From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jason Wang Subject: Re: [PATCH net,stable v2] vhost: fix skb leak in handle_rx() Date: Thu, 30 Nov 2017 10:46:17 +0800 Message-ID: <7f6f050d-381d-c123-8cc2-16423e205fb0@redhat.com> References: <1511965404-23289-1-git-send-email-wexu@redhat.com> <20171129172156-mutt-send-email-mst@kernel.org> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8"; Format="flowed" Content-Transfer-Encoding: base64 Cc: mjrosato@linux.vnet.ibm.com, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, virtualization@lists.linux-foundation.org To: "Michael S. Tsirkin" , wexu@redhat.com Return-path: In-Reply-To: <20171129172156-mutt-send-email-mst@kernel.org> Content-Language: en-US List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: virtualization-bounces@lists.linux-foundation.org Errors-To: virtualization-bounces@lists.linux-foundation.org List-Id: netdev.vger.kernel.org CgpPbiAyMDE35bm0MTHmnIgyOeaXpSAyMzozMSwgTWljaGFlbCBTLiBUc2lya2luIHdyb3RlOgo+ IE9uIFdlZCwgTm92IDI5LCAyMDE3IGF0IDA5OjIzOjI0QU0gLTA1MDAsd2V4dUByZWRoYXQuY29t ICB3cm90ZToKPj4gRnJvbTogV2VpIFh1PHdleHVAcmVkaGF0LmNvbT4KPj4KPj4gTWF0dGhldyBm b3VuZCBhIHJvdWdobHkgNDAlIHRjcCB0aHJvdWdocHV0IHJlZ3Jlc3Npb24gd2l0aCBjb21taXQK Pj4gYzY3ZGYxMWYodmhvc3RfbmV0OiB0cnkgYmF0Y2ggZGVxdWluZyBmcm9tIHNrYiBhcnJheSkg YXMgZGlzY3Vzc2VkCj4+IGluIHRoZSBmb2xsb3dpbmcgdGhyZWFkOgo+PiBodHRwczovL3d3dy5t YWlsLWFyY2hpdmUuY29tL25ldGRldkB2Z2VyLmtlcm5lbC5vcmcvbXNnMTg3OTM2Lmh0bWwKPj4K Pj4gRXZlbnR1YWxseSB3ZSBmaWd1cmVkIG91dCB0aGF0IGl0IHdhcyBhIHNrYiBsZWFrIGluIGhh bmRsZV9yeCgpCj4+IHdoZW4gc2VuZGluZyBwYWNrZXRzIHRvIHRoZSBWTS4gVGhpcyB1c3VhbGx5 IGhhcHBlbnMgd2hlbiBhIGd1ZXN0Cj4+IGNhbiBub3QgZHJhaW4gb3V0IHZxIGFzIGZhc3QgYXMg dmhvc3QgZmlsbHMgaW4sIGFmdGVyd2FyZHMgaXQgc2V0cwo+PiBvZmYgdGhlIHRyYWZmaWMgamFt IGFuZCBsZWFrcyBza2Iocykgd2hpY2ggb2NjdXJzIGFzIG5vIGhlYWRjb3VudAo+PiB0byBzZW5k IG9uIHRoZSB2cSBmcm9tIHZob3N0IHNpZGUuCj4+Cj4+IFRoaXMgY2FuIGJlIGF2b2lkZWQgYnkg bWFraW5nIHN1cmUgd2UgaGF2ZSBnb3QgZW5vdWdoIGhlYWRjb3VudAo+PiBiZWZvcmUgYWN0dWFs bHkgY29uc3VtaW5nIGEgc2tiIGZyb20gdGhlIGJhdGNoZWQgcnggYXJyYXkgd2hpbGUKPj4gdHJh bnNtaXR0aW5nLCB3aGljaCBpcyBzaW1wbHkgZG9uZSBieSBtb3ZpbmcgY2hlY2tpbmcgdGhlIHpl cm8KPj4gaGVhZGNvdW50IGEgYml0IGFoZWFkLgo+Pgo+PiBBbHNvIHN0cmVuZ3RoZW4gdGhlIHNt YWxsIHBvc3NpYmlsaXR5IG9mIGxlYWsgaW4gY2FzZSBvZiByZWN2bXNnKCkKPj4gZmFpbHMgYnkg ZnJlZWluZyB0aGUgc2tiLgo+Pgo+PiBTaWduZWQtb2ZmLWJ5OiBXZWkgWHU8d2V4dUByZWRoYXQu Y29tPgo+PiBSZXBvcnRlZC1ieTogTWF0dGhldyBSb3NhdG88bWpyb3NhdG9AbGludXgudm5ldC5p Ym0uY29tPgo+PiAtLS0KPj4gICBkcml2ZXJzL3Zob3N0L25ldC5jIHwgMjMgKysrKysrKysrKysr Ky0tLS0tLS0tLS0KPj4gICAxIGZpbGUgY2hhbmdlZCwgMTMgaW5zZXJ0aW9ucygrKSwgMTAgZGVs ZXRpb25zKC0pCj4+Cj4+IHYyOgo+PiAtIGFkZCBNYXR0aGV3IGFzIHRoZSByZXBvcnRlciwgdGhh bmtzIG1hdHRoZXcuCj4+IC0gbW92aW5nIHplcm8gaGVhZGNvdW50IGNoZWNrIGFoZWFkIGluc3Rl YWQgb2YgZGVmZXIgY29uc3VtaW5nIHNrYgo+PiAgICBkdWUgdG8gamFzb24gYW5kIG1zdCdzIGNv bW1lbnQuCj4+IC0gYWRkIGZyZWVpbmcgc2tiIGluIGZhdm9yIG9mIHJlY3Ztc2coKSBmYWlscy4K Pj4KPj4gZGlmZiAtLWdpdCBhL2RyaXZlcnMvdmhvc3QvbmV0LmMgYi9kcml2ZXJzL3Zob3N0L25l dC5jCj4+IGluZGV4IDhkNjI2ZDcuLmUzMDJlMDggMTAwNjQ0Cj4+IC0tLSBhL2RyaXZlcnMvdmhv c3QvbmV0LmMKPj4gKysrIGIvZHJpdmVycy92aG9zdC9uZXQuYwo+PiBAQCAtNzc4LDE2ICs3Nzgs NiBAQCBzdGF0aWMgdm9pZCBoYW5kbGVfcngoc3RydWN0IHZob3N0X25ldCAqbmV0KQo+PiAgIAkJ LyogT24gZXJyb3IsIHN0b3AgaGFuZGxpbmcgdW50aWwgdGhlIG5leHQga2ljay4gKi8KPj4gICAJ CWlmICh1bmxpa2VseShoZWFkY291bnQgPCAwKSkKPj4gICAJCQlnb3RvIG91dDsKPj4gLQkJaWYg KG52cS0+cnhfYXJyYXkpCj4+IC0JCQltc2cubXNnX2NvbnRyb2wgPSB2aG9zdF9uZXRfYnVmX2Nv bnN1bWUoJm52cS0+cnhxKTsKPj4gLQkJLyogT24gb3ZlcnJ1biwgdHJ1bmNhdGUgYW5kIGRpc2Nh cmQgKi8KPj4gLQkJaWYgKHVubGlrZWx5KGhlYWRjb3VudCA+IFVJT19NQVhJT1YpKSB7Cj4+IC0J CQlpb3ZfaXRlcl9pbml0KCZtc2cubXNnX2l0ZXIsIFJFQUQsIHZxLT5pb3YsIDEsIDEpOwo+PiAt CQkJZXJyID0gc29jay0+b3BzLT5yZWN2bXNnKHNvY2ssICZtc2csCj4+IC0JCQkJCQkgMSwgTVNH X0RPTlRXQUlUIHwgTVNHX1RSVU5DKTsKPj4gLQkJCXByX2RlYnVnKCJEaXNjYXJkZWQgcnggcGFj a2V0OiBsZW4gJXpkXG4iLCBzb2NrX2xlbik7Cj4+IC0JCQljb250aW51ZTsKPj4gLQkJfQo+PiAg IAkJLyogT0ssIG5vdyB3ZSBuZWVkIHRvIGtub3cgYWJvdXQgYWRkZWQgZGVzY3JpcHRvcnMuICov Cj4+ICAgCQlpZiAoIWhlYWRjb3VudCkgewo+PiAgIAkJCWlmICh1bmxpa2VseSh2aG9zdF9lbmFi bGVfbm90aWZ5KCZuZXQtPmRldiwgdnEpKSkgewo+PiBAQCAtODAwLDYgKzc5MCwxOCBAQCBzdGF0 aWMgdm9pZCBoYW5kbGVfcngoc3RydWN0IHZob3N0X25ldCAqbmV0KQo+PiAgIAkJCSAqIHRoZXkg cmVmaWxsZWQuICovCj4+ICAgCQkJZ290byBvdXQ7Cj4+ICAgCQl9Cj4+ICsJCWlmIChudnEtPnJ4 X2FycmF5KQo+PiArCQkJbXNnLm1zZ19jb250cm9sID0gdmhvc3RfbmV0X2J1Zl9jb25zdW1lKCZu dnEtPnJ4cSk7Cj4+ICsJCS8qIE9uIG92ZXJydW4sIHRydW5jYXRlIGFuZCBkaXNjYXJkICovCj4+ ICsJCWlmICh1bmxpa2VseShoZWFkY291bnQgPiBVSU9fTUFYSU9WKSkgewo+PiArCQkJaW92X2l0 ZXJfaW5pdCgmbXNnLm1zZ19pdGVyLCBSRUFELCB2cS0+aW92LCAxLCAxKTsKPj4gKwkJCWVyciA9 IHNvY2stPm9wcy0+cmVjdm1zZyhzb2NrLCAmbXNnLAo+PiArCQkJCQkJIDEsIE1TR19ET05UV0FJ VCB8IE1TR19UUlVOQyk7Cj4+ICsJCQlpZiAodW5saWtlbHkoZXJyICE9IDEpKQo+IFdoeSAxPyBI b3cgaXMgcmVjZWl2aW5nIDEgYnl0ZSBzcGVjaWFsIG9yIGV2ZW4gcG9zc2libGU/Cj4gQWxzbywg SSB3b3VsZG4ndCBwdXQgYW4gdW5saWtlbHkgaGVyZS4gSXQncyBhbGwgZXJyb3IgaGFuZGxpbmcg Y29kZSBhbnl3YXkuCj4KPj4gKwkJCQlrZnJlZV9za2IoKHN0cnVjdCBza19idWZmICopbXNnLm1z Z19jb250cm9sKTsKPiBZb3UgZG8gbm90IG5lZWQgYSBjYXN0IGhlcmUuCj4gQWxzbywgaXMgaXQg cmVhbGx5IHNhZmUgdG8gcmVmZXIgdG8gbXNnX2NvbnRyb2wgaGVyZT8KPiBJJ2QgcmF0aGVyIGtl ZXAgYSBjb3B5IG9mIHRoZSBza2IgcG9pbnRlciBhbmQgdXNlIGl0IHRoYW4gYXNzdW1lCj4gY2Fs bGVyIGRpZCBub3QgY2hhbmdlIGl0LiBCdXQgYWxzbyBzZWUgYmVsb3cuCj4KPj4gKwkJCXByX2Rl YnVnKCJEaXNjYXJkZWQgcnggcGFja2V0OiBsZW4gJXpkXG4iLCBzb2NrX2xlbik7Cj4+ICsJCQlj b250aW51ZTsKPj4gKwkJfQo+PiAgIAkJLyogV2UgZG9uJ3QgbmVlZCB0byBiZSBub3RpZmllZCBh Z2Fpbi4gKi8KPj4gICAJCWlvdl9pdGVyX2luaXQoJm1zZy5tc2dfaXRlciwgUkVBRCwgdnEtPmlv diwgaW4sIHZob3N0X2xlbik7Cj4+ICAgCQlmaXh1cCA9IG1zZy5tc2dfaXRlcjsKPj4gQEAgLTgx OCw2ICs4MjAsNyBAQCBzdGF0aWMgdm9pZCBoYW5kbGVfcngoc3RydWN0IHZob3N0X25ldCAqbmV0 KQo+PiAgIAkJCXByX2RlYnVnKCJEaXNjYXJkZWQgcnggcGFja2V0OiAiCj4+ICAgCQkJCSAiIGxl biAlZCwgZXhwZWN0ZWQgJXpkXG4iLCBlcnIsIHNvY2tfbGVuKTsKPj4gICAJCQl2aG9zdF9kaXNj YXJkX3ZxX2Rlc2ModnEsIGhlYWRjb3VudCk7Cj4+ICsJCQlrZnJlZV9za2IoKHN0cnVjdCBza19i dWZmICopbXNnLm1zZ19jb250cm9sKTsKPiBZb3UgZG8gbm90IG5lZWQgYSBjYXN0IGhlcmUuCj4K PiBBbHNvLCB3ZSBoYXZlCj4KPiAgICAgICAgICByZXQgPSB0dW5fcHV0X3VzZXIodHVuLCB0Zmls ZSwgc2tiLCB0byk7Cj4gICAgICAgICAgaWYgKHVubGlrZWx5KHJldCA8IDApKQo+ICAgICAgICAg ICAgICAgICAga2ZyZWVfc2tiKHNrYik7Cj4gICAgICAgICAgZWxzZQo+ICAgICAgICAgICAgICAg ICAgY29uc3VtZV9za2Ioc2tiKTsKPgo+ICAgICAgICAgIHJldHVybiByZXQ7Cj4KPiBTbyBpdCBs b29rcyBsaWtlIHJlY3Ztc2cgYWN0dWFsbHkgYWx3YXlzIGNvbnN1bWVzIHRoZSBza2IuCj4gU28g SSB3YXMgd3Jvbmcgd2hlbiBJIHNhaWQgeW91IG5lZWQgdG8ga2ZyZWUgaXQgYWZ0ZXIKPiByZWN2 IG1zZywgYW5kIHlvdXIgb3JpZ2luYWwgcGF0Y2ggd2FzIGdvb2QuCj4KPiBKYXNvbiwgd2hhdCBk byB5b3UgdGhpbms/Cj4KCnR1bl9yZWN2bXNnKCkgaGFzIHRoZSBmb2xsb3dpbmcgY2hlY2s6Cgpz dGF0aWMgaW50IHR1bl9yZWN2bXNnKHN0cnVjdCBzb2NrZXQgKnNvY2ssIHN0cnVjdCBtc2doZHIg Km0sIHNpemVfdCAKdG90YWxfbGVuLAogwqDCoMKgIMKgwqDCoCDCoMKgwqDCoMKgwqAgaW50IGZs YWdzKQp7CiDCoMKgwqAgc3RydWN0IHR1bl9maWxlICp0ZmlsZSA9IGNvbnRhaW5lcl9vZihzb2Nr LCBzdHJ1Y3QgdHVuX2ZpbGUsIHNvY2tldCk7CiDCoMKgwqAgc3RydWN0IHR1bl9zdHJ1Y3QgKnR1 biA9IF9fdHVuX2dldCh0ZmlsZSk7CiDCoMKgwqAgaW50IHJldDsKCiDCoMKgwqAgaWYgKCF0dW4p CiDCoMKgwqAgwqDCoMKgIHJldHVybiAtRUJBREZEOwoKIMKgwqDCoCBpZiAoZmxhZ3MgJiB+KE1T R19ET05UV0FJVHxNU0dfVFJVTkN8TVNHX0VSUlFVRVVFKSkgewogwqDCoMKgIMKgwqDCoCByZXQg PSAtRUlOVkFMOwogwqDCoMKgIMKgwqDCoCBnb3RvIG91dDsKIMKgwqDCoCB9CgpBbmQgdHVuX2Rv X3JlYWQoKSBoYXM6CgogwqDCoMKgIGlmICghaW92X2l0ZXJfY291bnQodG8pKQogwqDCoMKgIMKg wqDCoCByZXR1cm4gMDsKClNvIEkgdGhpbmsgd2UgbmVlZCBmcmVlIHNrYiBpbiB0aG9zZSBjYXNl cy4KClRoYW5rcwpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f XwpWaXJ0dWFsaXphdGlvbiBtYWlsaW5nIGxpc3QKVmlydHVhbGl6YXRpb25AbGlzdHMubGludXgt Zm91bmRhdGlvbi5vcmcKaHR0cHM6Ly9saXN0cy5saW51eGZvdW5kYXRpb24ub3JnL21haWxtYW4v bGlzdGluZm8vdmlydHVhbGl6YXRpb24=