[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20120813104745.GE4177@suse.de>
Date: Mon, 13 Aug 2012 11:47:45 +0100
From: Mel Gorman <mgorman@...e.de>
To: Jeremy Fitzhardinge <jeremy@...p.org>
Cc: linux-mm@...ck.org, linux-kernel@...r.kernel.org,
netdev@...r.kernel.org, xen-devel@...ts.xensource.com,
konrad@...nok.org, Ian.Campbell@...citrix.com,
David Miller <davem@...emloft.net>, akpm@...ux-foundation.org
Subject: Re: [PATCH] netvm: check for page == NULL when propogating the
skb->pfmemalloc flag
Resending to correct Jeremy's address.
On Wed, Aug 08, 2012 at 03:50:46PM -0700, David Miller wrote:
> From: Mel Gorman <mgorman@...e.de>
> Date: Tue, 7 Aug 2012 09:55:55 +0100
>
> > Commit [c48a11c7: netvm: propagate page->pfmemalloc to skb] is responsible
> > for the following bug triggered by a xen network driver
> ...
> > The problem is that the xenfront driver is passing a NULL page to
> > __skb_fill_page_desc() which was unexpected. This patch checks that
> > there is a page before dereferencing.
> >
> > Reported-and-Tested-by: Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
> > Signed-off-by: Mel Gorman <mgorman@...e.de>
>
> That call to __skb_fill_page_desc() in xen-netfront.c looks completely bogus.
> It's the only driver passing NULL here.
>
> That whole song and dance figuring out what to do with the head
> fragment page, depending upon whether the length is greater than the
> RX_COPY_THRESHOLD, is completely unnecessary.
>
> Just use something like a call to __pskb_pull_tail(skb, len) and all
> that other crap around that area can simply be deleted.
I looked at this for a while but I did not see how __pskb_pull_tail()
could be used sensibly but I'm simily not familiar with writing network
device drivers or Xen.
This messing with RX_COPY_THRESHOLD seems to be related to how the frontend
and backend communicate (maybe some fixed limitation of the xenbus). The
existing code looks like it is trying to take the fragments received and
pass them straight to the backend without copying by passing the fragments
to the backend without copying. I worry that if I try converting this to
__pskb_pull_tail() that it would either hit the limitation of xenbus or
introduce copying where it is not wanted.
I'm going to have to punt this to Jeremy and the other Xen folk as I'm not
sure what the original intention was and I don't have a Xen setup anywhere
to test any patch. Jeremy, xen folk?
--
Mel Gorman
SUSE Labs
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists