netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Arseniy Krasnov <avkrasnov@sberdevices.ru>
To: "Robert Eshleman ." <bobby.eshleman@bytedance.com>
Cc: Stefan Hajnoczi <stefanha@redhat.com>,
	Stefano Garzarella <sgarzare@redhat.com>,
	"David S. Miller" <davem@davemloft.net>,
	Eric Dumazet <edumazet@google.com>,
	Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
	<kvm@vger.kernel.org>,
	<virtualization@lists.linux-foundation.org>,
	<netdev@vger.kernel.org>, <linux-kernel@vger.kernel.org>,
	<kernel@sberdevices.ru>, <oxffffaa@gmail.com>
Subject: Re: [External] [RFC PATCH v1 3/3] virtio/vsock: remove all data from sk_buff
Date: Sat, 4 Mar 2023 14:53:44 +0300	[thread overview]
Message-ID: <f7ce6794-c7c8-5f83-f63e-381a1e3a5bf7@sberdevices.ru> (raw)
In-Reply-To: <CALa-AnCu8g+jt1m_rY0QJFcRUhtWJ64Txro69j9KsnK7hyuBMg@mail.gmail.com>



On 04.03.2023 02:00, Robert Eshleman . wrote:
> On Fri, Mar 3, 2023 at 2:05 PM Arseniy Krasnov <avkrasnov@sberdevices.ru>
> wrote:
> 
>> In case of SOCK_SEQPACKET all sk_buffs are used once - after read some
>> data from it, it will be removed, so user will never read rest of the
>> data. Thus we need to update credit parameters of the socket like whole
>> sk_buff is read - so call 'skb_pull()' for the whole buffer.
>>
>> Fixes: 71dc9ec9ac7d ("virtio/vsock: replace virtio_vsock_pkt with sk_buff")
>> Signed-off-by: Arseniy Krasnov <AVKrasnov@sberdevices.ru>
>> ---
>>  net/vmw_vsock/virtio_transport_common.c | 2 +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/net/vmw_vsock/virtio_transport_common.c
>> b/net/vmw_vsock/virtio_transport_common.c
>> index d80075e1db42..bbcf331b6ad6 100644
>> --- a/net/vmw_vsock/virtio_transport_common.c
>> +++ b/net/vmw_vsock/virtio_transport_common.c
>> @@ -470,7 +470,7 @@ static int
>> virtio_transport_seqpacket_do_dequeue(struct vsock_sock *vsk,
>>                                         dequeued_len = err;
>>                                 } else {
>>                                         user_buf_len -= bytes_to_copy;
>> -                                       skb_pull(skb, bytes_to_copy);
>> +                                       skb_pull(skb, skb->len);
>>                                 }
>>
>>
> I believe this may also need to be done when memcpy_to_msg() returns an
> error.
Hello! Thanks for quick reply. Yes, moreover  in case of SEQPACKET 'skb_pull()' must be called
every time when skbuff was removed from queue - it doesn't matter did we copy data from, get
error on memcpy_to_msg(), or just drop it - otherwise we get leak of 'rx_bytes'.

Also in case of STREAM, skb_pull() must be called for the rest of data in skbuff in case of error,
because again - 'rx_bytes' will leak.

I think, i'll prepare fixes and tests for this case in the next week

Thanks, Arseniy
> 
> Best,
> Bobby
> 

      parent reply	other threads:[~2023-03-04 11:56 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-03-03 21:57 [RFC PATCH v1 0/3] virtio/vsock: fix credit update logic Arseniy Krasnov
2023-03-03 22:00 ` [RFC PATCH v1 1/3] test/vsock: SOCK_SEQPACKET 'rx_bytes'/'fwd_cnt' bug reproducer Arseniy Krasnov
2023-03-03 22:01 ` [RFC PATCH v1 2/3] virtio/vsock: fix 'rx_bytes'/'fwd_cnt' calculation Arseniy Krasnov
2023-03-03 22:02 ` [RFC PATCH v1 3/3] virtio/vsock: remove all data from sk_buff Arseniy Krasnov
     [not found]   ` <CALa-AnCu8g+jt1m_rY0QJFcRUhtWJ64Txro69j9KsnK7hyuBMg@mail.gmail.com>
2023-03-04 11:53     ` Arseniy Krasnov [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=f7ce6794-c7c8-5f83-f63e-381a1e3a5bf7@sberdevices.ru \
    --to=avkrasnov@sberdevices.ru \
    --cc=bobby.eshleman@bytedance.com \
    --cc=davem@davemloft.net \
    --cc=edumazet@google.com \
    --cc=kernel@sberdevices.ru \
    --cc=kuba@kernel.org \
    --cc=kvm@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=oxffffaa@gmail.com \
    --cc=pabeni@redhat.com \
    --cc=sgarzare@redhat.com \
    --cc=stefanha@redhat.com \
    --cc=virtualization@lists.linux-foundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).