[PATCH 1/3] vhost: logging math fix
Michael S. Tsirkin
offset to log at, and got it wrong by a couple of bytes,
while in fact it's simple: get address where we write,
subtract start of buffer, add log base.
Do it this way.
Signed-off-by: Michael S. Tsirkin <m...@redhat.com>
---
drivers/vhost/vhost.c | 10 ++++++----
1 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/drivers/vhost/vhost.c b/drivers/vhost/vhost.c
index 6eb1525..c767279 100644
--- a/drivers/vhost/vhost.c
+++ b/drivers/vhost/vhost.c
@@ -1004,10 +1004,12 @@ int vhost_add_used(struct vhost_virtqueue *vq, unsigned int head, int len)
if (unlikely(vq->log_used)) {
/* Make sure data is seen before log. */
smp_wmb();
- log_write(vq->log_base, vq->log_addr + sizeof *vq->used->ring *
- (vq->last_used_idx % vq->num),
- sizeof *vq->used->ring);
- log_write(vq->log_base, vq->log_addr, sizeof *vq->used->ring);
+ log_write(vq->log_base,
+ vq->log_addr + ((void *)used - (void *)vq->used),
+ sizeof *used);
+ log_write(vq->log_base,
+ vq->log_addr + offsetof(struct vring_used, idx),
+ sizeof vq->used->idx);
if (vq->log_ctx)
eventfd_signal(vq->log_ctx, 1);
}
--
1.7.0.18.g0d53a5
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majo...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Michael S. Tsirkin
on failure, but never 0. Fix vhost code to match this logic.
Signed-off-by: Michael S. Tsirkin <m...@redhat.com>
---
drivers/vhost/vhost.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/drivers/vhost/vhost.c b/drivers/vhost/vhost.c
index d4f8fdf..d003504 100644
--- a/drivers/vhost/vhost.c
+++ b/drivers/vhost/vhost.c
@@ -646,8 +646,9 @@ static int set_bit_to_user(int nr, void __user *addr)
int bit = nr + (log % PAGE_SIZE) * 8;
int r;
r = get_user_pages_fast(log, 1, 1, &page);
- if (r)
+ if (r < 0)
return r;
+ BUG_ON(r != 1);
base = kmap_atomic(page, KM_USER0);
set_bit(bit, base);
kunmap_atomic(base, KM_USER0);
Gleb Natapov
> get_user_pages_fast returns number of pages on success, negative value
> on failure, but never 0. Fix vhost code to match this logic.
>
> Signed-off-by: Michael S. Tsirkin <m...@redhat.com>
> ---
> drivers/vhost/vhost.c | 3 ++-
> 1 files changed, 2 insertions(+), 1 deletions(-)
>
> diff --git a/drivers/vhost/vhost.c b/drivers/vhost/vhost.c
> index d4f8fdf..d003504 100644
> --- a/drivers/vhost/vhost.c
> +++ b/drivers/vhost/vhost.c
> @@ -646,8 +646,9 @@ static int set_bit_to_user(int nr, void __user *addr)
> int bit = nr + (log % PAGE_SIZE) * 8;
> int r;
> r = get_user_pages_fast(log, 1, 1, &page);
> - if (r)
> + if (r < 0)
> return r;
> + BUG_ON(r != 1);
> base = kmap_atomic(page, KM_USER0);
> set_bit(bit, base);
> kunmap_atomic(base, KM_USER0);
> --
> 1.7.0.18.g0d53a5
--
Gleb.
Michael S. Tsirkin
> On Tue, Feb 23, 2010 at 06:57:58PM +0200, Michael S. Tsirkin wrote:
> > get_user_pages_fast returns number of pages on success, negative value
> > on failure, but never 0. Fix vhost code to match this logic.
> >
> > Signed-off-by: Michael S. Tsirkin <m...@redhat.com>
> > ---
> > drivers/vhost/vhost.c | 3 ++-
> > 1 files changed, 2 insertions(+), 1 deletions(-)
> >
> > diff --git a/drivers/vhost/vhost.c b/drivers/vhost/vhost.c
> > index d4f8fdf..d003504 100644
> > --- a/drivers/vhost/vhost.c
> > +++ b/drivers/vhost/vhost.c
> > @@ -646,8 +646,9 @@ static int set_bit_to_user(int nr, void __user *addr)
> > int bit = nr + (log % PAGE_SIZE) * 8;
> > int r;
> > r = get_user_pages_fast(log, 1, 1, &page);
> > - if (r)
> > + if (r < 0)
> > return r;
> > + BUG_ON(r != 1);
> Can't this be easily triggered from user space?
I think no. get_user_pages_fast always returns number of pages
pinned (in this case always 1) or an error (< 0).
Anything else is a kernel bug.
Gleb Natapov
> On Tue, Feb 23, 2010 at 07:39:52PM +0200, Gleb Natapov wrote:
>
> Then we get -EFAULT
>
Ah correct.
> > > > > base = kmap_atomic(page, KM_USER0);
> > > > > set_bit(bit, base);
> > > > > kunmap_atomic(base, KM_USER0);
> > > > > --
> > > > > 1.7.0.18.g0d53a5
> > > >
> > > > --
> > > > Gleb.
> >
> > --
> > Gleb.
Michael S. Tsirkin
Then we get -EFAULT
> > > > base = kmap_atomic(page, KM_USER0);
Gleb Natapov
> > > base = kmap_atomic(page, KM_USER0);
Juan Quintela
> vhost was dong some complex math to get
> offset to log at, and got it wrong by a couple of bytes,
> while in fact it's simple: get address where we write,
> subtract start of buffer, add log base.
>
> Do it this way.
>
> Signed-off-by: Michael S. Tsirkin <m...@redhat.com>
Reviewed-by: Juan Quintela <quin...@redhat.com>
> ---
> drivers/vhost/vhost.c | 10 ++++++----
> 1 files changed, 6 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/vhost/vhost.c b/drivers/vhost/vhost.c
> index 6eb1525..c767279 100644
> --- a/drivers/vhost/vhost.c
> +++ b/drivers/vhost/vhost.c
> @@ -1004,10 +1004,12 @@ int vhost_add_used(struct vhost_virtqueue *vq, unsigned int head, int len)
> if (unlikely(vq->log_used)) {
> /* Make sure data is seen before log. */
We explain what smp_wmb() does.
> smp_wmb();
> - log_write(vq->log_base, vq->log_addr + sizeof *vq->used->ring *
> - (vq->last_used_idx % vq->num),
> - sizeof *vq->used->ring);
> - log_write(vq->log_base, vq->log_addr, sizeof *vq->used->ring);
> + log_write(vq->log_base,
> + vq->log_addr + ((void *)used - (void *)vq->used),
> + sizeof *used);
> + log_write(vq->log_base,
> + vq->log_addr + offsetof(struct vring_used, idx),
> + sizeof vq->used->idx);
Once here, can we add a comment explaining _what_ are we trying to write
to the log? michael explains that t is the used element and the index,
but nothing states that.
> if (vq->log_ctx)
> eventfd_signal(vq->log_ctx, 1);
> }
--
Juan Quintela
> on failure, but never 0. Fix vhost code to match this logic.
It can return 0 if you ask for 0 pages :)
From the comment:
* Returns number of pages pinned. This may be fewer than the number
* requested. If nr_pages is 0 or negative, returns 0. If no pages
* were pinned, returns -errno.
*/
I agree that code was wrong, but the BUG_ON() is not neccessary
IMHO. The important bit is the change in the comparison.
Reviewed-by: Juan Quintela <quin...@redhat.com>
> Signed-off-by: Michael S. Tsirkin <m...@redhat.com>
> ---
> drivers/vhost/vhost.c | 3 ++-
> 1 files changed, 2 insertions(+), 1 deletions(-)
>
> diff --git a/drivers/vhost/vhost.c b/drivers/vhost/vhost.c
> index d4f8fdf..d003504 100644
> --- a/drivers/vhost/vhost.c
> +++ b/drivers/vhost/vhost.c
> @@ -646,8 +646,9 @@ static int set_bit_to_user(int nr, void __user *addr)
> int bit = nr + (log % PAGE_SIZE) * 8;
> int r;
> r = get_user_pages_fast(log, 1, 1, &page);
> - if (r)
> + if (r < 0)
> return r;
> + BUG_ON(r != 1);
> base = kmap_atomic(page, KM_USER0);
> set_bit(bit, base);
> kunmap_atomic(base, KM_USER0);
--
David Miller
Just for the record I'm generally not interested in vhost
patches.
If it's a specific network one that will be merged via
the networking tree, yes please CC: me.
But if it's a bunch of changes to vhost.c and other pieces
of infrastructure, feel free to leave me out of it. It just
clutters my already overflowing inbox.
Thanks.
Michael S. Tsirkin
>
> Just for the record I'm generally not interested in vhost
> patches.
>
> If it's a specific network one that will be merged via
> the networking tree, yes please CC: me.
>
> But if it's a bunch of changes to vhost.c and other pieces
> of infrastructure, feel free to leave me out of it. It just
> clutters my already overflowing inbox.
>
> Thanks.
Dave, so while Rusty's on vacation, what's the best way to get vhost
infrastructure fixes in? Are you ok with getting pull requests and
merging them into net-next? That should keep the clutter in your inbox
to the minimum.
Of course network changes would still go the usual way.
--
MST
David Miller
Date: Wed, 24 Feb 2010 07:37:37 +0200
> Dave, so while Rusty's on vacation, what's the best way to get vhost
> infrastructure fixes in? Are you ok with getting pull requests and
> merging them into net-next? That should keep the clutter in your inbox
> to the minimum.
>
> Of course network changes would still go the usual way.
Well, who is providing oversight of vhost work while he's
gone? Has he, implicitly or explicitly, appointed a maintainer
while he's away?
Michael S. Tsirkin
> From: "Michael S. Tsirkin" <m...@redhat.com>
> Date: Wed, 24 Feb 2010 07:37:37 +0200
>
> > Dave, so while Rusty's on vacation, what's the best way to get vhost
> > infrastructure fixes in? Are you ok with getting pull requests and
> > merging them into net-next? That should keep the clutter in your inbox
> > to the minimum.
> >
> > Of course network changes would still go the usual way.
>
> Well, who is providing oversight of vhost work while he's
> gone?
My plan was to get peer review of the patches before merging.
So far Juan Quintela and Gleb Natapov gave feedback.
> Has he, implicitly or explicitly, appointed a maintainer
> while he's away?
Implicitly, I guess. He said "if there's an issue Michael Tsirkin is the
best person to resolve it", this was wrt merging his virtio&lguest tree.
He didn't mention vhost, I wrote all of vhost though, there shouldn't be
an issue with that.
--
MST
David Miller
> Implicitly, I guess. He said "if there's an issue Michael Tsirkin is the
> best person to resolve it", this was wrt merging his virtio&lguest tree.
> He didn't mention vhost, I wrote all of vhost though, there shouldn't be
> an issue with that.
That's good enough for me.
Feel free to setup a tree for me to pull from.