On Tue, May 20, 2014 at 09:05:38AM -0700, Eric Dumazet wrote: > On Tue, 2014-05-20 at 07:28 -0700, Eric Dumazet wrote: > > On Tue, 2014-05-20 at 14:24 +0300, Igor Royzis wrote: > > > Fix accessing GSO fragments memory (and a possible corruption therefore) > > > after > > > reporting completion in a zero copy callback. The previous fix in the > > > commit 1fd819ec > > > orphaned frags which eliminates zero copy advantages. The fix makes the > > > completion > > > called after all the fragments were processed avoiding unnecessary > > > orphaning/copying > > > from userspace. > > > > > > The GSO fragments corruption issue was observed in a typical QEMU/KVM VM > > > setup that > > > hosts a Windows guest (since QEMU virtio-net Windows driver doesn't > > > support GRO). > > > The fix has been verified by running the HCK OffloadLSO test. > > > > > It looks like all segments (generated by GSO segmentation) should share > original ubuf_info, and that it should be refcounted. > > A nightmare I suppose...
That's what skb_frag_ref tried to do only for fragments, I guess. > (transferring the ubuf_info from original skb to last segment would be > racy, as the last segment could be freed _before_ previous ones, in case > a drop happens in qdisc layer, or packets are reordered by netem) > > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
