vhost-user: use guest buffer directly in vu_handle_tx()
Check the buffer address is correctly in the mmap'ed memory. Signed-off-by: Laurent Vivier <lvivier@redhat.com>
This commit is contained in:
parent
37f457a76c
commit
1bf4abe402
7 changed files with 85 additions and 73 deletions
39
iov.c
39
iov.c
|
@ -156,42 +156,3 @@ size_t iov_size(const struct iovec *iov, size_t iov_cnt)
|
||||||
|
|
||||||
return len;
|
return len;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* iov_copy - Copy data from one scatter/gather I/O vector (struct iovec) to
|
|
||||||
* another.
|
|
||||||
*
|
|
||||||
* @dst_iov: Pointer to the destination array of struct iovec describing
|
|
||||||
* the scatter/gather I/O vector to copy to.
|
|
||||||
* @dst_iov_cnt: Number of elements in the destination iov array.
|
|
||||||
* @iov: Pointer to the source array of struct iovec describing
|
|
||||||
* the scatter/gather I/O vector to copy from.
|
|
||||||
* @iov_cnt: Number of elements in the source iov array.
|
|
||||||
* @offset: Offset within the source iov from where copying should start.
|
|
||||||
* @bytes: Total number of bytes to copy from iov to dst_iov.
|
|
||||||
*
|
|
||||||
* Returns: The number of elements successfully copied to the destination
|
|
||||||
* iov array.
|
|
||||||
*/
|
|
||||||
/* cppcheck-suppress unusedFunction */
|
|
||||||
unsigned iov_copy(struct iovec *dst_iov, size_t dst_iov_cnt,
|
|
||||||
const struct iovec *iov, size_t iov_cnt,
|
|
||||||
size_t offset, size_t bytes)
|
|
||||||
{
|
|
||||||
unsigned int i, j;
|
|
||||||
|
|
||||||
i = iov_skip_bytes(iov, iov_cnt, offset, &offset);
|
|
||||||
|
|
||||||
/* copying data */
|
|
||||||
for (j = 0; i < iov_cnt && j < dst_iov_cnt && bytes; i++) {
|
|
||||||
size_t len = MIN(bytes, iov[i].iov_len - offset);
|
|
||||||
|
|
||||||
dst_iov[j].iov_base = (char *)iov[i].iov_base + offset;
|
|
||||||
dst_iov[j].iov_len = len;
|
|
||||||
j++;
|
|
||||||
bytes -= len;
|
|
||||||
offset = 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
return j;
|
|
||||||
}
|
|
||||||
|
|
3
iov.h
3
iov.h
|
@ -25,7 +25,4 @@ size_t iov_from_buf(const struct iovec *iov, size_t iov_cnt,
|
||||||
size_t iov_to_buf(const struct iovec *iov, size_t iov_cnt,
|
size_t iov_to_buf(const struct iovec *iov, size_t iov_cnt,
|
||||||
size_t offset, void *buf, size_t bytes);
|
size_t offset, void *buf, size_t bytes);
|
||||||
size_t iov_size(const struct iovec *iov, size_t iov_cnt);
|
size_t iov_size(const struct iovec *iov, size_t iov_cnt);
|
||||||
unsigned iov_copy(struct iovec *dst_iov, size_t dst_iov_cnt,
|
|
||||||
const struct iovec *iov, size_t iov_cnt,
|
|
||||||
size_t offset, size_t bytes);
|
|
||||||
#endif /* IOVEC_H */
|
#endif /* IOVEC_H */
|
||||||
|
|
6
packet.c
6
packet.c
|
@ -25,6 +25,12 @@
|
||||||
static int packet_check_range(const struct pool *p, size_t offset, size_t len,
|
static int packet_check_range(const struct pool *p, size_t offset, size_t len,
|
||||||
const char *start, const char *func, int line)
|
const char *start, const char *func, int line)
|
||||||
{
|
{
|
||||||
|
ASSERT(p->buf);
|
||||||
|
|
||||||
|
if (p->buf_size == 0)
|
||||||
|
return vu_packet_check_range((void *)p->buf, offset, len, start,
|
||||||
|
func, line);
|
||||||
|
|
||||||
if (start < p->buf) {
|
if (start < p->buf) {
|
||||||
if (func) {
|
if (func) {
|
||||||
trace("add packet start %p before buffer start %p, "
|
trace("add packet start %p before buffer start %p, "
|
||||||
|
|
2
packet.h
2
packet.h
|
@ -22,6 +22,8 @@ struct pool {
|
||||||
struct iovec pkt[1];
|
struct iovec pkt[1];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
int vu_packet_check_range(void *buf, size_t offset, size_t len,
|
||||||
|
const char *start, const char *func, int line);
|
||||||
void packet_add_do(struct pool *p, size_t len, const char *start,
|
void packet_add_do(struct pool *p, size_t len, const char *start,
|
||||||
const char *func, int line);
|
const char *func, int line);
|
||||||
void *packet_get_do(const struct pool *p, const size_t idx,
|
void *packet_get_do(const struct pool *p, const size_t idx,
|
||||||
|
|
39
tap.c
39
tap.c
|
@ -707,7 +707,7 @@ resume:
|
||||||
if (!eh)
|
if (!eh)
|
||||||
continue;
|
continue;
|
||||||
if (ntohs(eh->h_proto) == ETH_P_ARP) {
|
if (ntohs(eh->h_proto) == ETH_P_ARP) {
|
||||||
PACKET_POOL_P(pkt, 1, in->buf, sizeof(pkt_buf));
|
PACKET_POOL_P(pkt, 1, in->buf, in->buf_size);
|
||||||
|
|
||||||
packet_add(pkt, l2_len, (char *)eh);
|
packet_add(pkt, l2_len, (char *)eh);
|
||||||
arp(c, pkt);
|
arp(c, pkt);
|
||||||
|
@ -747,7 +747,7 @@ resume:
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
if (iph->protocol == IPPROTO_ICMP) {
|
if (iph->protocol == IPPROTO_ICMP) {
|
||||||
PACKET_POOL_P(pkt, 1, in->buf, sizeof(pkt_buf));
|
PACKET_POOL_P(pkt, 1, in->buf, in->buf_size);
|
||||||
|
|
||||||
if (c->no_icmp)
|
if (c->no_icmp)
|
||||||
continue;
|
continue;
|
||||||
|
@ -766,7 +766,7 @@ resume:
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
if (iph->protocol == IPPROTO_UDP) {
|
if (iph->protocol == IPPROTO_UDP) {
|
||||||
PACKET_POOL_P(pkt, 1, in->buf, sizeof(pkt_buf));
|
PACKET_POOL_P(pkt, 1, in->buf, in->buf_size);
|
||||||
|
|
||||||
packet_add(pkt, l2_len, (char *)eh);
|
packet_add(pkt, l2_len, (char *)eh);
|
||||||
if (dhcp(c, pkt))
|
if (dhcp(c, pkt))
|
||||||
|
@ -915,7 +915,7 @@ resume:
|
||||||
}
|
}
|
||||||
|
|
||||||
if (proto == IPPROTO_ICMPV6) {
|
if (proto == IPPROTO_ICMPV6) {
|
||||||
PACKET_POOL_P(pkt, 1, in->buf, sizeof(pkt_buf));
|
PACKET_POOL_P(pkt, 1, in->buf, in->buf_size);
|
||||||
|
|
||||||
if (c->no_icmp)
|
if (c->no_icmp)
|
||||||
continue;
|
continue;
|
||||||
|
@ -939,7 +939,7 @@ resume:
|
||||||
uh = (struct udphdr *)l4h;
|
uh = (struct udphdr *)l4h;
|
||||||
|
|
||||||
if (proto == IPPROTO_UDP) {
|
if (proto == IPPROTO_UDP) {
|
||||||
PACKET_POOL_P(pkt, 1, in->buf, sizeof(pkt_buf));
|
PACKET_POOL_P(pkt, 1, in->buf, in->buf_size);
|
||||||
|
|
||||||
packet_add(pkt, l4_len, l4h);
|
packet_add(pkt, l4_len, l4h);
|
||||||
|
|
||||||
|
@ -1391,6 +1391,23 @@ static void tap_sock_tun_init(struct ctx *c)
|
||||||
epoll_ctl(c->epollfd, EPOLL_CTL_ADD, c->fd_tap, &ev);
|
epoll_ctl(c->epollfd, EPOLL_CTL_ADD, c->fd_tap, &ev);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void tap_sock_update_buf(void *base, size_t size)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
|
||||||
|
pool_tap4_storage.buf = base;
|
||||||
|
pool_tap4_storage.buf_size = size;
|
||||||
|
pool_tap6_storage.buf = base;
|
||||||
|
pool_tap6_storage.buf_size = size;
|
||||||
|
|
||||||
|
for (i = 0; i < TAP_SEQS; i++) {
|
||||||
|
tap4_l4[i].p.buf = base;
|
||||||
|
tap4_l4[i].p.buf_size = size;
|
||||||
|
tap6_l4[i].p.buf = base;
|
||||||
|
tap6_l4[i].p.buf_size = size;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* tap_sock_init() - Create and set up AF_UNIX socket or tuntap file descriptor
|
* tap_sock_init() - Create and set up AF_UNIX socket or tuntap file descriptor
|
||||||
* @c: Execution context
|
* @c: Execution context
|
||||||
|
@ -1402,10 +1419,22 @@ void tap_sock_init(struct ctx *c)
|
||||||
|
|
||||||
pool_tap4_storage = PACKET_INIT(pool_tap4, TAP_MSGS, pkt_buf, sz);
|
pool_tap4_storage = PACKET_INIT(pool_tap4, TAP_MSGS, pkt_buf, sz);
|
||||||
pool_tap6_storage = PACKET_INIT(pool_tap6, TAP_MSGS, pkt_buf, sz);
|
pool_tap6_storage = PACKET_INIT(pool_tap6, TAP_MSGS, pkt_buf, sz);
|
||||||
|
if (c->mode == MODE_VU) {
|
||||||
|
pool_tap4_storage.buf = NULL;
|
||||||
|
pool_tap4_storage.buf_size = 0;
|
||||||
|
pool_tap6_storage.buf = NULL;
|
||||||
|
pool_tap6_storage.buf_size = 0;
|
||||||
|
}
|
||||||
|
|
||||||
for (i = 0; i < TAP_SEQS; i++) {
|
for (i = 0; i < TAP_SEQS; i++) {
|
||||||
tap4_l4[i].p = PACKET_INIT(pool_l4, UIO_MAXIOV, pkt_buf, sz);
|
tap4_l4[i].p = PACKET_INIT(pool_l4, UIO_MAXIOV, pkt_buf, sz);
|
||||||
tap6_l4[i].p = PACKET_INIT(pool_l4, UIO_MAXIOV, pkt_buf, sz);
|
tap6_l4[i].p = PACKET_INIT(pool_l4, UIO_MAXIOV, pkt_buf, sz);
|
||||||
|
if (c->mode == MODE_VU) {
|
||||||
|
tap4_l4[i].p.buf = NULL;
|
||||||
|
tap4_l4[i].p.buf_size = 0;
|
||||||
|
tap6_l4[i].p.buf = NULL;
|
||||||
|
tap6_l4[i].p.buf_size = 0;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (c->fd_tap != -1) { /* Passed as --fd */
|
if (c->fd_tap != -1) { /* Passed as --fd */
|
||||||
|
|
1
tap.h
1
tap.h
|
@ -98,6 +98,7 @@ void tap_handler_pasta(struct ctx *c, uint32_t events,
|
||||||
void tap_handler_passt(struct ctx *c, uint32_t events,
|
void tap_handler_passt(struct ctx *c, uint32_t events,
|
||||||
const struct timespec *now);
|
const struct timespec *now);
|
||||||
void tap_sock_reset(struct ctx *c);
|
void tap_sock_reset(struct ctx *c);
|
||||||
|
void tap_sock_update_buf(void *base, size_t size);
|
||||||
void tap_sock_init(struct ctx *c);
|
void tap_sock_init(struct ctx *c);
|
||||||
void pool_flush_all(void);
|
void pool_flush_all(void);
|
||||||
void tap_handler_all(struct ctx *c, const struct timespec *now);
|
void tap_handler_all(struct ctx *c, const struct timespec *now);
|
||||||
|
|
68
vhost_user.c
68
vhost_user.c
|
@ -334,6 +334,25 @@ static bool map_ring(VuDev *vdev, VuVirtq *vq)
|
||||||
return !(vq->vring.desc && vq->vring.used && vq->vring.avail);
|
return !(vq->vring.desc && vq->vring.used && vq->vring.avail);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int vu_packet_check_range(void *buf, size_t offset, size_t len, const char *start,
|
||||||
|
const char *func, int line)
|
||||||
|
{
|
||||||
|
VuDevRegion *dev_region;
|
||||||
|
|
||||||
|
for (dev_region = buf; dev_region->mmap_addr; dev_region++) {
|
||||||
|
if ((char *)dev_region->mmap_addr <= start &&
|
||||||
|
start + offset + len < (char *)dev_region->mmap_addr +
|
||||||
|
dev_region->mmap_offset +
|
||||||
|
dev_region->size)
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
if (func) {
|
||||||
|
trace("cannot find region, %s:%i", func, line);
|
||||||
|
}
|
||||||
|
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* #syscalls:passt mmap munmap
|
* #syscalls:passt mmap munmap
|
||||||
*/
|
*/
|
||||||
|
@ -400,6 +419,12 @@ static bool vu_set_mem_table_exec(VuDev *vdev,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* XXX */
|
||||||
|
ASSERT(vdev->nregions < VHOST_USER_MAX_RAM_SLOTS - 1);
|
||||||
|
vdev->regions[vdev->nregions].mmap_addr = 0; /* mark EOF for vu_packet_check_range() */
|
||||||
|
|
||||||
|
tap_sock_update_buf(vdev->regions, 0);
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -650,8 +675,8 @@ static void vu_handle_tx(VuDev *vdev, int index)
|
||||||
VuVirtq *vq = &vdev->vq[index];
|
VuVirtq *vq = &vdev->vq[index];
|
||||||
int hdrlen = vdev->hdrlen;
|
int hdrlen = vdev->hdrlen;
|
||||||
struct timespec now;
|
struct timespec now;
|
||||||
char *p;
|
unsigned int indexes[VIRTQUEUE_MAX_SIZE];
|
||||||
size_t n;
|
int count;
|
||||||
|
|
||||||
if (index % 2 != VHOST_USER_TX_QUEUE) {
|
if (index % 2 != VHOST_USER_TX_QUEUE) {
|
||||||
debug("index %d is not an TX queue", index);
|
debug("index %d is not an TX queue", index);
|
||||||
|
@ -660,14 +685,11 @@ static void vu_handle_tx(VuDev *vdev, int index)
|
||||||
|
|
||||||
clock_gettime(CLOCK_MONOTONIC, &now);
|
clock_gettime(CLOCK_MONOTONIC, &now);
|
||||||
|
|
||||||
p = pkt_buf;
|
|
||||||
|
|
||||||
pool_flush_all();
|
pool_flush_all();
|
||||||
|
|
||||||
|
count = 0;
|
||||||
while (1) {
|
while (1) {
|
||||||
VuVirtqElement *elem;
|
VuVirtqElement *elem;
|
||||||
unsigned int out_num;
|
|
||||||
struct iovec sg[VIRTQUEUE_MAX_SIZE], *out_sg;
|
|
||||||
|
|
||||||
ASSERT(index == VHOST_USER_TX_QUEUE);
|
ASSERT(index == VHOST_USER_TX_QUEUE);
|
||||||
elem = vu_queue_pop(vdev, vq, sizeof(VuVirtqElement), buffer[index]);
|
elem = vu_queue_pop(vdev, vq, sizeof(VuVirtqElement), buffer[index]);
|
||||||
|
@ -675,32 +697,26 @@ static void vu_handle_tx(VuDev *vdev, int index)
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
out_num = elem->out_num;
|
if (elem->out_num < 1) {
|
||||||
out_sg = elem->out_sg;
|
|
||||||
if (out_num < 1) {
|
|
||||||
debug("virtio-net header not in first element");
|
debug("virtio-net header not in first element");
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
ASSERT(elem->out_num == 1);
|
||||||
|
|
||||||
if (hdrlen) {
|
packet_add_all(c, elem->out_sg[0].iov_len - hdrlen,
|
||||||
unsigned sg_num;
|
(char *)elem->out_sg[0].iov_base + hdrlen);
|
||||||
|
indexes[count] = elem->index;
|
||||||
sg_num = iov_copy(sg, ARRAY_SIZE(sg), out_sg, out_num,
|
count++;
|
||||||
hdrlen, -1);
|
|
||||||
out_num = sg_num;
|
|
||||||
out_sg = sg;
|
|
||||||
}
|
|
||||||
|
|
||||||
n = iov_to_buf(out_sg, out_num, 0, p, TAP_BUF_FILL);
|
|
||||||
|
|
||||||
packet_add_all(c, n, p);
|
|
||||||
|
|
||||||
p += n;
|
|
||||||
|
|
||||||
vu_queue_push(vdev, vq, elem, 0);
|
|
||||||
vu_queue_notify(vdev, vq);
|
|
||||||
}
|
}
|
||||||
tap_handler_all(c, &now);
|
tap_handler_all(c, &now);
|
||||||
|
|
||||||
|
if (count) {
|
||||||
|
int i;
|
||||||
|
for (i = 0; i < count; i++)
|
||||||
|
vu_queue_fill_by_index(vdev, vq, indexes[i], 0, i);
|
||||||
|
vu_queue_flush(vdev, vq, count);
|
||||||
|
vu_queue_notify(vdev, vq);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
void vu_kick_cb(struct ctx *c, union epoll_ref ref)
|
void vu_kick_cb(struct ctx *c, union epoll_ref ref)
|
||||||
|
|
Loading…
Reference in a new issue