[dpdk-dev] [PATCH v3 2/4] lib/eal: fix vfio unmap that succeeds unexpectedly

Chaitanya Babu Talluri tallurix.chaitanya.babu at intel.com
Tue Aug 27 13:57:09 CEST 2019


Unmapping page with a VA that is found in the list
of current mappings will succeed even if the IOVA
for the chunk that is being unmapped,is mismatched.

Fix it by checking if IOVA address matches the
expected IOVA address exactly.

Fixes: 73a6390859 ("vfio: allow to map other memory regions")
Cc: stable at dpdk.org

Signed-off-by: Chaitanya Babu Talluri <tallurix.chaitanya.babu at intel.com>
---
 lib/librte_eal/linux/eal/eal_vfio.c | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/lib/librte_eal/linux/eal/eal_vfio.c b/lib/librte_eal/linux/eal/eal_vfio.c
index 104912077..04c284cb2 100644
--- a/lib/librte_eal/linux/eal/eal_vfio.c
+++ b/lib/librte_eal/linux/eal/eal_vfio.c
@@ -184,13 +184,13 @@ find_user_mem_map(struct user_mem_maps *user_mem_maps, uint64_t addr,
 		uint64_t iova, uint64_t len)
 {
 	uint64_t va_end = addr + len;
-	uint64_t iova_end = iova + len;
 	int i;
 
 	for (i = 0; i < user_mem_maps->n_maps; i++) {
 		struct user_mem_map *map = &user_mem_maps->maps[i];
 		uint64_t map_va_end = map->addr + map->len;
-		uint64_t map_iova_end = map->iova + map->len;
+		uint64_t diff_addr_len = addr - map->addr;
+		uint64_t expected_iova = map->iova + diff_addr_len;
 
 		/* check start VA */
 		if (addr < map->addr || addr >= map_va_end)
@@ -199,11 +199,10 @@ find_user_mem_map(struct user_mem_maps *user_mem_maps, uint64_t addr,
 		if (va_end <= map->addr || va_end > map_va_end)
 			continue;
 
-		/* check start IOVA */
-		if (iova < map->iova || iova >= map_iova_end)
-			continue;
-		/* check if IOVA end is within boundaries */
-		if (iova_end <= map->iova || iova_end > map_iova_end)
+		/* check whether user input iova is in sync with
+		 * user_mem_map entry's iova
+		 */
+		if (expected_iova != iova)
 			continue;
 
 		/* we've found our map */
-- 
2.17.2



More information about the dev mailing list