Hi Maxime,
>-----Original Message-----
>From: dev <dev-boun...@dpdk.org> On Behalf Of Maxime Coquelin
>Sent: Monday, November 9, 2020 8:16 PM
>To: dev@dpdk.org; xuan.d...@intel.com; step...@networkplumber.org;
>NBU-Contact-Thomas Monjalon <tho...@monjalon.net>; sta...@dpdk.org;
>chenbo....@intel.com
>Cc: Maxime Coquelin <maxime.coque...@redhat.com>
>Subject: [dpdk-dev] [PATCH v3 1/3] vhost: fix error path when setting memory
>tables
>
>If an error is encountered before the memory regions are parsed, the file
>descriptors for these shared buffers are leaked.
>
>This patch fixes this by closing the message file descriptors on error, taking
>care of avoiding double closing of the file descriptors. guest_pages is also
>freed, even though it was not leaked as its pointer was not overridden on
>subsequent function calls.
>
>Fixes: 8f972312b8f4 ("vhost: support vhost-user")
>Cc: sta...@dpdk.org
>
>Reported-by: Xuan Ding <xuan.d...@intel.com>
>Signed-off-by: Maxime Coquelin <maxime.coque...@redhat.com>
>Reviewed-by: Chenbo Xia <chenbo....@intel.com>
>---
> lib/librte_vhost/vhost_user.c | 65 +++++++++++++++++++++--------------
> 1 file changed, 39 insertions(+), 26 deletions(-)
>
>diff --git a/lib/librte_vhost/vhost_user.c b/lib/librte_vhost/vhost_user.c
>index
>8a8726f8b8..473fd778ca 100644
>--- a/lib/librte_vhost/vhost_user.c
>+++ b/lib/librte_vhost/vhost_user.c
>@@ -99,8 +99,15 @@ close_msg_fds(struct VhostUserMsg *msg) {
> int i;
>
>- for (i = 0; i < msg->fd_num; i++)
>- close(msg->fds[i]);
>+ for (i = 0; i < msg->fd_num; i++) {
>+ int fd = msg->fds[i];
>+
>+ if (fd == -1)
>+ continue;
>+
>+ msg->fds[i] = -1;
>+ close(fd);
>+ }
> }
>
> /*
>@@ -1004,7 +1011,6 @@ vhost_user_set_mem_table(struct virtio_net
>**pdev, struct VhostUserMsg *msg,
> uint64_t alignment;
> uint32_t i;
> int populate;
>- int fd;
>
> if (validate_msg_fds(msg, memory->nregions) != 0)
> return RTE_VHOST_MSG_RESULT_ERR;
>@@ -1012,16 +1018,13 @@ vhost_user_set_mem_table(struct virtio_net
>**pdev, struct VhostUserMsg *msg,
> if (memory->nregions > VHOST_MEMORY_MAX_NREGIONS) {
> VHOST_LOG_CONFIG(ERR,
> "too many memory regions (%u)\n", memory-
>>nregions);
>- return RTE_VHOST_MSG_RESULT_ERR;
>+ goto close_msg_fds;
> }
>
> if (dev->mem && !vhost_memory_changed(memory, dev->mem)) {
> VHOST_LOG_CONFIG(INFO,
> "(%d) memory regions not changed\n", dev->vid);
>-
>- close_msg_fds(msg);
>-
>- return RTE_VHOST_MSG_RESULT_OK;
>+ goto close_msg_fds;
Return code will be changed to RTE_VHOST_MSG_RESULT_ERR, is this ok?
> }
>
> if (dev->mem) {
>@@ -1054,7 +1057,7 @@ vhost_user_set_mem_table(struct virtio_net
>**pdev, struct VhostUserMsg *msg,
> "(%d) failed to allocate memory "
> "for dev->guest_pages\n",
> dev->vid);
>- return RTE_VHOST_MSG_RESULT_ERR;
>+ goto close_msg_fds;
> }
> }
>
>@@ -1064,18 +1067,23 @@ vhost_user_set_mem_table(struct virtio_net
>**pdev, struct VhostUserMsg *msg,
> VHOST_LOG_CONFIG(ERR,
> "(%d) failed to allocate memory for dev->mem\n",
> dev->vid);
>- return RTE_VHOST_MSG_RESULT_ERR;
>+ goto free_guest_pages;
> }
> dev->mem->nregions = memory->nregions;
>
> for (i = 0; i < memory->nregions; i++) {
>- fd = msg->fds[i];
> reg = &dev->mem->regions[i];
>
> reg->guest_phys_addr = memory->regions[i].guest_phys_addr;
> reg->guest_user_addr = memory->regions[i].userspace_addr;
> reg->size = memory->regions[i].memory_size;
>- reg->fd = fd;
>+ reg->fd = msg->fds[i];
>+
>+ /*
>+ * Assign invalid file descriptor value to avoid double
>+ * closing on error path.
>+ */
>+ msg->fds[i] = -1;
>
> mmap_offset = memory->regions[i].mmap_offset;
>
>@@ -1085,7 +1093,7 @@ vhost_user_set_mem_table(struct virtio_net
>**pdev, struct VhostUserMsg *msg,
> "mmap_offset (%#"PRIx64") and memory_size
>"
> "(%#"PRIx64") overflow\n",
> mmap_offset, reg->size);
>- goto err_mmap;
>+ goto free_mem_table;
> }
>
> mmap_size = reg->size + mmap_offset;
>@@ -1098,11 +1106,11 @@ vhost_user_set_mem_table(struct virtio_net
>**pdev, struct VhostUserMsg *msg,
> * to avoid failure, make sure in caller to keep length
> * aligned.
> */
>- alignment = get_blk_size(fd);
>+ alignment = get_blk_size(reg->fd);
> if (alignment == (uint64_t)-1) {
> VHOST_LOG_CONFIG(ERR,
> "couldn't get hugepage size through fstat\n");
>- goto err_mmap;
>+ goto free_mem_table;
> }
> mmap_size = RTE_ALIGN_CEIL(mmap_size, alignment);
> if (mmap_size == 0) {
>@@ -1118,17 +1126,17 @@ vhost_user_set_mem_table(struct virtio_net
>**pdev, struct VhostUserMsg *msg,
> VHOST_LOG_CONFIG(ERR, "mmap size (0x%" PRIx64 ")
>"
> "or alignment (0x%" PRIx64 ") is
>invalid\n",
> reg->size + mmap_offset, alignment);
>- goto err_mmap;
>+ goto free_mem_table;
> }
>
> populate = dev->async_copy ? MAP_POPULATE : 0;
> mmap_addr = mmap(NULL, mmap_size, PROT_READ |
>PROT_WRITE,
>- MAP_SHARED | populate, fd, 0);
>+ MAP_SHARED | populate, reg->fd, 0);
>
> if (mmap_addr == MAP_FAILED) {
> VHOST_LOG_CONFIG(ERR,
> "mmap region %u failed.\n", i);
>- goto err_mmap;
>+ goto free_mem_table;
> }
>
> reg->mmap_addr = mmap_addr;
>@@ -1141,7 +1149,7 @@ vhost_user_set_mem_table(struct virtio_net
>**pdev, struct VhostUserMsg *msg,
> VHOST_LOG_CONFIG(ERR,
> "adding guest pages to region %u
>failed.\n",
> i);
>- goto err_mmap;
>+ goto free_mem_table;
> }
>
> VHOST_LOG_CONFIG(INFO,
>@@ -1184,17 +1192,17 @@ vhost_user_set_mem_table(struct virtio_net
>**pdev, struct VhostUserMsg *msg,
> if (read_vhost_message(main_fd, &ack_msg) <= 0) {
> VHOST_LOG_CONFIG(ERR,
> "Failed to read qemu ack on postcopy set-
>mem-table\n");
>- goto err_mmap;
>+ goto free_mem_table;
> }
>
> if (validate_msg_fds(&ack_msg, 0) != 0)
>- goto err_mmap;
>+ goto free_mem_table;
>
> if (ack_msg.request.master != VHOST_USER_SET_MEM_TABLE)
>{
> VHOST_LOG_CONFIG(ERR,
> "Bad qemu ack on postcopy set-mem-table
>(%d)\n",
> ack_msg.request.master);
>- goto err_mmap;
>+ goto free_mem_table;
> }
>
> /* Now userfault register and we can use the memory */ @@
>-1218,7 +1226,7 @@ vhost_user_set_mem_table(struct virtio_net **pdev,
>struct VhostUserMsg *msg,
> "Failed to register ufd for region %d:
>(ufd = %d) %s\n",
> i, dev->postcopy_ufd,
> strerror(errno));
>- goto err_mmap;
>+ goto free_mem_table;
> }
> VHOST_LOG_CONFIG(INFO,
> "\t userfaultfd registered for range : "
>@@ -1227,7 +1235,7 @@ vhost_user_set_mem_table(struct virtio_net
>**pdev, struct VhostUserMsg *msg,
> (uint64_t)reg_struct.range.start +
> (uint64_t)reg_struct.range.len - 1); #else
>- goto err_mmap;
>+ goto free_mem_table;
> #endif
> }
> }
>@@ -1249,7 +1257,7 @@ vhost_user_set_mem_table(struct virtio_net
>**pdev, struct VhostUserMsg *msg,
> dev = translate_ring_addresses(dev, i);
> if (!dev) {
> dev = *pdev;
>- goto err_mmap;
>+ goto free_mem_table;
> }
>
> *pdev = dev;
>@@ -1260,10 +1268,15 @@ vhost_user_set_mem_table(struct virtio_net
>**pdev, struct VhostUserMsg *msg,
>
> return RTE_VHOST_MSG_RESULT_OK;
>
>-err_mmap:
>+free_mem_table:
> free_mem_region(dev);
> rte_free(dev->mem);
> dev->mem = NULL;
>+free_guest_pages:
>+ rte_free(dev->guest_pages);
>+ dev->guest_pages = NULL;
>+close_msg_fds:
>+ close_msg_fds(msg);
> return RTE_VHOST_MSG_RESULT_ERR;
> }
>
>--
>2.26.2
