The mmap() function returns MAP_FAILED on failure, not NULL.
The current check for !mmap_addr will never detect mmap failures.
When mmap fails but the error is not detected, an invalid address (-1)
is inserted into the IOTLB cache via vhost_user_iotlb_cache_insert().
Subsequent attempts to access this address will cause memory
corruption or crash.
Fix by checking for MAP_FAILED instead of NULL. Also add strerror to
the error message for easier debugging.
Fixes: f27d5206c598 ("vhost: add VDUSE callback for IOTLB miss")
Cc: [email protected]
Signed-off-by: Maxime Coquelin <[email protected]>
---
lib/vhost/vduse.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/lib/vhost/vduse.c b/lib/vhost/vduse.c
index 897dee9f1b..0b5d158fee 100644
--- a/lib/vhost/vduse.c
+++ b/lib/vhost/vduse.c
@@ -86,9 +86,10 @@ vduse_iotlb_miss(struct virtio_net *dev, uint64_t iova,
uint8_t perm __rte_unuse
size = entry.last - entry.start + 1;
mmap_addr = mmap(0, size + entry.offset, entry.perm, MAP_SHARED, fd, 0);
- if (!mmap_addr) {
+ if (mmap_addr == MAP_FAILED) {
VHOST_CONFIG_LOG(dev->ifname, ERR,
- "Failed to mmap IOTLB entry for 0x%" PRIx64,
iova);
+ "Failed to mmap IOTLB entry for 0x%" PRIx64 ":
%s",
+ iova, strerror(errno));
ret = -1;
goto close_fd;
}
--
2.52.0
