On Tue, 29 Sep 2020 03:45:28 -0400 "Michael S. Tsirkin" <mst@xxxxxxxxxx> wrote: > On Mon, Sep 28, 2020 at 02:35:04PM +0200, Greg Kurz wrote: > > When the IOTLB device is enabled, the vring addresses we get from > > userspace are GIOVAs. It is thus wrong to pass them to vq_access_ok() > > which only takes HVAs. The IOTLB map is likely empty at this stage, > > so there isn't much that can be done with these GIOVAs. Access validation > > will be performed at IOTLB prefetch time anyway. > > > > BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1883084 > > Fixes: 6b1e6cc7855b ("vhost: new device IOTLB API") > > Cc: jasowang@xxxxxxxxxx > > CC: stable@xxxxxxxxxxxxxxx # 4.14+ > > Signed-off-by: Greg Kurz <groug@xxxxxxxx> > > --- > > drivers/vhost/vhost.c | 5 ++++- > > 1 file changed, 4 insertions(+), 1 deletion(-) > > > > diff --git a/drivers/vhost/vhost.c b/drivers/vhost/vhost.c > > index b45519ca66a7..6296e33df31d 100644 > > --- a/drivers/vhost/vhost.c > > +++ b/drivers/vhost/vhost.c > > @@ -1509,7 +1509,10 @@ static long vhost_vring_set_addr(struct vhost_dev *d, > > * If it is not, we don't as size might not have been setup. > > * We will verify when backend is configured. */ > > if (vq->private_data) { > > - if (!vq_access_ok(vq, vq->num, > > + /* If an IOTLB device is present, the vring addresses are > > + * GIOVAs. Access will be validated during IOTLB prefetch. */ > > + if (!vq->iotlb && > > + !vq_access_ok(vq, vq->num, > > (void __user *)(unsigned long)a.desc_user_addr, > > (void __user *)(unsigned long)a.avail_user_addr, > > (void __user *)(unsigned long)a.used_user_addr)) > > OK I think you are right here. > > Jason, can you ack pls? > > However, I think a cleaner way to check this is by moving > the following check from vhost_vq_access_ok to vq_access_ok: > > /* Access validation occurs at prefetch time with IOTLB */ > if (vq->iotlb) > return true; > Yes I agree. I'll do that in v2. > > > >
