numam-dpdk/lib/eal/linux
Anatoly Burakov ab910a8068 vfio: fix partial unmap
Partial unmap support was introduced in commit c13ca4e81c
("vfio: fix DMA mapping granularity for IOVA as VA"), and with it
was added a check that dereferenced the IOMMU type to determine whether
partial ummapping is supported for currently configured IOMMU type. In
certain circumstances (such as when VFIO is supported, but no devices
were bound to the VFIO driver), the IOMMU type pointer can be NULL.

However, dereferencing of IOMMU type was guarded by access to the user
maps list - that is, we were always checking the user map list first,
and then, if we found a memory region that encloses the one we're trying
to unmap, we would have performed the IOMMU type check.

This ensured that the IOMMU type check will not cause any NULL pointer
dereferences, because in order for an IOMMU type check to have been
performed, there necessarily must have been at least one memory region
that was previously mapped successfully, and that implies having a
defined IOMMU type.

When commit 56259f7fc0 ("vfio: allow partially unmapping adjacent
memory") was introduced, the IOMMU type check was moved to
before we were traversing the user mem maps list, thereby introducing a
potential NULL dereference, because the IOMMU type access was no longer
guarded by the user mem maps list traversal.

Fix the issue by moving the IOMMU type check to after the user mem maps
traversal, thereby ensuring that by the time the check happens, the
IOMMU type is always valid.

Fixes: 56259f7fc0 ("vfio: allow partially unmapping adjacent memory")

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Reviewed-by: David Marchand <david.marchand@redhat.com>
Tested-by: Xuan Ding <xuan.ding@intel.com>
2021-10-28 09:51:55 +02:00
..
include
eal_alarm.c alarm: remove direct access to interrupt handle 2021-10-25 21:20:12 +02:00
eal_cpuflags.c
eal_debug.c
eal_dev.c lib: remove direct access to interrupt handle 2021-10-25 21:20:12 +02:00
eal_hugepage_info.c
eal_interrupts.c interrupts: remove direct access to interrupt handle 2021-10-25 21:20:12 +02:00
eal_lcore.c
eal_log.c
eal_memalloc.c
eal_memory.c
eal_thread.c eal: fix memory ordering around lcore task accesses 2021-10-25 18:20:59 +02:00
eal_timer.c
eal_vfio_mp_sync.c
eal_vfio.c vfio: fix partial unmap 2021-10-28 09:51:55 +02:00
eal_vfio.h
eal.c alarm: remove direct access to interrupt handle 2021-10-25 21:20:12 +02:00
meson.build