Thanks for the fix! Looks good. Also verified it fixes the crash reported.
Acked-by: Andy Zhou <az...@nicira.com>
On Sat, Sep 20, 2014 at 9:10 PM, Pravin B Shelar <pshe...@nicira.com> wrote:
> OVS needs to segments large skb before sending it for miss
> packet handling to userspace. but skb_gso_segment uses
> skb->cb. This corrupted OVS_CB which result in following panic.
>
> [ 735.419921] BUG: unable to handle kernel paging request at 00000014000001b2
> [ 735.423168] Oops: 0000 [#1] SMP DEBUG_PAGEALLOC
> [ 735.445097] RIP: 0010:[<ffffffffa05df0d7>] [<ffffffffa05df0d7>]
> ovs_nla_put_flow+0x37/0x7c0 [openvswitch]
> [ 735.468858] Call Trace:
> [ 735.470384] [<ffffffffa05d7ec2>] queue_userspace_packet+0x332/0x4d0
> [openvswitch]
> [ 735.471741] [<ffffffffa05d8155>] queue_gso_packets+0xf5/0x180
> [openvswitch]
> [ 735.481862] [<ffffffffa05da9f5>] ovs_dp_upcall+0x65/0x70 [openvswitch]
> [ 735.483031] [<ffffffffa05dab81>] ovs_dp_process_packet+0x181/0x1b0
> [openvswitch]
> [ 735.484391] [<ffffffffa05e2f55>] ovs_vport_receive+0x65/0x90 [openvswitch]
> [ 735.492638] [<ffffffffa05e5738>] internal_dev_xmit+0x68/0x110
> [openvswitch]
> [ 735.495334] [<ffffffff81588eb6>] dev_hard_start_xmit+0x2e6/0x8b0
> [ 735.496503] [<ffffffff81589847>] __dev_queue_xmit+0x3c7/0x920
> [ 735.499827] [<ffffffff81589db0>] dev_queue_xmit+0x10/0x20
> [ 735.500798] [<ffffffff815d3b60>] ip_finish_output+0x6a0/0x950
> [ 735.502818] [<ffffffff815d55f8>] ip_output+0x68/0x110
> [ 735.503835] [<ffffffff815d4979>] ip_local_out+0x29/0x90
> [ 735.504801] [<ffffffff815d4e46>] ip_queue_xmit+0x1d6/0x640
> [ 735.507015] [<ffffffff815ee0d7>] tcp_transmit_skb+0x477/0xac0
> [ 735.508260] [<ffffffff815ee856>] tcp_write_xmit+0x136/0xba0
> [ 735.510829] [<ffffffff815ef56e>] __tcp_push_pending_frames+0x2e/0xc0
> [ 735.512296] [<ffffffff815e0593>] tcp_sendmsg+0xa63/0xd50
> [ 735.513526] [<ffffffff81612c2c>] inet_sendmsg+0x10c/0x220
> [ 735.516025] [<ffffffff81566b8c>] sock_sendmsg+0x9c/0xe0
> [ 735.518066] [<ffffffff81566d41>] SYSC_sendto+0x121/0x1c0
> [ 735.521398] [<ffffffff8156801e>] SyS_sendto+0xe/0x10
> [ 735.522473] [<ffffffff816df5e9>] system_call_fastpath+0x16/0x1b
>
> Reported-by: Andy Zhou <az...@nicira.com>
> Signed-off-by: Pravin B Shelar <pshe...@nicira.com>
> ---
> datapath/datapath.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/datapath/datapath.c b/datapath/datapath.c
> index 9850130..ed40c6a 100644
> --- a/datapath/datapath.c
> +++ b/datapath/datapath.c
> @@ -337,9 +337,12 @@ static int queue_gso_packets(struct datapath *dp, struct
> sk_buff *skb,
> unsigned short gso_type = skb_shinfo(skb)->gso_type;
> struct sw_flow_key later_key;
> struct sk_buff *segs, *nskb;
> + struct ovs_skb_cb ovs_cb;
> int err;
>
> + ovs_cb = *OVS_CB(skb);
> segs = __skb_gso_segment(skb, NETIF_F_SG, false);
> + *OVS_CB(skb) = ovs_cb;
> if (IS_ERR(segs))
> return PTR_ERR(segs);
>
> @@ -355,6 +358,7 @@ static int queue_gso_packets(struct datapath *dp, struct
> sk_buff *skb,
> /* Queue all of the segments. */
> skb = segs;
> do {
> + *OVS_CB(skb) = ovs_cb;
> if (gso_type & SKB_GSO_UDP && skb != segs)
> key = &later_key;
>
> --
> 1.8.3.1
>
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
