[dpdk-dev] [PATCH v3 4/9] lib_vhost: Check the virtqueue address's validity

[Ouyang Changchun]

This is added since v3.
Check the virtqueue address's validity.

Signed-off-by: Changchun Ouyang <changchun.ouyang at intel.com>
---
 lib/librte_vhost/vhost_user/vhost-net-user.c | 11 ++++++++++-
 lib/librte_vhost/virtio-net.c                | 10 ++++++++++
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/lib/librte_vhost/vhost_user/vhost-net-user.c b/lib/librte_vhost/vhost_user/vhost-net-user.c
index b66a653..552b501 100644
--- a/lib/librte_vhost/vhost_user/vhost-net-user.c
+++ b/lib/librte_vhost/vhost_user/vhost-net-user.c
@@ -398,7 +398,16 @@ vserver_message_handler(int connfd, void *dat, int *remove)
 		ops->set_vring_num(ctx, &msg.payload.state);
 		break;
 	case VHOST_USER_SET_VRING_ADDR:
-		ops->set_vring_addr(ctx, &msg.payload.addr);
+		if (ops->set_vring_addr(ctx, &msg.payload.addr) != 0) {
+			RTE_LOG(ERR, VHOST_CONFIG,
+				"error found in vhost set vring,"
+				"the vhost device will destroy\n");
+			close(connfd);
+			*remove = 1;
+			free(cfd_ctx);
+			user_destroy_device(ctx);
+			ops->destroy_device(ctx);
+		}
 		break;
 	case VHOST_USER_SET_VRING_BASE:
 		ops->set_vring_base(ctx, &msg.payload.state);
diff --git a/lib/librte_vhost/virtio-net.c b/lib/librte_vhost/virtio-net.c
index 3e24841..80df0ec 100644
--- a/lib/librte_vhost/virtio-net.c
+++ b/lib/librte_vhost/virtio-net.c
@@ -553,6 +553,7 @@ set_vring_addr(struct vhost_device_ctx ctx, struct vhost_vring_addr *addr)
 {
 	struct virtio_net *dev;
 	struct vhost_virtqueue *vq;
+	uint32_t i;
 
 	dev = get_device(ctx);
 	if (dev == NULL)
@@ -580,6 +581,15 @@ set_vring_addr(struct vhost_device_ctx ctx, struct vhost_vring_addr *addr)
 		return -1;
 	}
 
+	for (i = vq->last_used_idx; i < vq->avail->idx; i++)
+		if (vq->avail->ring[i] >= vq->size) {
+			RTE_LOG(ERR, VHOST_CONFIG, "%s (%"PRIu64"):"
+				"Please check virt queue pair idx:%d is "
+				"enalbed correctly on guest.\n", __func__,
+				dev->device_fh, addr->index / VIRTIO_QNUM);
+			return -1;
+		}
+
 	vq->used = (struct vring_used *)(uintptr_t)qva_to_vva(dev,
 			addr->index / VIRTIO_QNUM, addr->used_user_addr);
 	if (vq->used == 0) {
-- 
1.8.4.2