On 10/5/22 17:06, Maxime Coquelin wrote:
>
>
> On 8/2/22 02:49, Claudio Fontana wrote:
>> in virtio_dev_split we cannot currently call desc_to_mbuf with
>> nr_vec == 0, or we end up trying to rte_memcpy from a source address
>> buf_vec[0] that is an uninitialized st
On 9/28/22 16:37, Maxime Coquelin wrote:
> Hi Claudio,
>
> The title should be reworded, maybe something like below?
> "vhost: fix possible out of bound access in buffer vectors"
possible, I leave it to you and other maintainers here now to figure out.
>
> On 8
On 11/2/22 11:34, Claudio Fontana wrote:
> On 10/5/22 17:06, Maxime Coquelin wrote:
>>
>>
>> On 8/2/22 02:49, Claudio Fontana wrote:
>>> in virtio_dev_split we cannot currently call desc_to_mbuf with
>>> nr_vec == 0, or we end up trying to rte_memcpy from a s
t virtio_net *dev, struct
vhost_virtqueue *vq,
idx = descs[idx].next;
}
+out:
*desc_chain_len = len;
*vec_idx = vec_id;
Any comments, ideas appreciated,
Thanks!
Claudio
--
Claudio Fontana
Engineering Manager Virtualization, SUSE Labs Core
SUSE Software Solutions Italy Srl
On 7/30/22 18:17, Claudio Fontana wrote:
> Hello all,
>
> with the latest DPDK, openvswitch and qemu
>
> DPDK tag v22.07
> openvswitch tag v2.17.1
> qemu v7.1-git 22.07.2022
>
> and a DPDK setup which involves also an ubuntu guest with DPDK 16.11 test-pmd
> appli
an improvement in the current error handling.
For your review and comments,
Claudio
Claudio Fontana (2):
vhost: fix error handling in virtio_dev_tx_split
vhost: improve error handling in desc_to_mbuf
lib/vhost/virtio_net.c | 16 +---
1 file changed, 13 insertions(+), 3
d
14 0x7f6771933a8f in clone
Tested-by: Claudio Fontana
Signed-off-by: Claudio Fontana
---
lib/vhost/virtio_net.c | 11 +--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/lib/vhost/virtio_net.c b/lib/vhost/virtio_net.c
index 35fa4670fd..0b8db2046e 100644
--- a/lib/vhost
check when increasing vec_idx that it is still valid
in the (buf_len < dev->vhost_hlen) case too.
Signed-off-by: Claudio Fontana
---
lib/vhost/virtio_net.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/lib/vhost/virtio_net.c b/lib/vhost/virtio_net.c
index 0b8d
an improvement in the current error handling.
For your review and comments,
Claudio
Claudio Fontana (2):
vhost: fix error handling in virtio_dev_tx_split
vhost: improve error handling in desc_to_mbuf
lib/vhost/virtio_net.c | 16 +---
1 file changed, 13 insertions(+), 3
4 0x7f6771933a8f in clone
Tested-by: Claudio Fontana
Signed-off-by: Claudio Fontana
---
lib/vhost/virtio_net.c | 11 +--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/lib/vhost/virtio_net.c b/lib/vhost/virtio_net.c
index 35fa4670fd..0b8db2046e 100644
--- a/lib/vhost
check when increasing vec_idx that it is still valid
in the (buf_len < dev->vhost_hlen) case too.
Signed-off-by: Claudio Fontana
---
lib/vhost/virtio_net.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/lib/vhost/virtio_net.c b/lib/vhost/virtio_net.c
index 0b8d
On 7/30/22 18:23, Claudio Fontana wrote:
> On 7/30/22 18:17, Claudio Fontana wrote:
>> Hello all,
>>
>> with the latest DPDK, openvswitch and qemu
>>
>> DPDK tag v22.07
>> openvswitch tag v2.17.1
>> qemu v7.1-git 22.07.2022
>>
>> and a DPDK
On 8/1/22 13:57, Claudio Fontana wrote:
> On 7/30/22 18:23, Claudio Fontana wrote:
>> On 7/30/22 18:17, Claudio Fontana wrote:
>>> Hello all,
>>>
>>> with the latest DPDK, openvswitch and qemu
>>>
>>> DPDK tag v22.07
>>> openvswitch ta
mbuf_to_desc, so that in no
case they attempt to read and dereference addresses from the buf_vec[]
array when it does not contain any valid elements.
---
For your review and comments,
Claudio
Claudio Fontana (2):
vhost: check for nr_vec == 0 in desc_to_mbuf, mbuf_to_desc
vhost: improve
dev_process_rxq_port
11 0x7f6771f04239 in pmd_thread_main
12 0x7f6771f92aff in ovsthread_wrapper
13 0x7f6771c1b6ea in start_thread
14 0x7f6771933a8f in clone
Tested-by: Claudio Fontana
Signed-off-by: Claudio Fontana
---
lib/vhost/virtio_net.c | 11 ---
1 file chan
check when increasing vec_idx that it is still valid
in the (buf_len < dev->vhost_hlen) case too.
Signed-off-by: Claudio Fontana
---
lib/vhost/virtio_net.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/lib/vhost/virtio_net.c b/lib/vhost/virtio_net.c
index 8d0d
fixing virtio_dev_tx_split, put the check
for nr_vec == 0 inside desc_to_mbuf and mbuf_to_desc, so that in no
case they attempt to read and dereference addresses from the buf_vec[]
array when it does not contain any valid elements.
---
For your review and comments,
Claudio
Claudio Fontana (2
dev_process_rxq_port
11 0x7f6771f04239 in pmd_thread_main
12 0x7f6771f92aff in ovsthread_wrapper
13 0x7f6771c1b6ea in start_thread
14 0x7f6771933a8f in clone
Tested-by: Claudio Fontana
Signed-off-by: Claudio Fontana
---
lib/vhost/virtio_net.c | 11 ---
1 file chan
check when increasing vec_idx that it is still valid
in the (buf_len < dev->vhost_hlen) case too.
Tested-by: Claudio Fontana
Signed-off-by: Claudio Fontana
---
lib/vhost/virtio_net.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/lib/vhost/virtio_net.c b/lib
On 8/2/22 03:40, Stephen Hemminger wrote:
> On Tue, 2 Aug 2022 02:49:36 +0200
> Claudio Fontana wrote:
>
>> This is an alternative, more general fix compared with PATCH v1,
>> and fixes style issues in v2.
>>
>> The series fixes a segmentation fault in the OVS P
On 8/2/22 19:20, Claudio Fontana wrote:
> On 8/2/22 03:40, Stephen Hemminger wrote:
>> On Tue, 2 Aug 2022 02:49:36 +0200
>> Claudio Fontana wrote:
>>
>>> This is an alternative, more general fix compared with PATCH v1,
>>> and fixes style issues in v2.
A weekly ping on this one,
any chance to get this fix for a guest-triggered host crash included?
Thanks,
Claudio
On 8/2/22 02:49, Claudio Fontana wrote:
> This is an alternative, more general fix compared with PATCH v1,
> and fixes style issues in v2.
>
> The series fixes a segmen
22 matches
Mail list logo
