diff mbox series

xen/xenbus: fix xenbus_setup_ring()

Message ID 20220915143137.1763-1-jgross@suse.com (mailing list archive)
State New, archived
Headers show
Series xen/xenbus: fix xenbus_setup_ring() | expand

Commit Message

Jürgen Groß Sept. 15, 2022, 2:31 p.m. UTC 
Commit 4573240f0764 ("xen/xenbus: eliminate xenbus_grant_ring()")
introduced an error for initialization of multi-page rings.

Cc: stable@vger.kernel.org
Fixes: 4573240f0764 ("xen/xenbus: eliminate xenbus_grant_ring()")
Reported-by: Sander Eikelenboom <linux@eikelenboom.it>
Signed-off-by: Juergen Gross <jgross@suse.com>
---
 drivers/xen/xenbus/xenbus_client.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

Comments

Jan Beulich Sept. 15, 2022, 2:45 p.m. UTC | #1 
On 15.09.2022 16:31, Juergen Gross wrote:
> Commit 4573240f0764 ("xen/xenbus: eliminate xenbus_grant_ring()")
> introduced an error for initialization of multi-page rings.
> 
> Cc: stable@vger.kernel.org
> Fixes: 4573240f0764 ("xen/xenbus: eliminate xenbus_grant_ring()")
> Reported-by: Sander Eikelenboom <linux@eikelenboom.it>
> Signed-off-by: Juergen Gross <jgross@suse.com>

Reviewed-by: Jan Beulich <jbeulich@suse.com>
Oleksandr Tyshchenko Sept. 15, 2022, 2:47 p.m. UTC | #2 
On 15.09.22 17:31, Juergen Gross wrote:

Hello Juergen

> Commit 4573240f0764 ("xen/xenbus: eliminate xenbus_grant_ring()")
> introduced an error for initialization of multi-page rings.
>
> Cc: stable@vger.kernel.org
> Fixes: 4573240f0764 ("xen/xenbus: eliminate xenbus_grant_ring()")
> Reported-by: Sander Eikelenboom <linux@eikelenboom.it>
> Signed-off-by: Juergen Gross <jgross@suse.com>
> ---
>   drivers/xen/xenbus/xenbus_client.c | 9 ++++++---
>   1 file changed, 6 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/xen/xenbus/xenbus_client.c b/drivers/xen/xenbus/xenbus_client.c
> index d5f3f763717e..caa5c5c32f8e 100644
> --- a/drivers/xen/xenbus/xenbus_client.c
> +++ b/drivers/xen/xenbus/xenbus_client.c
> @@ -382,9 +382,10 @@ int xenbus_setup_ring(struct xenbus_device *dev, gfp_t gfp, void **vaddr,
>   	unsigned long ring_size = nr_pages * XEN_PAGE_SIZE;
>   	grant_ref_t gref_head;
>   	unsigned int i;
> +	void *addr;
>   	int ret;
>   
> -	*vaddr = alloc_pages_exact(ring_size, gfp | __GFP_ZERO);
> +	addr = *vaddr = alloc_pages_exact(ring_size, gfp | __GFP_ZERO);
>   	if (!*vaddr) {
>   		ret = -ENOMEM;
>   		goto err;
> @@ -401,13 +402,15 @@ int xenbus_setup_ring(struct xenbus_device *dev, gfp_t gfp, void **vaddr,
>   		unsigned long gfn;
>   
>   		if (is_vmalloc_addr(*vaddr))
> -			gfn = pfn_to_gfn(vmalloc_to_pfn(vaddr[i]));
> +			gfn = pfn_to_gfn(vmalloc_to_pfn(addr));
>   		else
> -			gfn = virt_to_gfn(vaddr[i]);
> +			gfn = virt_to_gfn(addr);
>   
>   		grefs[i] = gnttab_claim_grant_reference(&gref_head);
>   		gnttab_grant_foreign_access_ref(grefs[i], dev->otherend_id,
>   						gfn, 0);
> +
> +		addr += PAGE_SIZE;

XEN_PAGE_SIZE?


Reviewed-by: Oleksandr Tyshchenko <oleksandr_tyshchenko@epam.com>


P.S.

I wondered why I didn't face the similar issue(s) as I used Linux 
v6.0.0-rc1 and several PV drivers including PV block device.

The answer is that the single-page ring is being used for all of them in 
my environment.


root@salvator-x-h3-4x2g-xt-domu:~# dmesg | grep xenbus_setup_ring
[    0.332449] vdispl vdispl-0: 0 xenbus_setup_ring: 1 pages
[    0.333464] vdispl vdispl-0: 0 xenbus_setup_ring: 1 pages
[    0.341350] vbd vbd-51713: 0 xenbus_setup_ring: 1 pages
[    0.342750] vbd vbd-51713: 0 xenbus_setup_ring: 1 pages
[    0.343261] vbd vbd-51713: 0 xenbus_setup_ring: 1 pages
[    0.343798] vbd vbd-51713: 0 xenbus_setup_ring: 1 pages
[    0.392969] vif vif-0: 0 xenbus_setup_ring: 1 pages
[    0.518733] vif vif-0: 0 xenbus_setup_ring: 1 pages
[    0.519198] vif vif-0: 0 xenbus_setup_ring: 1 pages
[    0.519501] vif vif-0: 0 xenbus_setup_ring: 1 pages
[    0.519948] vif vif-0: 0 xenbus_setup_ring: 1 pages
[    0.520371] vif vif-0: 0 xenbus_setup_ring: 1 pages
[    0.520805] vif vif-0: 0 xenbus_setup_ring: 1 pages
[    0.521070] vif vif-0: 0 xenbus_setup_ring: 1 pages
[    0.575451] vsnd vsnd-0: 0 xenbus_setup_ring: 1 pages
[    0.576855] vsnd vsnd-0: 0 xenbus_setup_ring: 1 pages


>   	}
>   
>   	return 0;
Jürgen Groß Sept. 15, 2022, 2:55 p.m. UTC | #3 
On 15.09.22 16:47, Oleksandr Tyshchenko wrote:
> 
> On 15.09.22 17:31, Juergen Gross wrote:
> 
> Hello Juergen
> 
>> Commit 4573240f0764 ("xen/xenbus: eliminate xenbus_grant_ring()")
>> introduced an error for initialization of multi-page rings.
>>
>> Cc: stable@vger.kernel.org
>> Fixes: 4573240f0764 ("xen/xenbus: eliminate xenbus_grant_ring()")
>> Reported-by: Sander Eikelenboom <linux@eikelenboom.it>
>> Signed-off-by: Juergen Gross <jgross@suse.com>
>> ---
>>    drivers/xen/xenbus/xenbus_client.c | 9 ++++++---
>>    1 file changed, 6 insertions(+), 3 deletions(-)
>>
>> diff --git a/drivers/xen/xenbus/xenbus_client.c b/drivers/xen/xenbus/xenbus_client.c
>> index d5f3f763717e..caa5c5c32f8e 100644
>> --- a/drivers/xen/xenbus/xenbus_client.c
>> +++ b/drivers/xen/xenbus/xenbus_client.c
>> @@ -382,9 +382,10 @@ int xenbus_setup_ring(struct xenbus_device *dev, gfp_t gfp, void **vaddr,
>>    	unsigned long ring_size = nr_pages * XEN_PAGE_SIZE;
>>    	grant_ref_t gref_head;
>>    	unsigned int i;
>> +	void *addr;
>>    	int ret;
>>    
>> -	*vaddr = alloc_pages_exact(ring_size, gfp | __GFP_ZERO);
>> +	addr = *vaddr = alloc_pages_exact(ring_size, gfp | __GFP_ZERO);
>>    	if (!*vaddr) {
>>    		ret = -ENOMEM;
>>    		goto err;
>> @@ -401,13 +402,15 @@ int xenbus_setup_ring(struct xenbus_device *dev, gfp_t gfp, void **vaddr,
>>    		unsigned long gfn;
>>    
>>    		if (is_vmalloc_addr(*vaddr))
>> -			gfn = pfn_to_gfn(vmalloc_to_pfn(vaddr[i]));
>> +			gfn = pfn_to_gfn(vmalloc_to_pfn(addr));
>>    		else
>> -			gfn = virt_to_gfn(vaddr[i]);
>> +			gfn = virt_to_gfn(addr);
>>    
>>    		grefs[i] = gnttab_claim_grant_reference(&gref_head);
>>    		gnttab_grant_foreign_access_ref(grefs[i], dev->otherend_id,
>>    						gfn, 0);
>> +
>> +		addr += PAGE_SIZE;
> 
> XEN_PAGE_SIZE?

Oh, indeed! Will change on commit.

> 
> 
> Reviewed-by: Oleksandr Tyshchenko <oleksandr_tyshchenko@epam.com>

Thanks,


Juergen
diff mbox series

Patch

diff --git a/drivers/xen/xenbus/xenbus_client.c b/drivers/xen/xenbus/xenbus_client.c
index d5f3f763717e..caa5c5c32f8e 100644
--- a/drivers/xen/xenbus/xenbus_client.c
+++ b/drivers/xen/xenbus/xenbus_client.c
@@ -382,9 +382,10 @@  int xenbus_setup_ring(struct xenbus_device *dev, gfp_t gfp, void **vaddr,
 	unsigned long ring_size = nr_pages * XEN_PAGE_SIZE;
 	grant_ref_t gref_head;
 	unsigned int i;
+	void *addr;
 	int ret;
 
-	*vaddr = alloc_pages_exact(ring_size, gfp | __GFP_ZERO);
+	addr = *vaddr = alloc_pages_exact(ring_size, gfp | __GFP_ZERO);
 	if (!*vaddr) {
 		ret = -ENOMEM;
 		goto err;
@@ -401,13 +402,15 @@  int xenbus_setup_ring(struct xenbus_device *dev, gfp_t gfp, void **vaddr,
 		unsigned long gfn;
 
 		if (is_vmalloc_addr(*vaddr))
-			gfn = pfn_to_gfn(vmalloc_to_pfn(vaddr[i]));
+			gfn = pfn_to_gfn(vmalloc_to_pfn(addr));
 		else
-			gfn = virt_to_gfn(vaddr[i]);
+			gfn = virt_to_gfn(addr);
 
 		grefs[i] = gnttab_claim_grant_reference(&gref_head);
 		gnttab_grant_foreign_access_ref(grefs[i], dev->otherend_id,
 						gfn, 0);
+
+		addr += PAGE_SIZE;
 	}
 
 	return 0;