yeahuh / rpms / qemu-kvm

Forked from rpms/qemu-kvm 2 years ago
Clone
dc7afb
From 1e01e2f96fd5e903394eab59365d5363394c8b18 Mon Sep 17 00:00:00 2001
dc7afb
From: Jon Maloy <jmaloy@redhat.com>
dc7afb
Date: Tue, 13 Apr 2021 18:59:12 -0400
dc7afb
Subject: [PATCH 3/5] net: forbid the reentrant RX
dc7afb
dc7afb
RH-Author: Jon Maloy <jmaloy@redhat.com>
dc7afb
Message-id: <20210413185912.3811035-2-jmaloy@redhat.com>
dc7afb
Patchwork-id: 101467
dc7afb
O-Subject: [RHEL-8.5.0 qemu-kvm PATCH 1/1] net: forbid the reentrant RX
dc7afb
Bugzilla: 1859175
dc7afb
RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
dc7afb
RH-Acked-by: Thomas Huth <thuth@redhat.com>
dc7afb
RH-Acked-by: Xiao Wang <jasowang@redhat.com>
dc7afb
dc7afb
From: Jason Wang <jasowang@redhat.com>
dc7afb
dc7afb
The memory API allows DMA into NIC's MMIO area. This means the NIC's
dc7afb
RX routine must be reentrant. Instead of auditing all the NIC, we can
dc7afb
simply detect the reentrancy and return early. The queue->delivering
dc7afb
is set and cleared by qemu_net_queue_deliver() for other queue helpers
dc7afb
to know whether the delivering in on going (NIC's receive is being
dc7afb
called). We can check it and return early in qemu_net_queue_flush() to
dc7afb
forbid reentrant RX.
dc7afb
dc7afb
Signed-off-by: Jason Wang <jasowang@redhat.com>
dc7afb
dc7afb
(cherry picked from commit 22dc8663d9fc7baa22100544c600b6285a63c7a3)
dc7afb
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
dc7afb
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
dc7afb
---
dc7afb
 net/queue.c | 3 +++
dc7afb
 1 file changed, 3 insertions(+)
dc7afb
dc7afb
diff --git a/net/queue.c b/net/queue.c
dc7afb
index 61276ca4be..c679d79f4b 100644
dc7afb
--- a/net/queue.c
dc7afb
+++ b/net/queue.c
dc7afb
@@ -250,6 +250,9 @@ void qemu_net_queue_purge(NetQueue *queue, NetClientState *from)
dc7afb
 
dc7afb
 bool qemu_net_queue_flush(NetQueue *queue)
dc7afb
 {
dc7afb
+    if (queue->delivering)
dc7afb
+        return false;
dc7afb
+
dc7afb
     while (!QTAILQ_EMPTY(&queue->packets)) {
dc7afb
         NetPacket *packet;
dc7afb
         int ret;
dc7afb
-- 
dc7afb
2.27.0
dc7afb