[dpdk-stable] patch 'vhost: fix null pointer checking' has been queued to LTS release 18.11.2

Kevin Traynor ktraynor at redhat.com
Wed May 8 12:14:59 CEST 2019 

Hi,

FYI, your patch has been queued to LTS release 18.11.2

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 05/13/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches are on a temporary branch at:
https://github.com/kevintraynor/dpdk-stable-queue

This queued commit can be viewed at:
https://github.com/kevintraynor/dpdk-stable-queue/commit/cee8e7e8d04eb6ef8b7235c05e4d82341ab55378

Thanks.

Kevin Traynor

---
>From cee8e7e8d04eb6ef8b7235c05e4d82341ab55378 Mon Sep 17 00:00:00 2001
From: Mohammad Abdul Awal <mohammad.abdul.awal at intel.com>
Date: Thu, 11 Apr 2019 15:48:40 +0100
Subject: [PATCH] vhost: fix null pointer checking

[ upstream commit b045785f92d9a59d2ed3d27891201d1f07c051b3 ]

Null value for parameters will cause segfault.

Fixes: d7280c9fffcb ("vhost: support selective datapath")
Fixes: 72e8543093df ("vhost: add API to get MTU value")
Fixes: a277c7159876 ("vhost: refactor code structure")
Fixes: ca33faf9ef10 ("vhost: introduce API to fetch negotiated features")
Fixes: eb32247457fe ("vhost: export guest memory regions")
Fixes: 40ef286f236a ("vhost: export vhost vring info")
Fixes: bd2e0c3fe5ac ("vhost: add APIs for live migration")
Fixes: 0b8572a0c101 ("vhost: add external message handling to the API")
Fixes: b4953225cea4 ("vhost: add APIs for datapath configuration")
Fixes: 5fbb3941da9f ("vhost: introduce driver features related APIs")
Fixes: 292959c71961 ("vhost: cleanup unix socket")

Signed-off-by: Mohammad Abdul Awal <mohammad.abdul.awal at intel.com>
Reviewed-by: Tiwei Bie <tiwei.bie at intel.com>
---
 lib/librte_vhost/socket.c |  8 +++++++-
 lib/librte_vhost/vdpa.c   |  5 ++++-
 lib/librte_vhost/vhost.c  | 16 ++++++++--------
 3 files changed, 19 insertions(+), 10 deletions(-)

diff --git a/lib/librte_vhost/socket.c b/lib/librte_vhost/socket.c
index c2bf023d1..4007d9d56 100644
--- a/lib/librte_vhost/socket.c
+++ b/lib/librte_vhost/socket.c
@@ -550,4 +550,7 @@ find_vhost_user_socket(const char *path)
 	int i;
 
+	if (path == NULL)
+		return NULL;
+
 	for (i = 0; i < vhost_user.vsocket_cnt; i++) {
 		struct vhost_user_socket *vsocket = vhost_user.vsockets[i];
@@ -565,5 +568,5 @@ rte_vhost_driver_attach_vdpa_device(const char *path, int did)
 	struct vhost_user_socket *vsocket;
 
-	if (rte_vdpa_get_device(did) == NULL)
+	if (rte_vdpa_get_device(did) == NULL || path == NULL)
 		return -1;
 
@@ -964,4 +967,7 @@ rte_vhost_driver_unregister(const char *path)
 	struct vhost_user_connection *conn, *next;
 
+	if (path == NULL)
+		return -1;
+
 again:
 	pthread_mutex_lock(&vhost_user.mutex);
diff --git a/lib/librte_vhost/vdpa.c b/lib/librte_vhost/vdpa.c
index ae721e06b..f560419b1 100644
--- a/lib/librte_vhost/vdpa.c
+++ b/lib/librte_vhost/vdpa.c
@@ -50,5 +50,5 @@ rte_vdpa_register_device(struct rte_vdpa_dev_addr *addr,
 	int i;
 
-	if (vdpa_device_num >= MAX_VHOST_DEVICE)
+	if (vdpa_device_num >= MAX_VHOST_DEVICE || addr == NULL || ops == NULL)
 		return -1;
 
@@ -100,4 +100,7 @@ rte_vdpa_find_device_id(struct rte_vdpa_dev_addr *addr)
 	int i;
 
+	if (addr == NULL)
+		return -1;
+
 	for (i = 0; i < MAX_VHOST_DEVICE; ++i) {
 		dev = vdpa_devices[i];
diff --git a/lib/librte_vhost/vhost.c b/lib/librte_vhost/vhost.c
index 70ac6bc9c..488cf1694 100644
--- a/lib/librte_vhost/vhost.c
+++ b/lib/librte_vhost/vhost.c
@@ -461,5 +461,5 @@ rte_vhost_get_mtu(int vid, uint16_t *mtu)
 	struct virtio_net *dev = get_device(vid);
 
-	if (!dev)
+	if (dev == NULL || mtu == NULL)
 		return -ENODEV;
 
@@ -529,5 +529,5 @@ rte_vhost_get_ifname(int vid, char *buf, size_t len)
 	struct virtio_net *dev = get_device(vid);
 
-	if (dev == NULL)
+	if (dev == NULL || buf == NULL)
 		return -1;
 
@@ -546,5 +546,5 @@ rte_vhost_get_negotiated_features(int vid, uint64_t *features)
 
 	dev = get_device(vid);
-	if (!dev)
+	if (dev == NULL || features == NULL)
 		return -1;
 
@@ -561,5 +561,5 @@ rte_vhost_get_mem_table(int vid, struct rte_vhost_memory **mem)
 
 	dev = get_device(vid);
-	if (!dev)
+	if (dev == NULL || mem == NULL)
 		return -1;
 
@@ -584,5 +584,5 @@ rte_vhost_get_vhost_vring(int vid, uint16_t vring_idx,
 
 	dev = get_device(vid);
-	if (!dev)
+	if (dev == NULL || vring == NULL)
 		return -1;
 
@@ -777,5 +777,5 @@ int rte_vhost_get_log_base(int vid, uint64_t *log_base,
 	struct virtio_net *dev = get_device(vid);
 
-	if (!dev)
+	if (dev == NULL || log_base == NULL || log_size == NULL)
 		return -1;
 
@@ -798,5 +798,5 @@ int rte_vhost_get_vring_base(int vid, uint16_t queue_id,
 	struct virtio_net *dev = get_device(vid);
 
-	if (!dev)
+	if (dev == NULL || last_avail_idx == NULL || last_used_idx == NULL)
 		return -1;
 
@@ -819,5 +819,5 @@ int rte_vhost_set_vring_base(int vid, uint16_t queue_id,
 	struct virtio_net *dev = get_device(vid);
 
-	if (!dev)
+	if (dev == NULL)
 		return -1;
 
-- 
2.20.1

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-05-08 11:05:06.710360401 +0100
+++ 0017-vhost-fix-null-pointer-checking.patch	2019-05-08 11:05:05.793933515 +0100
@@ -1 +1 @@
-From b045785f92d9a59d2ed3d27891201d1f07c051b3 Mon Sep 17 00:00:00 2001
+From cee8e7e8d04eb6ef8b7235c05e4d82341ab55378 Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit b045785f92d9a59d2ed3d27891201d1f07c051b3 ]
+
@@ -19 +20,0 @@
-Cc: stable at dpdk.org
@@ -30 +31 @@
-index f0fdb83f7..c7a77a5d5 100644
+index c2bf023d1..4007d9d56 100644
@@ -48 +49 @@
-@@ -978,4 +981,7 @@ rte_vhost_driver_unregister(const char *path)
+@@ -964,4 +967,7 @@ rte_vhost_driver_unregister(const char *path)
@@ -57 +58 @@
-index 321e11f17..e91548843 100644
+index ae721e06b..f560419b1 100644
@@ -76 +77 @@
-index e480aeac9..163f4595e 100644
+index 70ac6bc9c..488cf1694 100644
@@ -79 +80 @@
-@@ -448,5 +448,5 @@ rte_vhost_get_mtu(int vid, uint16_t *mtu)
+@@ -461,5 +461,5 @@ rte_vhost_get_mtu(int vid, uint16_t *mtu)
@@ -86 +87 @@
-@@ -516,5 +516,5 @@ rte_vhost_get_ifname(int vid, char *buf, size_t len)
+@@ -529,5 +529,5 @@ rte_vhost_get_ifname(int vid, char *buf, size_t len)
@@ -93 +94 @@
-@@ -533,5 +533,5 @@ rte_vhost_get_negotiated_features(int vid, uint64_t *features)
+@@ -546,5 +546,5 @@ rte_vhost_get_negotiated_features(int vid, uint64_t *features)
@@ -100 +101 @@
-@@ -548,5 +548,5 @@ rte_vhost_get_mem_table(int vid, struct rte_vhost_memory **mem)
+@@ -561,5 +561,5 @@ rte_vhost_get_mem_table(int vid, struct rte_vhost_memory **mem)
@@ -107 +108 @@
-@@ -571,5 +571,5 @@ rte_vhost_get_vhost_vring(int vid, uint16_t vring_idx,
+@@ -584,5 +584,5 @@ rte_vhost_get_vhost_vring(int vid, uint16_t vring_idx,
@@ -114 +115 @@
-@@ -764,5 +764,5 @@ int rte_vhost_get_log_base(int vid, uint64_t *log_base,
+@@ -777,5 +777,5 @@ int rte_vhost_get_log_base(int vid, uint64_t *log_base,
@@ -121 +122 @@
-@@ -778,5 +778,5 @@ int rte_vhost_get_vring_base(int vid, uint16_t queue_id,
+@@ -798,5 +798,5 @@ int rte_vhost_get_vring_base(int vid, uint16_t queue_id,
@@ -128 +129 @@
-@@ -806,5 +806,5 @@ int rte_vhost_extern_callback_register(int vid,
+@@ -819,5 +819,5 @@ int rte_vhost_set_vring_base(int vid, uint16_t queue_id,
@@ -132 +133 @@
-+	if (dev == NULL || ops == NULL)
++	if (dev == NULL)

More information about the stable mailing list