
 			struct vhost_virtqueue *vq = dev->virtqueue[i];
 
+			if (!vq)
+				continue;
+
 			vhost_user_iotlb_cache_insert(vq, imsg->iova, vva,
 					len, imsg->perm);
 
@@ -2321,6 +2330,9 @@ vhost_user_iotlb_msg(struct virtio_net **pdev, struct VhostUserMsg *msg,
 		for (i = 0; i < dev->nr_vring; i++) {
 			struct vhost_virtqueue *vq = dev->virtqueue[i];
 
+			if (!vq)
+				continue;
+
 			vhost_user_iotlb_cache_remove(vq, imsg->iova,
 					imsg->size);
 
-- 
2.26.2


  parent reply	other threads:[~2020-10-19 17:36 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-10-19 17:34 [dpdk-dev] [PATCH 0/7] vhost: make VQ metadata dereferencing robust Maxime Coquelin
2020-10-19 17:34 ` [dpdk-dev] [PATCH 1/7] vhost: fix virtqueues metadata allocation Maxime Coquelin
2020-10-21 11:10   ` Xia, Chenbo
2020-10-21 12:06     ` Maxime Coquelin
2020-10-22 11:00       ` Xia, Chenbo
2020-10-19 17:34 ` [dpdk-dev] [PATCH 2/7] vhost: validate index in available entries API Maxime Coquelin
2020-10-21 11:28   ` Xia, Chenbo
2020-10-19 17:34 ` [dpdk-dev] [PATCH 3/7] vhost: validate index in guest notification API Maxime Coquelin
2020-10-21 11:30   ` Xia, Chenbo
2020-10-19 17:34 ` [dpdk-dev] [PATCH 4/7] vhost: validate index in live-migration API Maxime Coquelin
2020-10-21 11:30   ` Xia, Chenbo
2020-10-19 17:34 ` [dpdk-dev] [PATCH 5/7] vhost: validate index in inflight API Maxime Coquelin
2020-10-21 11:30   ` Xia, Chenbo
2020-10-19 17:34 ` [dpdk-dev] [PATCH 6/7] vhost: validate index in async API Maxime Coquelin
2020-10-21 11:31   ` Xia, Chenbo
2020-10-19 17:34 ` Maxime Coquelin [this message]
2020-10-21 11:32   ` [dpdk-dev] [PATCH 7/7] vhost: check virtqueue metadata pointer Xia, Chenbo
2020-10-23 11:21 ` [dpdk-dev] [PATCH 0/7] vhost: make VQ metadata dereferencing robust Maxime Coquelin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20201019173415.582407-8-maxime.coquelin@redhat.com \
    --to=maxime.coquelin@redhat.com \
    --cc=amorenoz@redhat.com \
    --cc=chenbo.xia@intel.com \
    --cc=dev@dpdk.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.