Add two patches to fix issues with vhost_net and macvlan (rhbz 954181)

2013-06-11 09:26:41 -04:00 · 2013-06-11 09:26:41 -04:00 · 07ed464194
commit 07ed464194
parent fff0cd2bfd
3 changed files with 98 additions and 0 deletions
--- a/kernel.spec
+++ b/kernel.spec
@ -757,6 +757,11 @@ Patch25035: block-do-not-pass-disk-names-as-format-strings.patch
 #CVE-2013-2164 rhbz 973100 973109
 Patch25038: cdrom-use-kzalloc-for-failing-hardware.patch

+#rhbz 954181
+Patch25039: vhost_net-clear-msg.control-for-non-zerocopy-case-during-tx.patch
+Patch25040: tuntap-set-SOCK_ZEROCOPY-flag-during-open.patch
+
+
 # END OF PATCH DEFINITIONS

 %endif
@ -1457,6 +1462,10 @@ ApplyPatch block-do-not-pass-disk-names-as-format-strings.patch
 #CVE-2013-2164 rhbz 973100 973109
 ApplyPatch cdrom-use-kzalloc-for-failing-hardware.patch

+#rhbz 954181
+ApplyPatch vhost_net-clear-msg.control-for-non-zerocopy-case-during-tx.patch
+ApplyPatch tuntap-set-SOCK_ZEROCOPY-flag-during-open.patch
+
 # END OF PATCH APPLICATIONS

 %endif
@ -2262,6 +2271,9 @@ fi
 #                 ||----w |
 #                 ||     ||
 %changelog
+* Tue Jun 11 2013 Josh Boyer <jwboyer@redhat.com>
+- Add two patches to fix issues with vhost_net and macvlan (rhbz 954181)
+
 * Tue Jun 11 2013 Josh Boyer <jwboyer@redhat.com> - 3.10.0-0.rc5.git0.1
 - Linux v3.10-rc5
 - CVE-2013-2164 information leak in cdrom driver (rhbz 973100 973109)
--- a/tuntap-set-SOCK_ZEROCOPY-flag-during-open.patch
+++ b/tuntap-set-SOCK_ZEROCOPY-flag-during-open.patch
@ -0,0 +1,26 @@
+tuntap: set SOCK_ZEROCOPY flag during open
+
+Commit 54f968d6efdbf7dec36faa44fc11f01b0e4d1990
+(tuntap: move socket to tun_file) forgets to set SOCK_ZEROCOPY flag, which will
+prevent vhost_net from doing zercopy w/ tap. This patch fixes this by setting
+it during file open.
+
+Cc: Michael S. Tsirkin <mst@redhat.com>
+Signed-off-by: Jason Wang <jasowang@redhat.com>
+Acked-by: Michael S. Tsirkin <mst@redhat.com>
+
+---
+
+diff --git a/drivers/net/tun.c b/drivers/net/tun.c
+index 89776c5..ff5312d 100644
+--- a/drivers/net/tun.c
+++ b/drivers/net/tun.c
+@@ -2159,6 +2159,8 @@ static int tun_chr_open(struct inode *inode, struct file * file)
+ 	set_bit(SOCK_EXTERNALLY_ALLOCATED, &tfile->socket.flags);
+ 	INIT_LIST_HEAD(&tfile->next);
+ 
+	sock_set_flag(&tfile->sk, SOCK_ZEROCOPY);
+
+ 	return 0;
+ }
+ 
--- a/vhost_net-clear-msg.control-for-non-zerocopy-case-during-tx.patch
+++ b/vhost_net-clear-msg.control-for-non-zerocopy-case-during-tx.patch
@ -0,0 +1,60 @@
+From 3add6ae9e1b854a9ddbe0dc17ff4ec48a2dac9fe Mon Sep 17 00:00:00 2001
+From: Jason Wang <jasowang@redhat.com>
+Date: Wed, 5 Jun 2013 07:40:46 +0000
+Subject: [PATCH] vhost_net: clear msg.control for non-zerocopy case during tx
+
+When we decide not use zero-copy, msg.control should be set to NULL otherwise
+macvtap/tap may set zerocopy callbacks which may decrease the kref of ubufs
+wrongly.
+
+Bug were introduced by commit cedb9bdce099206290a2bdd02ce47a7b253b6a84
+(vhost-net: skip head management if no outstanding).
+
+This solves the following warnings:
+
+WARNING: at include/linux/kref.h:47 handle_tx+0x477/0x4b0 [vhost_net]()
+Modules linked in: vhost_net macvtap macvlan tun nfsd exportfs bridge stp llc openvswitch kvm_amd kvm bnx2 megaraid_sas [last unloaded: tun]
+CPU: 5 PID: 8670 Comm: vhost-8668 Not tainted 3.10.0-rc2+ #1566
+Hardware name: Dell Inc. PowerEdge R715/00XHKG, BIOS 1.5.2 04/19/2011
+ffffffffa0198323 ffff88007c9ebd08 ffffffff81796b73 ffff88007c9ebd48
+ffffffff8103d66b 000000007b773e20 ffff8800779f0000 ffff8800779f43f0
+ffff8800779f8418 000000000000015c 0000000000000062 ffff88007c9ebd58
+Call Trace:
+[<ffffffff81796b73>] dump_stack+0x19/0x1e
+[<ffffffff8103d66b>] warn_slowpath_common+0x6b/0xa0
+[<ffffffff8103d6b5>] warn_slowpath_null+0x15/0x20
+[<ffffffffa0197627>] handle_tx+0x477/0x4b0 [vhost_net]
+[<ffffffffa0197690>] handle_tx_kick+0x10/0x20 [vhost_net]
+[<ffffffffa019541e>] vhost_worker+0xfe/0x1a0 [vhost_net]
+[<ffffffffa0195320>] ? vhost_attach_cgroups_work+0x30/0x30 [vhost_net]
+[<ffffffffa0195320>] ? vhost_attach_cgroups_work+0x30/0x30 [vhost_net]
+[<ffffffff81061f46>] kthread+0xc6/0xd0
+[<ffffffff81061e80>] ? kthread_freezable_should_stop+0x70/0x70
+[<ffffffff817a1aec>] ret_from_fork+0x7c/0xb0
+[<ffffffff81061e80>] ? kthread_freezable_should_stop+0x70/0x70
+
+Signed-off-by: Jason Wang <jasowang@redhat.com>
+Acked-by: Michael S. Tsirkin <mst@redhat.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+---
+ drivers/vhost/net.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/drivers/vhost/net.c b/drivers/vhost/net.c
+index ec6fb3f..3980e66 100644
+--- a/drivers/vhost/net.c
+++ b/drivers/vhost/net.c
+@@ -353,7 +353,9 @@ static void handle_tx(struct vhost_net *net)
+ 				kref_get(&ubufs->kref);
+ 			}
+ 			vq->upend_idx = (vq->upend_idx + 1) % UIO_MAXIOV;
+-		}
+		} else
+			msg.msg_control = NULL;
+
+ 		/* TODO: Check specific error and bomb out unless ENOBUFS? */
+ 		err = sock->ops->sendmsg(NULL, sock, &msg, len);
+ 		if (unlikely(err < 0)) {
+-- 
+1.8.1.4
+