From: "Michael S. Tsirkin" <mst@redhat.com>
To: "Nicholas A. Bellinger" <nab@linux-iscsi.org>
Cc: kvm@vger.kernel.org, virtualization@lists.linux-foundation.org,
target-devel@vger.kernel.org,
Stefan Hajnoczi <stefanha@redhat.com>,
Paolo Bonzini <pbonzini@redhat.com>
Subject: Re: [PATCH] tcm_vhost: Fix tv_cmd leak in vhost_scsi_handle_vq
Date: Sun, 14 Apr 2013 11:43:57 +0300 [thread overview]
Message-ID: <20130414084357.GA1813@redhat.com> (raw)
In-Reply-To: <1365522402.24346.146.camel@haakon2.linux-iscsi.org>
On Tue, Apr 09, 2013 at 08:46:42AM -0700, Nicholas A. Bellinger wrote:
> On Tue, 2013-04-09 at 17:16 +0800, Asias He wrote:
> > If we fail to submit the allocated tv_vmd to tcm_vhost_submission_work,
> > we will leak the tv_vmd. Free tv_vmd on fail path.
> >
> > Signed-off-by: Asias He <asias@redhat.com>
> > ---
> > drivers/vhost/tcm_vhost.c | 11 ++++++++---
> > 1 file changed, 8 insertions(+), 3 deletions(-)
> >
> > diff --git a/drivers/vhost/tcm_vhost.c b/drivers/vhost/tcm_vhost.c
> > index 3351ed3..1f9116c 100644
> > --- a/drivers/vhost/tcm_vhost.c
> > +++ b/drivers/vhost/tcm_vhost.c
> > @@ -860,7 +860,7 @@ static void vhost_scsi_handle_vq(struct vhost_scsi *vs,
> > vq_err(vq, "Expecting virtio_scsi_cmd_resp, got %zu"
> > " bytes, out: %d, in: %d\n",
> > vq->iov[out].iov_len, out, in);
> > - break;
> > + goto err;
> > }
> >
> > tv_cmd->tvc_resp = vq->iov[out].iov_base;
> > @@ -882,7 +882,7 @@ static void vhost_scsi_handle_vq(struct vhost_scsi *vs,
> > " exceeds SCSI_MAX_VARLEN_CDB_SIZE: %d\n",
> > scsi_command_size(tv_cmd->tvc_cdb),
> > TCM_VHOST_MAX_CDB_SIZE);
> > - break; /* TODO */
> > + goto err;
> > }
> > tv_cmd->tvc_lun = ((v_req.lun[2] << 8) | v_req.lun[3]) & 0x3FFF;
> >
> > @@ -895,7 +895,7 @@ static void vhost_scsi_handle_vq(struct vhost_scsi *vs,
> > data_direction == DMA_TO_DEVICE);
> > if (unlikely(ret)) {
> > vq_err(vq, "Failed to map iov to sgl\n");
> > - break; /* TODO */
> > + goto err;
> > }
> > }
> >
>
> Mmmm, I think these cases also require a VIRTIO_SCSI_S_BAD_TARGET +
> __copy_to_user + vhost_add_used_and_signal similar to how !tv_tpg is
> handled.. Otherwise virtio-scsi will end up in scsi timeout -> abort,
> no..?
>
> Ditto for the vhost_scsi_allocate_cmd failure case..
>
> vhost-net uses vhost_discard_vq_desc for some failure cases, is that
> needed here for the failure cases before __copy_from_user is called..?
If you call vq_err, then you generally want to call
vhost_discard_vq_desc. This signals userspace that
it should stop vhost and dump the ring for debugging
(or in theory, recover and let vhost continue),
so you don't want to consume the problematic request.
This is the right thing to do for fatal things, e.g. ring errors,
but probably not scsi errors which need to be propagated to guest.
> > @@ -916,6 +916,11 @@ static void vhost_scsi_handle_vq(struct vhost_scsi *vs,
> > }
> >
> > mutex_unlock(&vq->mutex);
> > + return;
> > +
> > +err:
> > + vhost_scsi_free_cmd(tv_cmd);
> > + mutex_unlock(&vq->mutex);
> > }
> >
> > static void vhost_scsi_ctl_handle_kick(struct vhost_work *work)
>
prev parent reply other threads:[~2013-04-14 8:43 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-04-09 9:16 [PATCH] tcm_vhost: Fix tv_cmd leak in vhost_scsi_handle_vq Asias He
2013-04-09 8:26 ` Michael S. Tsirkin
2013-04-09 15:46 ` Nicholas A. Bellinger
[not found] ` <1365522402.24346.146.camel@haakon2.linux-iscsi.org>
2013-04-10 3:23 ` [PATCH 0/3] tcm_vhost fix cmd leak and bad target Asias He
2013-04-10 6:19 ` Asias He
2013-04-10 7:06 ` [PATCH v2 0/4] tcm_vhost fix cmd leak and send " Asias He
2013-04-10 21:19 ` Nicholas A. Bellinger
2013-04-11 7:22 ` Michael S. Tsirkin
2013-04-11 8:42 ` Asias He
2013-04-10 7:06 ` [PATCH v2 1/4] tcm_vhost: Remove double check of response Asias He
2013-04-10 7:06 ` [PATCH v2 2/4] tcm_vhost: Fix tv_cmd leak in vhost_scsi_handle_vq Asias He
2013-04-10 7:06 ` [PATCH v2 3/4] tcm_vhost: Add vhost_scsi_send_bad_target() helper Asias He
2013-04-10 7:06 ` [PATCH v2 4/4] tcm_vhost: Send bad target to guest when cmd fails Asias He
2013-04-10 3:23 ` [PATCH 1/3] tcm_vhost: Fix tv_cmd leak in vhost_scsi_handle_vq Asias He
2013-04-10 3:23 ` [PATCH 2/3] tcm_vhost: Add vhost_scsi_send_bad_target() helper Asias He
2013-04-10 3:23 ` [PATCH 3/3] tcm_vhost: Send bad target to guest when cmd fails Asias He
2013-04-10 3:37 ` [PATCH] tcm_vhost: Fix tv_cmd leak in vhost_scsi_handle_vq Asias He
2013-04-14 8:43 ` Michael S. Tsirkin [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130414084357.GA1813@redhat.com \
--to=mst@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=nab@linux-iscsi.org \
--cc=pbonzini@redhat.com \
--cc=stefanha@redhat.com \
--cc=target-devel@vger.kernel.org \
--cc=virtualization@lists.linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).