This repository has been archived by the owner on May 12, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 92
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1073 from jcvenegas/vsock-1.10
backport: 1.10.x: sock: Add mising fix to experimental kernel
- Loading branch information
Showing
2 changed files
with
50 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1 @@ | ||
| 60 | ||
| 61 |
49 changes: 49 additions & 0 deletions
49
...io-fs-dev.virtio-fs-dev.x/0001-net-virtio_vsock-Fix-race-condition-between-bind-and.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,49 @@ | ||
| From c7ec155ec5e0f573e9c3cc4eb38d47543a2f1e81 Mon Sep 17 00:00:00 2001 | ||
| From: Sebastien Boeuf <[email protected]> | ||
| Date: Thu, 13 Feb 2020 08:50:38 +0100 | ||
| Subject: [PATCH] net: virtio_vsock: Fix race condition between bind and listen | ||
|
|
||
| Whenever the vsock backend on the host sends a packet through the RX | ||
| queue, it expects an answer on the TX queue. Unfortunately, there is one | ||
| case where the host side will hang waiting for the answer and will | ||
| effectively never recover. | ||
|
|
||
| This issue happens when the guest side starts binding to the socket, | ||
| which insert a new bound socket into the list of already bound sockets. | ||
| At this time, we expect the guest to also start listening, which will | ||
| trigger the sk_state to move from TCP_CLOSE to TCP_LISTEN. The problem | ||
| occurs if the host side queued a RX packet and triggered an interrupt | ||
| right between the end of the binding process and the beginning of the | ||
| listening process. In this specific case, the function processing the | ||
| packet virtio_transport_recv_pkt() will find a bound socket, which means | ||
| it will hit the switch statement checking for the sk_state, but the | ||
| state won't be changed into TCP_LISTEN yet, which leads the code to pick | ||
| the default statement. This default statement will only free the buffer, | ||
| while it should also respond to the host side, by sending a packet on | ||
| its TX queue. | ||
|
|
||
| In order to simply fix this unfortunate chain of events, it is important | ||
| that in case the default statement is entered, and because at this stage | ||
| we know the host side is waiting for an answer, we must send back a | ||
| packet containing the operation VIRTIO_VSOCK_OP_RST. | ||
|
|
||
| Signed-off-by: Sebastien Boeuf <[email protected]> | ||
| --- | ||
| net/vmw_vsock/virtio_transport_common.c | 1 + | ||
| 1 file changed, 1 insertion(+) | ||
|
|
||
| diff --git a/net/vmw_vsock/virtio_transport_common.c b/net/vmw_vsock/virtio_transport_common.c | ||
| index 6f1a8aff65c5..0b6fb687a3e0 100644 | ||
| --- a/net/vmw_vsock/virtio_transport_common.c | ||
| +++ b/net/vmw_vsock/virtio_transport_common.c | ||
| @@ -1048,6 +1048,7 @@ void virtio_transport_recv_pkt(struct virtio_vsock_pkt *pkt) | ||
| virtio_transport_free_pkt(pkt); | ||
| break; | ||
| default: | ||
| + (void)virtio_transport_reset_no_sock(t, pkt); | ||
| virtio_transport_free_pkt(pkt); | ||
| break; | ||
| } | ||
| -- | ||
| 2.20.1 | ||
|
|