The code added for allowing --huge-dir to specify hugetlbfs
sub-directories has a bug where it incorrectly matches mounts that
contain a prefix of the specified --huge-dir.
Consider --huge-dir=/dev/hugepages1G is passed to rte_eal_init. Given
the following hugetlbfs mounts
$ mount | grep hugetlbfs
hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime,pagesize=2M)
hugetlbfs on /dev/hugepages1G type hugetlbfs (rw,relatime,pagesize=1024M)
hugetlbfs on /mnt/huge type hugetlbfs (rw,relatime,pagesize=2M)
get_hugepage_dir is first called with hugepage_sz=2097152. While
iterating over all mount points, /dev/hugepages is incorrectly
determined to be a match because it's a prefix of --huge-dir. The caller
then obtains an exclusive lock on --huge-dir.
In the next call to get_hugepage_dir, hugepage_sz=1073741824. This call
correctly determines /dev/hugepages1G is a match. The caller again
attempts to obtain an exclusive lock on --huge-dir and deadlocks because
it's already holding a lock.
This has been corrected by ensuring any matched mount point is either an
exact match or a parent path of --huge-dir.
Fixes: 24d5a1ce6b85 ("eal/linux: allow hugetlbfs sub-directories")
Cc: john.le...@nutanix.com
Cc: sta...@dpdk.org
Signed-off-by: Ashish Sadanandan <ashish.sadanan...@gmail.com>
---
lib/eal/linux/eal_hugepage_info.c | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/lib/eal/linux/eal_hugepage_info.c
b/lib/eal/linux/eal_hugepage_info.c
index a1b6cb31ff..e26e4d7a7a 100644
--- a/lib/eal/linux/eal_hugepage_info.c
+++ b/lib/eal/linux/eal_hugepage_info.c
@@ -214,6 +214,8 @@ get_hugepage_dir(uint64_t hugepage_sz, char *hugedir, int
len)
char buf[BUFSIZ];
const struct internal_config *internal_conf =
eal_get_internal_configuration();
+ const size_t hugepage_dir_len = (internal_conf->hugepage_dir != NULL) ?
+ strlen(internal_conf->hugepage_dir) : 0;
struct stat st;
/*
@@ -233,6 +235,7 @@ get_hugepage_dir(uint64_t hugepage_sz, char *hugedir, int
len)
while (fgets(buf, sizeof(buf), fd)){
const char *pagesz_str;
+ size_t mountpt_len = 0;
if (rte_strsplit(buf, sizeof(buf), splitstr, _FIELDNAME_MAX,
split_tok) != _FIELDNAME_MAX) {
@@ -265,12 +268,16 @@ get_hugepage_dir(uint64_t hugepage_sz, char *hugedir, int
len)
break;
}
+ mountpt_len = strlen(splitstr[MOUNTPT]);
+
/*
- * Ignore any mount that doesn't contain the --huge-dir
- * directory.
+ * Ignore any mount that doesn't contain the --huge-dir
directory
+ * or where mount point is not a parent path of --huge-dir
*/
if (strncmp(internal_conf->hugepage_dir, splitstr[MOUNTPT],
- strlen(splitstr[MOUNTPT])) != 0) {
+ mountpt_len) != 0 ||
+ (hugepage_dir_len > mountpt_len &&
+ internal_conf->hugepage_dir[mountpt_len] !=
'/')) {
continue;
}
@@ -278,7 +285,7 @@ get_hugepage_dir(uint64_t hugepage_sz, char *hugedir, int
len)
* We found a match, but only prefer it if it's a longer match
* (so /mnt/1 is preferred over /mnt for matching /mnt/1/2)).
*/
- if (strlen(splitstr[MOUNTPT]) > strlen(found))
+ if (mountpt_len > strlen(found))
strlcpy(found, splitstr[MOUNTPT], len);
} /* end while fgets */
--
2.27.0
