git: 4558c11f1b4d - main - bhyve: Correct unmapping of the MSI-X table BAR
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 05 Jan 2022 15:12:19 UTC
The branch main has been updated by markj:
URL: https://cgit.FreeBSD.org/src/commit/?id=4558c11f1b4dfd7fd505d70b79467eb7f1193f07
commit 4558c11f1b4dfd7fd505d70b79467eb7f1193f07
Author: Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2022-01-05 15:08:13 +0000
Commit: Mark Johnston <markj@FreeBSD.org>
CommitDate: 2022-01-05 15:12:09 +0000
bhyve: Correct unmapping of the MSI-X table BAR
The starting address passed to mprotect was wrong, so in the case where
the last page containing the table is not the last page of the BAR, the
wrong region would be unmapped.
Reported by: Andy Fiddaman <andy@omniosce.org>
Reviewed by: jhb
Fixes: 7fa233534736 ("bhyve: Map the MSI-X table unconditionally for passthrough")
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33739
---
usr.sbin/bhyve/pci_passthru.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/usr.sbin/bhyve/pci_passthru.c b/usr.sbin/bhyve/pci_passthru.c
index 0d25a8d8143f..725ae4fbdb91 100644
--- a/usr.sbin/bhyve/pci_passthru.c
+++ b/usr.sbin/bhyve/pci_passthru.c
@@ -462,7 +462,7 @@ init_msix_table(struct vmctx *ctx, struct passthru_softc *sc)
table_size = roundup2(table_size, 4096);
/*
- * Unmap any pages not covered by the table, we do not need to emulate
+ * Unmap any pages not containing the table, we do not need to emulate
* accesses to them. Avoid releasing address space to help ensure that
* a buggy out-of-bounds access causes a crash.
*/
@@ -471,7 +471,8 @@ init_msix_table(struct vmctx *ctx, struct passthru_softc *sc)
PROT_NONE) != 0)
warn("Failed to unmap MSI-X table BAR region");
if (table_offset + table_size != pi->pi_msix.mapped_size)
- if (mprotect(pi->pi_msix.mapped_addr,
+ if (mprotect(
+ pi->pi_msix.mapped_addr + table_offset + table_size,
pi->pi_msix.mapped_size - (table_offset + table_size),
PROT_NONE) != 0)
warn("Failed to unmap MSI-X table BAR region");