[PATCH] vhost: fix unsafe vrings addresses modifications
Maxime Coquelin
maxime.coquelin at redhat.com
Thu Jan 27 12:09:53 CET 2022
This patch adds missing protection around vring_invalidate
and translate_ring_addresses calls in vhost_user_iotlb_msg.
Fixes: eefac9536a90 ("vhost: postpone device creation until rings are mapped")
Cc: stable at dpdk.org
Signed-off-by: Maxime Coquelin <maxime.coquelin at redhat.com>
---
lib/vhost/vhost_user.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/lib/vhost/vhost_user.c b/lib/vhost/vhost_user.c
index 5eb1dd6812..ae8513c465 100644
--- a/lib/vhost/vhost_user.c
+++ b/lib/vhost/vhost_user.c
@@ -2566,8 +2566,11 @@ vhost_user_iotlb_msg(struct virtio_net **pdev, struct VhostUserMsg *msg,
vhost_user_iotlb_cache_insert(vq, imsg->iova, vva,
len, imsg->perm);
- if (is_vring_iotlb(dev, vq, imsg))
+ if (is_vring_iotlb(dev, vq, imsg)) {
+ rte_spinlock_lock(&vq->access_lock);
*pdev = dev = translate_ring_addresses(dev, i);
+ rte_spinlock_unlock(&vq->access_lock);
+ }
}
break;
case VHOST_IOTLB_INVALIDATE:
@@ -2580,8 +2583,11 @@ vhost_user_iotlb_msg(struct virtio_net **pdev, struct VhostUserMsg *msg,
vhost_user_iotlb_cache_remove(vq, imsg->iova,
imsg->size);
- if (is_vring_iotlb(dev, vq, imsg))
+ if (is_vring_iotlb(dev, vq, imsg)) {
+ rte_spinlock_lock(&vq->access_lock);
vring_invalidate(dev, vq);
+ rte_spinlock_unlock(&vq->access_lock);
+ }
}
break;
default:
--
2.34.1
More information about the stable
mailing list