From 26b4d5a198296b02d4bd4f7f6117149777cc68ab Mon Sep 17 00:00:00 2001 From: Ashish Sadanandan Date: Sun, 8 Jan 2023 18:52:39 -0700 Subject: [PATCH] eal/linux: fix hugetlbfs sub-directories discovery [ upstream commit f9d1ef28619a2dd16cafca36f5a5ca6d3315c5fc ] The code added for allowing --huge-dir to specify hugetlbfs sub-directories has a bug where it incorrectly matches mounts that contain a prefix of the specified --huge-dir. Consider --huge-dir=/dev/hugepages1G is passed to rte_eal_init. Given the following hugetlbfs mounts $ mount | grep hugetlbfs hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime,pagesize=2M) hugetlbfs on /dev/hugepages1G type hugetlbfs (rw,relatime,pagesize=1024M) hugetlbfs on /mnt/huge type hugetlbfs (rw,relatime,pagesize=2M) get_hugepage_dir is first called with hugepage_sz=2097152. While iterating over all mount points, /dev/hugepages is incorrectly determined to be a match because it's a prefix of --huge-dir. The caller then obtains an exclusive lock on --huge-dir. In the next call to get_hugepage_dir, hugepage_sz=1073741824. This call correctly determines /dev/hugepages1G is a match. The caller again attempts to obtain an exclusive lock on --huge-dir and deadlocks because it's already holding a lock. This has been corrected by ensuring any matched mount point is either an exact match or a parent path of --huge-dir. Fixes: 24d5a1ce6b85 ("eal/linux: allow hugetlbfs sub-directories") Signed-off-by: Ashish Sadanandan Reviewed-by: John Levon Tested-by: Julien Meunier --- lib/eal/linux/eal_hugepage_info.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/lib/eal/linux/eal_hugepage_info.c b/lib/eal/linux/eal_hugepage_info.c index 682875ce3e..393e37bfb6 100644 --- a/lib/eal/linux/eal_hugepage_info.c +++ b/lib/eal/linux/eal_hugepage_info.c @@ -217,6 +217,8 @@ get_hugepage_dir(uint64_t hugepage_sz, char *hugedir, int len) char buf[BUFSIZ]; const struct internal_config *internal_conf = eal_get_internal_configuration(); + const size_t hugepage_dir_len = (internal_conf->hugepage_dir != NULL) ? + strlen(internal_conf->hugepage_dir) : 0; struct stat st; /* @@ -236,6 +238,7 @@ get_hugepage_dir(uint64_t hugepage_sz, char *hugedir, int len) while (fgets(buf, sizeof(buf), fd)){ const char *pagesz_str; + size_t mountpt_len = 0; if (rte_strsplit(buf, sizeof(buf), splitstr, _FIELDNAME_MAX, split_tok) != _FIELDNAME_MAX) { @@ -268,12 +271,16 @@ get_hugepage_dir(uint64_t hugepage_sz, char *hugedir, int len) break; } + mountpt_len = strlen(splitstr[MOUNTPT]); + /* - * Ignore any mount that doesn't contain the --huge-dir - * directory. + * Ignore any mount that doesn't contain the --huge-dir directory + * or where mount point is not a parent path of --huge-dir */ if (strncmp(internal_conf->hugepage_dir, splitstr[MOUNTPT], - strlen(splitstr[MOUNTPT])) != 0) { + mountpt_len) != 0 || + (hugepage_dir_len > mountpt_len && + internal_conf->hugepage_dir[mountpt_len] != '/')) { continue; } @@ -281,7 +288,7 @@ get_hugepage_dir(uint64_t hugepage_sz, char *hugedir, int len) * We found a match, but only prefer it if it's a longer match * (so /mnt/1 is preferred over /mnt for matching /mnt/1/2)). */ - if (strlen(splitstr[MOUNTPT]) > strlen(found)) + if (mountpt_len > strlen(found)) strlcpy(found, splitstr[MOUNTPT], len); } /* end while fgets */