vhost: don't interrupt uninitialized virtqueues

rte_vhost_vring_call() from upstream DPDK can read some unitialized memory and crash if it's called on invalid queue ids. The implementation in our internal rte_vhost fork ends up wiritng to a random descriptor number, which doesn't cause any crashes but is a bug nevertheless. To fix it, just check if the queue is initialized before interrupting it during the session start. It's not a hot I/O path and there's no performance impact. Change-Id: I830c1be98ef00d4ece9a6bd88cf79b9dfe29d2a9 Signed-off-by: Darek Stojaczyk <dariusz.stojaczyk@intel.com> Reviewed-on: https://review.gerrithub.io/c/spdk/spdk/+/457247 Reviewed-by: Ben Walker <benjamin.walker@intel.com> Reviewed-by: Changpeng Liu <changpeng.liu@intel.com> Tested-by: SPDK CI Jenkins <sys_sgci@intel.com>
2019-06-07 13:45:37 +02:00 · 2019-06-07 13:45:37 +02:00 · 4fcec18d38
commit 4fcec18d38
parent 9c8937cfd8
1 changed files with 5 additions and 1 deletions
--- a/lib/vhost/vhost.c
+++ b/lib/vhost/vhost.c
@ -1177,7 +1177,11 @@ start_device(int vid)
 	 * Tested on QEMU 2.10.91 and 2.11.50.
 	 */
 	for (i = 0; i < vsession->max_queues; i++) {
-		rte_vhost_vring_call(vsession->vid, vsession->virtqueue[i].vring_idx);
+		struct spdk_vhost_virtqueue *q = &vsession->virtqueue[i];
+
+		if (q->vring.desc != NULL && q->vring.size > 0) {
+			rte_vhost_vring_call(vsession->vid, q->vring_idx);
+		}
 	}

 	spdk_vhost_session_set_coalescing(vdev, vsession, NULL);