lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CACGkMEvWKCoB+u2GO2mRroZDmmxcvd8+ytUjpu6wNcBOAu5RYQ@mail.gmail.com>
Date: Tue, 26 Sep 2023 10:57:29 +0800
From: Jason Wang <jasowang@...hat.com>
To: Stefano Garzarella <sgarzare@...hat.com>
Cc: virtualization@...ts.linux-foundation.org, netdev@...r.kernel.org, 
	kvm@...r.kernel.org, "Michael S. Tsirkin" <mst@...hat.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] vringh: don't use vringh_kiov_advance() in vringh_iov_xfer()

On Mon, Sep 25, 2023 at 6:31 PM Stefano Garzarella <sgarzare@...hat.com> wrote:
>
> In the while loop of vringh_iov_xfer(), `partlen` could be 0 if one of
> the `iov` has 0 lenght.
> In this case, we should skip the iov and go to the next one.
> But calling vringh_kiov_advance() with 0 lenght does not cause the
> advancement, since it returns immediately if asked to advance by 0 bytes.
>
> Let's restore the code that was there before commit b8c06ad4d67d
> ("vringh: implement vringh_kiov_advance()"), avoiding using
> vringh_kiov_advance().
>
> Fixes: b8c06ad4d67d ("vringh: implement vringh_kiov_advance()")
> Cc: stable@...r.kernel.org
> Reported-by: Jason Wang <jasowang@...hat.com>
> Signed-off-by: Stefano Garzarella <sgarzare@...hat.com>

Acked-by: Jason Wang <jasowang@...hat.com>

Thanks

> ---
>  drivers/vhost/vringh.c | 12 +++++++++++-
>  1 file changed, 11 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/vhost/vringh.c b/drivers/vhost/vringh.c
> index 955d938eb663..7b8fd977f71c 100644
> --- a/drivers/vhost/vringh.c
> +++ b/drivers/vhost/vringh.c
> @@ -123,8 +123,18 @@ static inline ssize_t vringh_iov_xfer(struct vringh *vrh,
>                 done += partlen;
>                 len -= partlen;
>                 ptr += partlen;
> +               iov->consumed += partlen;
> +               iov->iov[iov->i].iov_len -= partlen;
> +               iov->iov[iov->i].iov_base += partlen;
>
> -               vringh_kiov_advance(iov, partlen);
> +               if (!iov->iov[iov->i].iov_len) {
> +                       /* Fix up old iov element then increment. */
> +                       iov->iov[iov->i].iov_len = iov->consumed;
> +                       iov->iov[iov->i].iov_base -= iov->consumed;
> +
> +                       iov->consumed = 0;
> +                       iov->i++;
> +               }
>         }
>         return done;
>  }
> --
> 2.41.0
>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ