d/numam-dpdk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

vhost: fix crash

Browse Source 
In a running VM, operations (like device attach/detach) will
trigger the QEMU to resend set_mem_table to vhost-user backend.

DPDK vhost-user handles this message rudely by unmap all existing
regions and map new ones. This might lead to segfault if there
is pmd thread just trying to touch those unmapped memory regions.

But for most cases, except VM memory hotplug, QEMU still sends the
set_mem_table message even the memory regions are not changed as
QEMU vhost-user filters out those not backed by file (fd > 0).

To fix this case, we add a check in the handler to see if the
memory regions are really changed; if not, we just keep old memory
regions.

Fixes: 8f972312b8f4 ("vhost: support vhost-user")
CC: stable@dpdk.org

Reported-by: Yang Zhang <zy107165@alibaba-inc.com>
Reported-by: Xin Long <longxin.xl@alibaba-inc.com>
Signed-off-by: Yi Yang <yi.y.yang@intel.com>
Signed-off-by: Jianfeng Tan <jianfeng.tan@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Acked-by: Yuanhan Liu <yliu@fridaylinux.org>
This commit is contained in:
Jianfeng Tan 2017-11-15 11:41:08 +00:00 committed by Ferruh Yigit
parent b8a0cebdda
commit cab278dee9
1 changed files with 34 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
lib/librte_vhost/vhost_user.c
View File

@ -544,6 +544,30 @@ dump_guest_pages(struct virtio_net *dev)
#define dump_guest_pages(dev)
#endif
static bool
vhost_memory_changed(struct VhostUserMemory *new,
struct rte_vhost_memory *old)
{
uint32_t i;
if (new->nregions != old->nregions)
return true;
for (i = 0; i < new->nregions; ++i) {
VhostUserMemoryRegion *new_r = &new->regions[i];
struct rte_vhost_mem_region *old_r = &old->regions[i];
if (new_r->guest_phys_addr != old_r->guest_phys_addr)
return true;
if (new_r->memory_size != old_r->size)
return true;
if (new_r->userspace_addr != old_r->guest_user_addr)
return true;
}
return false;
}
static int
vhost_user_set_mem_table(struct virtio_net *dev, struct VhostUserMsg *pmsg)
{
@ -556,6 +580,16 @@ vhost_user_set_mem_table(struct virtio_net *dev, struct VhostUserMsg *pmsg)
uint32_t i;
int fd;
if (dev->mem && !vhost_memory_changed(&memory, dev->mem)) {
RTE_LOG(INFO, VHOST_CONFIG,
"(%d) memory regions not changed\n", dev->vid);
for (i = 0; i < memory.nregions; i++)
close(pmsg->fds[i]);
return 0;
}
if (dev->mem) {
free_mem_region(dev);
rte_free(dev->mem);