xen-netback fixes for stable 35876b5 3e55f8b

Fri, 22 Feb 2013 08:55:17 -0800 

Hello,

I believe the two commits 35876b5 and 3e55f8b could be included in stable tree.
35876b5 is related to 4885628 already in the stable tree and fixes a
possible oops.
3e55f8b is fixing another possible oops (see commit messages).

I tested them on top of a v3.4.33.
Could we consider adding these patches in stable tree at least for v3.4?

Tested-by: William Dauchy <will...@gandi.net>
Cc: sta...@vger.kernel.org



commit 35876b5ffc154c357476b2c3bdab10feaf4bd8f0
Author: David Vrabel <david.vra...@citrix.com>
Date:   Thu Feb 14 03:18:57 2013 +0000

    xen-netback: correctly return errors from netbk_count_requests()
   
    netbk_count_requests() could detect an error, call
    netbk_fatal_tx_error() but return 0.  The vif may then be used
    afterwards (e.g., in a call to netbk_tx_error().
   
    Since netbk_fatal_tx_error() could set vif->refcnt to 1, the vif may
    be freed immediately after the call to netbk_fatal_tx_error() (e.g.,
    if the vif is also removed).
   
    Netback thread              Xenwatch thread
    -------------------------------------------
    netbk_fatal_tx_err()        netback_remove()
                                  xenvif_disconnect()
                                    ...
                                    free_netdev()
    netbk_tx_err() Oops!
   
    Signed-off-by: Wei Liu <wei.l...@citrix.com>
    Signed-off-by: Jan Beulich <jbeul...@suse.com>
    Signed-off-by: David Vrabel <david.vra...@citrix.com>
    Reported-by: Christopher S. Aker <ca...@theshore.net>
    Acked-by: Ian Campbell <ian.campb...@citrix.com>
    Signed-off-by: David S. Miller <da...@davemloft.net>

commit 3e55f8b306cf305832a4ac78aa82e1b40e818ece
Author: David Vrabel <david.vra...@citrix.com>
Date:   Thu Feb 14 03:18:58 2013 +0000

    xen-netback: cancel the credit timer when taking the vif down
   
    If the credit timer is left armed after calling
    xen_netbk_remove_xenvif(), then it may fire and attempt to schedule
    the vif which will then oops as vif->netbk == NULL.
   
    This may happen both in the fatal error path and during normal
    disconnection from the front end.
   
    The sequencing during shutdown is critical to ensure that: a)
    vif->netbk doesn't become unexpectedly NULL; and b) the net device/vif
    is not freed.
   
    1. Mark as unschedulable (netif_carrier_off()).
    2. Synchronously cancel the timer.
    3. Remove the vif from the schedule list.
    4. Remove it from it netback thread group.
    5. Wait for vif->refcnt to become 0.
   
    Signed-off-by: David Vrabel <david.vra...@citrix.com>
    Acked-by: Ian Campbell <ian.campb...@citrix.com>
    Reported-by: Christopher S. Aker <ca...@theshore.net>
    Signed-off-by: David S. Miller <da...@davemloft.net>


Regards,
-- 
William

Attachment: signature.asc
Description: Digital signature

Reply via email to