vhost-user: Guarantee that memory regions do not overlap

Otherwise there would be an ambiguity problem.  Suppose that:

1. There is a region from [0x40000, 0x50000) with mmap offset 0x500000.
2. There is a region from [0x48000, 0x58000) with mmap offset 0xA00000.

A request has address 0x44000.  Which mmap offset should be used?

This problem appears with both guest and user addresses.

Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Message-ID: <20260522-vhost-user-dev-v1-1-b31646cf19b8@gmail.com>
This commit is contained in:
Demi Marie Obenour
2026-05-22 22:11:09 -04:00
committed by Michael S. Tsirkin
parent 7205b8ffb6
commit a63a6cd694

View File

@@ -214,6 +214,18 @@ fields at the end.
:domid: a 32-bit Xen hypervisor specific domain id.
For all memory regions active at a given time:
- ``[guest address, guest address + size)`` of one memory region never overlaps
the ``[guest address, guest address + size)`` of another memory region.
- ``[user address, user address + size)`` of one memory region never overlaps
the ``[user address, user address + size)`` of another memory region.
Violating any of these is a bug in the front-end. This ensures that a guest
address or user address always refers to at most one location in memory.
The front-end must remove a region before it can add an overlapping one.
Single memory region description
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
@@ -745,6 +757,15 @@ The front-end sends a list of vhost memory regions to the back-end using the
``VHOST_USER_SET_MEM_TABLE`` message. Each region has two base
addresses: a guest address and a user address.
Memory regions can be added via the ``VHOST_USER_ADD_MEM_REG`` message. They
can be removed via the ``VHOST_USER_REM_MEM_REG`` message. These messages can
only be used if the ``VHOST_USER_PROTOCOL_F_CONFIGURE_MEM_SLOTS`` protocol
feature has been successfully negotiated.
Guest addresses are physical addresses in the guest. User addresses are
arbitrary opaque values, though they typically refer to userspace addresses in
the client process.
Messages contain guest addresses and/or user addresses to reference locations
within the shared memory. The mapping of these addresses works as follows.