From: Jason Wang <jasowang@redhat.com>
To: Laurent Vivier <lvivier@redhat.com>
Cc: qemu-devel@nongnu.org, David Gibson <dgibson@redhat.com>
Subject: Re: [PATCH 0/3] net: socket: do not close file descriptor if it's not a socket
Date: Fri, 30 Jun 2023 14:02:09 +0800 [thread overview]
Message-ID: <CACGkMEvFQcvcf=2on_Jxd5NaLSiECr_vkibVuJ8Edcb9Y4fEpg@mail.gmail.com> (raw)
In-Reply-To: <20230609072748.4179873-1-lvivier@redhat.com>
On Fri, Jun 9, 2023 at 3:28 PM Laurent Vivier <lvivier@redhat.com> wrote:
>
> The socket netdev with a file descriptor (fd) cannot be removed
> and then added again because the fd is closed when the backend is
> removed and thus is not available anymore when we want to add the
> backend again.
>
> But this can bring to a core dump:
> 1- boot a VM with an fd socket netdev
> 2- remove the netdev
> 3- reboot
> 4- add the netdev again, it fails because the fd is not a
> socket, and then closed
> 5- stop QEMU -> core dump
>
> On reboot (step 3) the fd is allocated to another use in QEMU, and when
> we try to use it with a socket netdev, it fails. But the netdev backend
> closes the file descriptor that is in use by another part of QEMU.
> We can see the core dump on QEMU exit because it tries to close
> an invalid file descriptor.
>
> It happens for instance when we have a PCI device and the fd is allocated
> to a VirtIOIRQFD on reboot.
>
> Moreover, using "netdev socket,fd=X" allows an user to close any QEMU
> internal file descriptor from an HMP or QMP interface.
>
> Laurent Vivier (3):
> net: socket: prepare to cleanup net_init_socket()
> net: socket: move fd type checking to its own function
> net: socket: remove net_init_socket()
>
> net/socket.c | 53 +++++++++++++++++++++++++++-------------------------
> 1 file changed, 28 insertions(+), 25 deletions(-)
Queued.
Thanks
>
> --
> 2.39.2
>
>
prev parent reply other threads:[~2023-06-30 6:02 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-09 7:27 [PATCH 0/3] net: socket: do not close file descriptor if it's not a socket Laurent Vivier
2023-06-09 7:27 ` [PATCH 1/3] net: socket: prepare to cleanup net_init_socket() Laurent Vivier
2023-06-15 5:06 ` David Gibson
2023-06-09 7:27 ` [PATCH 2/3] net: socket: move fd type checking to its own function Laurent Vivier
2023-06-15 5:09 ` David Gibson
2023-06-09 7:27 ` [PATCH 3/3] net: socket: remove net_init_socket() Laurent Vivier
2023-06-15 5:10 ` David Gibson
2023-06-30 6:02 ` Jason Wang [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CACGkMEvFQcvcf=2on_Jxd5NaLSiECr_vkibVuJ8Edcb9Y4fEpg@mail.gmail.com' \
--to=jasowang@redhat.com \
--cc=dgibson@redhat.com \
--cc=lvivier@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).