From mboxrd@z Thu Jan 1 00:00:00 1970 From: Paul Durrant Subject: FW: [PATCH v2 net] xen-netback: make sure that hashes are not send to unaware frontends Date: Fri, 7 Oct 2016 08:54:22 +0000 Message-ID: <747d40ff47814c70952cd2f2a69d4069@AMSPEX02CL03.citrite.net> References: <1475829151-3707-1-git-send-email-paul.durrant@citrix.com> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="_002_747d40ff47814c70952cd2f2a69d4069AMSPEX02CL03citritenet_" Return-path: Received: from mail6.bemta6.messagelabs.com ([193.109.254.103]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1bsQz8-0003nv-EA for xen-devel@lists.xenproject.org; Fri, 07 Oct 2016 08:58:30 +0000 In-Reply-To: <1475829151-3707-1-git-send-email-paul.durrant@citrix.com> Content-Language: en-US List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" To: "xen-devel (xen-devel@lists.xenproject.org)" List-Id: xen-devel@lists.xenproject.org --_002_747d40ff47814c70952cd2f2a69d4069AMSPEX02CL03citritenet_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Sorry, I fat-fingered the address in the get send-email... --_002_747d40ff47814c70952cd2f2a69d4069AMSPEX02CL03citritenet_ Content-Type: message/rfc822 Content-Disposition: attachment; creation-date="Fri, 07 Oct 2016 08:54:22 GMT"; modification-date="Fri, 07 Oct 2016 08:54:22 GMT" Received: from FTLPEX02AMS01.citrite.net (10.13.108.166) by AMSPEX02CL03.citrite.net (10.69.22.127) with Microsoft SMTP Server (TLS) id 15.0.1210.3 via Mailbox Transport; Fri, 7 Oct 2016 10:52:27 +0200 Received: from FTLPEX02CAS01.citrite.net (10.13.99.120) by FTLPEX02AMS01.citrite.net (10.13.108.166) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Fri, 7 Oct 2016 04:52:25 -0400 Received: from ukmail1.uk.xensource.com (10.9.154.239) by smtprelay.citrix.com (10.13.99.120) with Microsoft SMTP Server id 15.0.1210.3 via Frontend Transport; Fri, 7 Oct 2016 04:52:25 -0400 Received: from brixham.uk.xensource.com ([10.80.228.107] helo=brixham.uk.xensource.com.) by ukmail1.uk.xensource.com with esmtp (Exim 4.69) (envelope-from ) id 1bsQtF-00023T-6p; Fri, 07 Oct 2016 09:52:25 +0100 From: Paul Durrant To: "netdev@vger.kernel.org" , "xen-devl@lists.xenproject.org" CC: Paul Durrant , Wei Liu Subject: [PATCH v2 net] xen-netback: make sure that hashes are not send to unaware frontends Thread-Topic: [PATCH v2 net] xen-netback: make sure that hashes are not send to unaware frontends Thread-Index: AQHSIHghhKvtSJoZ3k23oVvqJKSwBw== Date: Fri, 7 Oct 2016 08:32:31 +0000 Message-ID: <1475829151-3707-1-git-send-email-paul.durrant@citrix.com> Content-Language: en-GB X-MS-Exchange-Organization-AuthAs: Anonymous X-MS-Exchange-Organization-AuthSource: FTLPEX02CAS01.citrite.net X-MS-Has-Attach: X-MS-TNEF-Correlator: x-mailer: git-send-email 2.1.4 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 In the case when a frontend only negotiates a single queue with xen- netback it is possible for a skbuff with a s/w hash to result in a hash extra_info segment being sent to the frontend even when no hash algorithm has been configured. (The ndo_select_queue() entry point makes sure the hash is not set if no algorithm is configured, but this entry point is not called when there is only a single queue). This can result in a frontend that is unable to handle extra_info segments being given such a segment, causing it to crash. This patch fixes the problem by clearing the hash in ndo_start_xmit() instead, which is clearly guaranteed to be called irrespective of the number of queues. Signed-off-by: Paul Durrant Cc: Wei Liu --- v2: - Simplified and re-based onto re-factored net branch --- drivers/net/xen-netback/interface.c | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/drivers/net/xen-netback/interface.c b/drivers/net/xen-netback/= interface.c index 4af532a..74dc2bf 100644 --- a/drivers/net/xen-netback/interface.c +++ b/drivers/net/xen-netback/interface.c @@ -149,17 +149,8 @@ static u16 xenvif_select_queue(struct net_device *dev,= struct sk_buff *skb, struct xenvif *vif =3D netdev_priv(dev); unsigned int size =3D vif->hash.size; =20 - if (vif->hash.alg =3D=3D XEN_NETIF_CTRL_HASH_ALGORITHM_NONE) { - u16 index =3D fallback(dev, skb) % dev->real_num_tx_queues; - - /* Make sure there is no hash information in the socket - * buffer otherwise it would be incorrectly forwarded - * to the frontend. - */ - skb_clear_hash(skb); - - return index; - } + if (vif->hash.alg =3D=3D XEN_NETIF_CTRL_HASH_ALGORITHM_NONE) + return fallback(dev, skb) % dev->real_num_tx_queues; =20 xenvif_set_skb_hash(vif, skb); =20 @@ -208,6 +199,13 @@ static int xenvif_start_xmit(struct sk_buff *skb, stru= ct net_device *dev) cb =3D XENVIF_RX_CB(skb); cb->expires =3D jiffies + vif->drain_timeout; =20 + /* If there is no hash algorithm configured then make sure there + * is no hash information in the socket buffer otherwise it + * would be incorrectly forwarded to the frontend. + */ + if (vif->hash.alg =3D=3D XEN_NETIF_CTRL_HASH_ALGORITHM_NONE) + skb_clear_hash(skb); + xenvif_rx_queue_tail(queue, skb); xenvif_kick_thread(queue); =20 --=20 2.1.4 --_002_747d40ff47814c70952cd2f2a69d4069AMSPEX02CL03citritenet_ Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KWGVuLWRldmVs IG1haWxpbmcgbGlzdApYZW4tZGV2ZWxAbGlzdHMueGVuLm9yZwpodHRwczovL2xpc3RzLnhlbi5v cmcveGVuLWRldmVsCg== --_002_747d40ff47814c70952cd2f2a69d4069AMSPEX02CL03citritenet_--