[PATCH v8 07/19] virtio-net: Copy header only when necessary

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: Akihiko Odaki <akihiko.odaki@daynix.com>
To: Jason Wang <jasowang@redhat.com>,
	 Dmitry Fleytman <dmitry.fleytman@gmail.com>,
	 Sriram Yagnaraman <sriram.yagnaraman@est.tech>,
	 "Michael S. Tsirkin" <mst@redhat.com>,
	Luigi Rizzo <rizzo@iet.unipi.it>,
	 Giuseppe Lettieri <g.lettieri@iet.unipi.it>,
	 Vincenzo Maffione <v.maffione@gmail.com>,
	 Andrew Melnychenko <andrew@daynix.com>,
	 Yuri Benditovich <yuri.benditovich@daynix.com>
Cc: qemu-devel@nongnu.org, Akihiko Odaki <akihiko.odaki@daynix.com>
Subject: [PATCH v8 07/19] virtio-net: Copy header only when necessary
Date: Sun, 10 Dec 2023 14:29:45 +0900	[thread overview]
Message-ID: <20231210-rss-v8-7-9553ee714d38@daynix.com> (raw)
In-Reply-To: <20231210-rss-v8-0-9553ee714d38@daynix.com>

It is necessary to copy the header only for byte swapping. Worse, when
byte swapping is not needed, the header can be larger than the buffer
due to VIRTIO_NET_F_HASH_REPORT, which results in buffer overflow.

Copy the header only when byte swapping is needed.

Fixes: e22f0603fb ("virtio-net: reference implementation of hash report")
Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com>
---
 hw/net/virtio-net.c | 26 ++++++++++++--------------
 1 file changed, 12 insertions(+), 14 deletions(-)

diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
index e12176acb1..b6223031e1 100644
--- a/hw/net/virtio-net.c
+++ b/hw/net/virtio-net.c
@@ -359,7 +359,8 @@ static void virtio_net_vnet_endian_status(VirtIONet *n, uint8_t status)
          * can't do it, we fallback onto fixing the headers in the core
          * virtio-net code.
          */
-        n->needs_vnet_hdr_swap = virtio_net_set_vnet_endian(vdev, n->nic->ncs,
+        n->needs_vnet_hdr_swap = n->has_vnet_hdr &&
+                                 virtio_net_set_vnet_endian(vdev, n->nic->ncs,
                                                             queue_pairs, true);
     } else if (virtio_net_started(n, vdev->status)) {
         /* After using the device, we need to reset the network backend to
@@ -2709,7 +2710,7 @@ static int32_t virtio_net_flush_tx(VirtIONetQueue *q)
             return -EINVAL;
         }
 
-        if (n->has_vnet_hdr) {
+        if (n->needs_vnet_hdr_swap) {
             if (iov_to_buf(out_sg, out_num, 0, &mhdr, n->guest_hdr_len) <
                 n->guest_hdr_len) {
                 virtio_error(vdev, "virtio-net header incorrect");
@@ -2717,19 +2718,16 @@ static int32_t virtio_net_flush_tx(VirtIONetQueue *q)
                 g_free(elem);
                 return -EINVAL;
             }
-            if (n->needs_vnet_hdr_swap) {
-                virtio_net_hdr_swap(vdev, (void *) &mhdr);
-                sg2[0].iov_base = &mhdr;
-                sg2[0].iov_len = n->guest_hdr_len;
-                out_num = iov_copy(&sg2[1], ARRAY_SIZE(sg2) - 1,
-                                   out_sg, out_num,
-                                   n->guest_hdr_len, -1);
-                if (out_num == VIRTQUEUE_MAX_SIZE) {
-                    goto drop;
-                }
-                out_num += 1;
-                out_sg = sg2;
+            virtio_net_hdr_swap(vdev, (void *) &mhdr);
+            sg2[0].iov_base = &mhdr;
+            sg2[0].iov_len = n->guest_hdr_len;
+            out_num = iov_copy(&sg2[1], ARRAY_SIZE(sg2) - 1, out_sg, out_num,
+                               n->guest_hdr_len, -1);
+            if (out_num == VIRTQUEUE_MAX_SIZE) {
+                goto drop;
             }
+            out_num += 1;
+            out_sg = sg2;
         }
         /*
          * If host wants to see the guest header as is, we can

-- 
2.43.0

next prev parent reply	other threads:[~2023-12-10  5:33 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-12-10  5:29 [PATCH v8 00/19] virtio-net RSS/hash report fixes and improvements Akihiko Odaki
2023-12-10  5:29 ` [PATCH v8 01/19] tap: Remove tap_probe_vnet_hdr_len() Akihiko Odaki
2023-12-10  5:29 ` [PATCH v8 02/19] tap: Remove qemu_using_vnet_hdr() Akihiko Odaki
2023-12-10  5:29 ` [PATCH v8 03/19] net: Move virtio-net header length assertion Akihiko Odaki
2023-12-10  5:29 ` [PATCH v8 04/19] net: Remove receive_raw() Akihiko Odaki
2023-12-10  5:29 ` [PATCH v8 05/19] tap: Call tap_receive_iov() from tap_receive() Akihiko Odaki
2023-12-10  5:29 ` [PATCH v8 06/19] tap: Shrink zeroed virtio-net header Akihiko Odaki
2023-12-10  5:29 ` Akihiko Odaki [this message]
2023-12-10  5:29 ` [PATCH v8 08/19] virtio-net: Disable RSS on reset Akihiko Odaki
2023-12-10  5:29 ` [PATCH v8 09/19] virtio-net: Unify the logic to update NIC state for RSS Akihiko Odaki
2023-12-10  5:29 ` [PATCH v8 10/19] virtio-net: Return an error when vhost cannot enable RSS Akihiko Odaki
2023-12-10  5:29 ` [PATCH v8 11/19] virtio-net: Report RSS warning at device realization Akihiko Odaki
2023-12-10  5:29 ` [PATCH v8 12/19] virtio-net: Always set populate_hash Akihiko Odaki
2023-12-10  5:29 ` [PATCH v8 13/19] virtio-net: Do not write hashes to peer buffer Akihiko Odaki
2023-12-10  5:29 ` [PATCH v8 14/19] ebpf: Fix RSS error handling Akihiko Odaki
2023-12-10  5:29 ` [PATCH v8 15/19] ebpf: Use standard section name Akihiko Odaki
2023-12-10  5:29 ` [PATCH v8 16/19] ebpf: Simplify error handling Akihiko Odaki
2023-12-10  5:29 ` [PATCH v8 17/19] ebpf: Return 0 when configuration fails Akihiko Odaki
2023-12-10  5:29 ` [PATCH v8 18/19] ebpf: Refactor tun_rss_steering_prog() Akihiko Odaki
2023-12-10  5:29 ` [PATCH v8 19/19] ebpf: Add a separate target for skeleton Akihiko Odaki
2023-12-11 11:54 ` [PATCH v8 00/19] virtio-net RSS/hash report fixes and improvements Yuri Benditovich
2023-12-11 12:01   ` Akihiko Odaki
2023-12-11 12:34     ` Yuri Benditovich
2023-12-11 15:43       ` Michael S. Tsirkin
2023-12-11 19:51         ` Yuri Benditovich
2023-12-11 19:52           ` Yuri Benditovich

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:e12176acb dfblob:b6223031e )
 OR (
bs:"[PATCH v8 07/19] virtio-net: Copy header only when necessary" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20231210-rss-v8-7-9553ee714d38@daynix.com \
    --to=akihiko.odaki@daynix.com \
    --cc=andrew@daynix.com \
    --cc=dmitry.fleytman@gmail.com \
    --cc=g.lettieri@iet.unipi.it \
    --cc=jasowang@redhat.com \
    --cc=mst@redhat.com \
    --cc=qemu-devel@nongnu.org \
    --cc=rizzo@iet.unipi.it \
    --cc=sriram.yagnaraman@est.tech \
    --cc=v.maffione@gmail.com \
    --cc=yuri.benditovich@daynix.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).