From: Eric Dumazet <eric.dumazet@gmail.com>
To: Alexander Potapenko <glider@google.com>,
Eric Dumazet <eric.dumazet@gmail.com>
Cc: Dmitriy Vyukov <dvyukov@google.com>,
jasowang@redhat.com, mst@redhat.com, kvm@vger.kernel.org,
Networking <netdev@vger.kernel.org>
Subject: Re: [PATCH] vhost_net: initialize rx_ring in vhost_net_open()
Date: Thu, 8 Mar 2018 07:45:17 -0800 [thread overview]
Message-ID: <6b2f732a-8565-e4ea-0a33-35c0db5453eb@gmail.com> (raw)
In-Reply-To: <CAG_fn=Uf9gUqFARPz4tGto1HpxA=Z56GST+oqMsLPiu_fYnk-w@mail.gmail.com>
On 03/08/2018 07:20 AM, Alexander Potapenko wrote:
> On Thu, Mar 8, 2018 at 4:15 PM, Eric Dumazet <eric.dumazet@gmail.com> wrote:
>>
>>
>> On 03/08/2018 05:37 AM, Alexander Potapenko wrote:
>>>
>>> KMSAN reported a use of uninit memory in vhost_net_buf_unproduce()
>>> while trying to access n->vqs[VHOST_NET_VQ_TX].rx_ring:
>>>
>>>
>>> ==================================================================
>>>
>>> Signed-off-by: Alexander Potapenko <glider@google.com>
>>
>>
>> Please identify bug origin with a Fixes: tag
> Fixes: 5990a30510ed1 ("tun/tap: use ptr_ring instead of skb_array")
Please send a V2 with this added tag. patchwork does not recognize it yet.
David Miller has also a lot on his plate, please everybody be gentle
with both stable teams and maintainers.
Thanks.
>
> The above patch introduced rx_ring, but the problem existed before.
>
>> This will tremendously help stable teams that are struggling with many
>> backports these days.
>>
>> Thanks.
>>
>>
>>> ---
>>> drivers/vhost/net.c | 1 +
>>> 1 file changed, 1 insertion(+)
>>>
>>> diff --git a/drivers/vhost/net.c b/drivers/vhost/net.c
>>> index 610cba276d47..60f1080bffc7 100644
>>> --- a/drivers/vhost/net.c
>>> +++ b/drivers/vhost/net.c
>>> @@ -948,6 +948,7 @@ static int vhost_net_open(struct inode *inode, struct
>>> file *f)
>>> n->vqs[i].done_idx = 0;
>>> n->vqs[i].vhost_hlen = 0;
>>> n->vqs[i].sock_hlen = 0;
>>> + n->vqs[i].rx_ring = NULL;
>>> vhost_net_buf_init(&n->vqs[i].rxq);
>>> }
>>> vhost_dev_init(dev, vqs, VHOST_NET_VQ_MAX);
>>>
>>
>
>
>
next prev parent reply other threads:[~2018-03-08 15:45 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-08 13:37 [PATCH] vhost_net: initialize rx_ring in vhost_net_open() Alexander Potapenko
2018-03-08 15:15 ` Eric Dumazet
2018-03-08 15:20 ` Alexander Potapenko
2018-03-08 15:45 ` Eric Dumazet [this message]
2018-03-08 15:50 ` Alexander Potapenko
2018-03-09 6:33 ` Jason Wang
2018-03-08 15:33 ` Michael S. Tsirkin
2018-03-08 15:55 ` Alexander Potapenko
2018-03-08 16:00 ` Michael S. Tsirkin
2018-03-09 2:30 ` Jason Wang
2018-03-09 3:29 ` Michael S. Tsirkin
2018-03-09 3:47 ` Jason Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6b2f732a-8565-e4ea-0a33-35c0db5453eb@gmail.com \
--to=eric.dumazet@gmail.com \
--cc=dvyukov@google.com \
--cc=glider@google.com \
--cc=jasowang@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=mst@redhat.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.