[PATCH] librte_eal: FreeBSD contigmem prevent possible buffer overrun during module unload.

dev.dpdk.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] librte_eal: FreeBSD contigmem prevent possible buffer overrun during module unload.
@ 2014-10-14 12:18 Alan Carew
       [not found] ` <1413289116-4825-1-git-send-email-alan.carew-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
  0 siblings, 1 reply; 3+ messages in thread
From: Alan Carew @ 2014-10-14 12:18 UTC (permalink / raw)
  To: dev-VfR2kkLFssw

The maximum mount contiguous memory regions for FreeBSD is limited by
RTE_CONTIGMEM_MAX_NUM_BUFS, a pointer to each region is stored in
static void * contigmem_buffers[RTE_CONTIGMEM_MAX_NUM_BUFS]

A user can specify a greater amount via hw.contigmem.num_buffers,
while the allocation logic will prevent this allocation from occuring the logic
in contigmem_unload() will attempt to free hw.contigmem.num_buffers and an
overrun occurs.

This patch limits the freeing to a maximum of RTE_CONTIGMEM_MAX_NUM_BUFS.

Signed-off-by: Alan Carew <alan.carew-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
---
 lib/librte_eal/bsdapp/contigmem/contigmem.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/librte_eal/bsdapp/contigmem/contigmem.c b/lib/librte_eal/bsdapp/contigmem/contigmem.c
index b71474a..b1a23fa 100644
--- a/lib/librte_eal/bsdapp/contigmem/contigmem.c
+++ b/lib/librte_eal/bsdapp/contigmem/contigmem.c
@@ -178,7 +178,7 @@ contigmem_unload()
 	if (contigmem_eh_tag != NULL)
 		EVENTHANDLER_DEREGISTER(process_exit, contigmem_eh_tag);
 
-	for (i = 0; i < contigmem_num_buffers; i++)
+	for (i = 0; i < RTE_CONTIGMEM_MAX_NUM_BUFS; i++)
 		if (contigmem_buffers[i] != NULL)
 			contigfree(contigmem_buffers[i], contigmem_buffer_size,
 					M_CONTIGMEM);
-- 
1.9.3

^ permalink raw reply related	[flat|nested] 3+ messages in thread

[parent not found: <1413289116-4825-1-git-send-email-alan.carew-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>]

* Re: [PATCH] librte_eal: FreeBSD contigmem prevent possible buffer overrun during module unload.
       [not found] ` <1413289116-4825-1-git-send-email-alan.carew-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
@ 2014-10-16 19:32   ` De Lara Guarch, Pablo
       [not found]     ` <E115CCD9D858EF4F90C690B0DCB4D8972262CA4C-kPTMFJFq+rEMvF1YICWikbfspsVTdybXVpNB7YpNyf8@public.gmane.org>
  0 siblings, 1 reply; 3+ messages in thread
From: De Lara Guarch, Pablo @ 2014-10-16 19:32 UTC (permalink / raw)
  To: Carew, Alan, dev-VfR2kkLFssw@public.gmane.org



> -----Original Message-----
> From: dev [mailto:dev-bounces-VfR2kkLFssw@public.gmane.org] On Behalf Of Alan Carew
> Sent: Tuesday, October 14, 2014 1:19 PM
> To: dev-VfR2kkLFssw@public.gmane.org
> Subject: [dpdk-dev] [PATCH] librte_eal: FreeBSD contigmem prevent
> possible buffer overrun during module unload.
> 
> The maximum mount contiguous memory regions for FreeBSD is limited by
> RTE_CONTIGMEM_MAX_NUM_BUFS, a pointer to each region is stored in
> static void * contigmem_buffers[RTE_CONTIGMEM_MAX_NUM_BUFS]
> 
> A user can specify a greater amount via hw.contigmem.num_buffers,
> while the allocation logic will prevent this allocation from occuring the logic
> in contigmem_unload() will attempt to free hw.contigmem.num_buffers and
> an
> overrun occurs.
> 
> This patch limits the freeing to a maximum of
> RTE_CONTIGMEM_MAX_NUM_BUFS.
> 
> Signed-off-by: Alan Carew <alan.carew-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>

Acked-by: Pablo de Lara <pablo.de.lara.guarch-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>

^ permalink raw reply	[flat|nested] 3+ messages in thread

[parent not found: <E115CCD9D858EF4F90C690B0DCB4D8972262CA4C-kPTMFJFq+rEMvF1YICWikbfspsVTdybXVpNB7YpNyf8@public.gmane.org>]

* Re: [PATCH] librte_eal: FreeBSD contigmem prevent possible buffer overrun during module unload.
       [not found]     ` <E115CCD9D858EF4F90C690B0DCB4D8972262CA4C-kPTMFJFq+rEMvF1YICWikbfspsVTdybXVpNB7YpNyf8@public.gmane.org>
@ 2014-10-20 21:48       ` Thomas Monjalon
  0 siblings, 0 replies; 3+ messages in thread
From: Thomas Monjalon @ 2014-10-20 21:48 UTC (permalink / raw)
  To: Carew, Alan; +Cc: dev-VfR2kkLFssw

> > The maximum mount contiguous memory regions for FreeBSD is limited by
> > RTE_CONTIGMEM_MAX_NUM_BUFS, a pointer to each region is stored in
> > static void * contigmem_buffers[RTE_CONTIGMEM_MAX_NUM_BUFS]
> > 
> > A user can specify a greater amount via hw.contigmem.num_buffers,
> > while the allocation logic will prevent this allocation from occuring the logic
> > in contigmem_unload() will attempt to free hw.contigmem.num_buffers and
> > an overrun occurs.
> > 
> > This patch limits the freeing to a maximum of
> > RTE_CONTIGMEM_MAX_NUM_BUFS.
> > 
> > Signed-off-by: Alan Carew <alan.carew-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
> 
> Acked-by: Pablo de Lara <pablo.de.lara.guarch-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>

Applied

Thanks
-- 
Thomas

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2014-10-20 21:48 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-10-14 12:18 [PATCH] librte_eal: FreeBSD contigmem prevent possible buffer overrun during module unload Alan Carew
     [not found] ` <1413289116-4825-1-git-send-email-alan.carew-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2014-10-16 19:32   ` De Lara Guarch, Pablo
     [not found]     ` <E115CCD9D858EF4F90C690B0DCB4D8972262CA4C-kPTMFJFq+rEMvF1YICWikbfspsVTdybXVpNB7YpNyf8@public.gmane.org>
2014-10-20 21:48       ` Thomas Monjalon

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).