use kfree() that would try to free it
without be allocated if SET_OWNER is not called.
Reported-by: JAEHOON KIM
Reported-by: Breno Leitao
Fixes: 7918bb2d19c9 ("vhost: basic in order support")
Signed-off-by: Jason Wang
---
drivers/vhost/vhost.c | 1 +
1 file changed, 1 insertion(+)
Revie
eginning, maybe some
changes were made during initial development...
LGTM!
Reviewed-by: Stefano Garzarella
diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c
index 1053662725f8..fae512594849 100644
--- a/net/vmw_vsock/af_vsock.c
+++ b/net/vmw_vsock/af_vsock.c
@@ -1028,11 +1028,
On Thu, 17 Jul 2025 at 14:31, Michael S. Tsirkin wrote:
>
> On Thu, Jul 17, 2025 at 10:01:07AM +0100, Will Deacon wrote:
> > Hi all,
> >
> > Here is version four of the patches I previously posted here:
> >
> > v1: https://lore.kernel.org/r/20250625131543.5155-1-w...@kernel.org
> > v2: https:/
/vmw_vsock/virtio_transport.c | 12 ++--
1 file changed, 10 insertions(+), 2 deletions(-)
Reviewed-by: Stefano Garzarella
diff --git a/net/vmw_vsock/virtio_transport.c b/net/vmw_vsock/virtio_transport.c
index f0e48e6911fc..eb08a393413d 100644
--- a/net/vmw_vsock/virtio_transport.c
; than VIRTIO_VSOCK_MAX_PKT_BUF_SIZE + the header size is rejected
> > outright. The subsequent check on the length field in the header can
> > then simply check that the allocated SKB is indeed large enough to hold
> > the packet.
> >
> > Cc:
> > Fixes: 71dc9ec9ac7d (
On Mon, Jul 14, 2025 at 04:20:54PM +0100, Will Deacon wrote:
Hi folks,
Here is version three of the patches I previously posted here:
v1: https://lore.kernel.org/r/20250625131543.5155-1-w...@kernel.org
v2: https://lore.kernel.org/r/20250701164507.14883-1-w...@kernel.org
Changes since v2 incl
: Will Deacon
---
drivers/vhost/vsock.c| 8 +++-
include/linux/virtio_vsock.h | 40 +---
2 files changed, 36 insertions(+), 12 deletions(-)
Reviewed-by: Stefano Garzarella
diff --git a/drivers/vhost/vsock.c b/drivers/vhost/vsock.c
index 24b7547b05a6
++-
include/linux/virtio_vsock.h | 3 ---
2 files changed, 2 insertions(+), 4 deletions(-)
Reviewed-by: Stefano Garzarella
diff --git a/drivers/vhost/vsock.c b/drivers/vhost/vsock.c
index 1ad96613680e..24b7547b05a6 100644
--- a/drivers/vhost/vsock.c
+++ b/drivers/vhost/vsock.c
@@ -344,7 +344,8
(-)
Reviewed-by: Stefano Garzarella
diff --git a/drivers/vhost/vsock.c b/drivers/vhost/vsock.c
index 4c4a642945eb..1ad96613680e 100644
--- a/drivers/vhost/vsock.c
+++ b/drivers/vhost/vsock.c
@@ -348,7 +348,7 @@ vhost_vsock_alloc_skb(struct vhost_virtqueue *vq,
return NULL
memory utilisation and removing the need to allocate higher-order
pages entirely.
Signed-off-by: Will Deacon
---
include/linux/virtio_vsock.h | 7 ++-
net/vmw_vsock/virtio_transport.c | 2 +-
2 files changed, 7 insertions(+), 2 deletions(-)
Reviewed-by: Stefano Garzarella
diff --git a
changed, 6 insertions(+), 9 deletions(-)
Reviewed-by: Stefano Garzarella
diff --git a/drivers/vhost/vsock.c b/drivers/vhost/vsock.c
index 66a0f060770e..4c4a642945eb 100644
--- a/drivers/vhost/vsock.c
+++ b/drivers/vhost/vsock.c
@@ -375,7 +375,7 @@ vhost_vsock_alloc_skb(struct vhost_virtqueue *vq
On Mon, Jul 14, 2025 at 04:20:56PM +0100, Will Deacon wrote:
When receiving a vsock packet in the guest, only the virtqueue buffer
size is validated prior to virtio_vsock_skb_rx_put(). Unfortunately,
virtio_vsock_skb_rx_put() uses the length from the packet header as the
length argument to skb_pu
indeed large enough to hold
the packet.
Cc:
Fixes: 71dc9ec9ac7d ("virtio/vsock: replace virtio_vsock_pkt with sk_buff")
Signed-off-by: Will Deacon
---
drivers/vhost/vsock.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
Reviewed-by: Stefano Garzarella
diff --git a/dri
On Wed, 9 Jul 2025 at 17:26, Stefano Garzarella wrote:
>
> On Wed, 9 Jul 2025 at 16:54, Konstantin Shkolnyy wrote:
> >
> > I'm seeing a problem on s390 with the new "SOCK_STREAM transport change
> > null-ptr-deref"
On Wed, 9 Jul 2025 at 16:54, Konstantin Shkolnyy wrote:
>
> I'm seeing a problem on s390 with the new "SOCK_STREAM transport change
> null-ptr-deref" test. Here is how it appears to happen:
>
> test_stream_transport_change_client() spins for 2s and sends 70K+
> CONTROL_CONTINUE messages to the "co
From: Stefano Garzarella
In test_stream_transport_change_client(), the client sends CONTROL_CONTINUE
on each iteration, even when connect() is unsuccessful. This causes a flood
of control messages in the server that hangs around for more than 10
seconds after the test finishes, triggering
From: Stefano Garzarella
>From commit 634f1a7110b4 ("vsock: support sockmap"), `struct proto
vsock_proto`, defined in af_vsock.c, is not static anymore, since it's
used by vsock_bpf.c.
If CONFIG_BPF_SYSCALL is not defined, `make C=2` will print a warning:
$ make O
internal kernel review list
Cc: Stefano Garzarella
Cc: "David S. Miller"
Cc: Eric Dumazet
Cc: Jakub Kicinski
Cc: Paolo Abeni
Cc: Simon Horman
Cc: virtualizat...@lists.linux.dev
Cc: net...@vger.kernel.org
Cc: stable
Signed-off-by: HarshaVardhana S A
Signed-off-by: Greg Kro
On Tue, Jul 01, 2025 at 02:56:14PM +0200, Greg Kroah-Hartman wrote:
On Tue, Jul 01, 2025 at 02:42:10PM +0200, Stefano Garzarella wrote:
On Tue, Jul 01, 2025 at 02:22:54PM +0200, Greg Kroah-Hartman wrote:
> From: HarshaVardhana S A
>
> In vmci_transport_packet_init m
On Wed, Jul 02, 2025 at 03:38:45PM +0200, Michal Luczaj wrote:
Support returning VMADDR_CID_LOCAL in case no other vsock transport is
available.
Fixes: 0e12190578d0 ("vsock: add local transport support in the vsock core")
Suggested-by: Stefano Garzarella
Signed-off-by: Michal Lucza
: add multi-transports support")
Reviewed-by: Stefano Garzarella
Signed-off-by: Michal Luczaj
---
net/vmw_vsock/af_vsock.c | 28 +++-
1 file changed, 23 insertions(+), 5 deletions(-)
diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vso
[0x0118-0x011f]
RIP: 0010:vsock_dev_do_ioctl.isra.0+0x58/0xf0
Call Trace:
__x64_sys_ioctl+0x12d/0x190
do_syscall_64+0x92/0x1c0
entry_SYSCALL_64_after_hwframe+0x4b/0x53
Fixes: c0cfa2d8a788 ("vsock: add multi-transports support")
Suggested-by: Stefano Garzarella
Signed-off-
On Thu, Jul 03, 2025 at 10:51:56AM +0800, Xuewei Niu wrote:
Resend: forgot to reply all...
On Mon, Jun 30, 2025 at 03:57:27PM +0800, Xuewei Niu wrote:
>Add SIOCINQ ioctl tests for both SOCK_STREAM and SOCK_SEQPACKET.
>
>The client waits for the server to send data, and checks if the SIOCINQ
>io
On Thu, Jul 03, 2025 at 11:05:14AM +0800, Xuewei Niu wrote:
Resend: the previous message was rejected due to HTML
Resend: forgot to reply all...
On Mon, Jun 30, 2025 at 03:57:26PM +0800, Xuewei Niu wrote:
>Wrap the ioctl in `ioctl_int()`, which takes a pointer to the actual
>int value and an ex
(+), 2 deletions(-)
Reviewed-by: Stefano Garzarella
diff --git a/net/vmw_vsock/virtio_transport_common.c
b/net/vmw_vsock/virtio_transport_common.c
index c9eb7f7ac00d..f74677c3511e 100644
--- a/net/vmw_vsock/virtio_transport_common.c
+++ b/net/vmw_vsock/virtio_transport_common.c
@@ -109,7
On Tue, Jul 01, 2025 at 05:45:05PM +0100, Will Deacon wrote:
When receiving a packet from a guest, vhost_vsock_handle_tx_kick()
calls vhost_vsock_alloc_linear_skb() to allocate and fill an SKB with
the receive data. Unfortunately, these are always linear allocations and
can therefore result in si
On Tue, Jul 01, 2025 at 05:45:04PM +0100, Will Deacon wrote:
In preparation for nonlinear allocations for large SKBs, introduce a
new virtio_vsock_alloc_linear_skb() helper to return linear SKBs
unconditionally and switch all callers over to this new interface for
now.
No functional change.
Sig
On Tue, Jul 01, 2025 at 05:45:02PM +0100, Will Deacon wrote:
virtio_vsock_skb_rx_put() only calls skb_put() if the length in the
packet header is not zero even though skb_put() handles this case
gracefully.
Remove the functionally redundant check from virtio_vsock_skb_rx_put()
and, on the assump
On Tue, Jul 01, 2025 at 08:14:00PM +0100, David Laight wrote:
On Tue, 1 Jul 2025 17:45:03 +0100
Will Deacon wrote:
When allocating receive buffers for the vsock virtio RX virtqueue, an
SKB is allocated with a 4140 data payload (the 44-byte packet header +
VIRTIO_VSOCK_DEFAULT_RX_BUF_SIZE). Ev
On Mon, Jun 30, 2025 at 06:33:03PM +0200, Luigi Leonardi wrote:
Add three new macros: TRANSPORTS_G2H, TRANSPORTS_H2G and
TRANSPORTS_LOCAL.
They can be used to identify the type of the transport(s) loaded when
using the `get_transports()` function.
Suggested-by: Stefano Garzarella
Signed-off-by
sock/Makefile | 1 +
tools/testing/vsock/vsock_test.c | 170 +++
2 files changed, 171 insertions(+)
Reviewed-by: Stefano Garzarella
Thanks,
Stefano
diff --git a/tools/testing/vsock/Makefile b/tools/testing/vsock/Makefile
index
6e0b4e95e230500f99bb9c74350
On Mon, Jun 30, 2025 at 03:57:27PM +0800, Xuewei Niu wrote:
Add SIOCINQ ioctl tests for both SOCK_STREAM and SOCK_SEQPACKET.
The client waits for the server to send data, and checks if the SIOCINQ
ioctl value matches the data size. After consuming the data, the client
checks if the SIOCINQ value
On Mon, Jun 30, 2025 at 03:57:26PM +0800, Xuewei Niu wrote:
Wrap the ioctl in `ioctl_int()`, which takes a pointer to the actual
int value and an expected int value. The function will not return until
either the ioctl returns the expected value or a timeout occurs, thus
avoiding immediate failure
On Mon, Jun 30, 2025 at 03:57:25PM +0800, Xuewei Niu wrote:
IMO here you should not reset the author to you, but you should keep
Dexuan as authour of this patch.
When hv_sock was originally added, __vsock_stream_recvmsg() and
vsock_stream_has_data() actually only needed to know whether there
is
On Mon, Jun 30, 2025 at 03:57:24PM +0800, Xuewei Niu wrote:
Add support for SIOCINQ ioctl, indicating the length of bytes unread in the
socket. The value is obtained from `vsock_stream_has_data()`.
Signed-off-by: Xuewei Niu
---
net/vmw_vsock/af_vsock.c | 22 ++
1 file changed
, but if you didn't put it,
there's probably a reason :-)
If we are going to add it, I think it should be:
Fixes: d021c344051a ("VSOCK: Introduce VM Sockets")
Cc: Bryan Tan
Cc: Vishnu Dasa
Cc: Broadcom internal kernel review list
Cc: Stefano Garzarella
Cc: "D
On Mon, Jun 30, 2025 at 03:20:57PM +0100, Will Deacon wrote:
On Fri, Jun 27, 2025 at 12:45:45PM +0200, Stefano Garzarella wrote:
On Wed, Jun 25, 2025 at 02:15:41PM +0100, Will Deacon wrote:
> When receiving a packet from a guest, vhost_vsock_handle_tx_kick()
> calls vhost_vsock_alloc_sk
On Mon, Jun 30, 2025 at 01:51:07PM +0100, Will Deacon wrote:
On Fri, Jun 27, 2025 at 12:36:46PM +0200, Stefano Garzarella wrote:
On Wed, Jun 25, 2025 at 02:15:39PM +0100, Will Deacon wrote:
> vhost_vsock_alloc_skb() returns NULL for packets advertising a length
> large
On Mon, Jun 30, 2025 at 01:02:26PM +0200, Michal Luczaj wrote:
On 6/30/25 11:05, Stefano Garzarella wrote:
On Sun, Jun 29, 2025 at 11:26:12PM +0200, Michal Luczaj wrote:
On 6/27/25 10:02, Stefano Garzarella wrote:
On Wed, Jun 25, 2025 at 11:23:30PM +0200, Michal Luczaj wrote:
On 6/25/25 10
On Sun, Jun 29, 2025 at 11:26:25PM +0200, Michal Luczaj wrote:
On 6/27/25 10:08, Stefano Garzarella wrote:
On Fri, Jun 20, 2025 at 09:52:44PM +0200, Michal Luczaj wrote:
Transport assignment may race with module unload. Protect new_transport
from becoming a stale pointer.
This also takes care
On Sun, Jun 29, 2025 at 11:26:12PM +0200, Michal Luczaj wrote:
On 6/27/25 10:02, Stefano Garzarella wrote:
On Wed, Jun 25, 2025 at 11:23:30PM +0200, Michal Luczaj wrote:
On 6/25/25 10:43, Stefano Garzarella wrote:
On Fri, Jun 20, 2025 at 09:52:43PM +0200, Michal Luczaj wrote:
vsock_find_cid
On Mon, 30 Jun 2025 at 09:54, Xuewei Niu wrote:
>
> > On Mon, Jun 30, 2025 at 03:38:24PM +0800, Xuewei Niu wrote:
> > >Introduce SIOCINQ ioctl support for vsock, indicating the length of unread
> > >bytes.
> >
> > I think something went wrong with this version of the series, because I
> > don't se
On Mon, Jun 30, 2025 at 03:38:24PM +0800, Xuewei Niu wrote:
Introduce SIOCINQ ioctl support for vsock, indicating the length of unread
bytes.
I think something went wrong with this version of the series, because I
don't see the patch introducing support for SIOCINQ ioctl in af_vsock.c,
or did
, so all feedback is welcome.
Thank you very much for this series!
I left some minor comments, but overall LGTM!
Thanks,
Stefano
Patches based on v6.16-rc3.
Cheers,
Will
Cc: Keir Fraser
Cc: Steven Moreland
Cc: Frederick Mayle
Cc: Stefan Hajnoczi
Cc: Stefano Garzarella
Cc: "Michael S.
nit: I'd use `vsock/virtio: ` prefix since we are touching the virtio
transport common code. Maybe we can mention that this will affect both
virtio and vhost transports.
On Wed, Jun 25, 2025 at 02:15:43PM +0100, Will Deacon wrote:
When transmitting a vsock packet, virtio_transport_send_pkt_info
| 2 +-
include/linux/virtio_vsock.h | 2 +-
net/vmw_vsock/virtio_transport.c | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
LGMT!
Reviewed-by: Stefano Garzarella
diff --git a/drivers/vhost/vsock.c b/drivers/vhost/vsock.c
index cfa4e1bcf367..3799c0aeeec5 100644
--- a
On Wed, Jun 25, 2025 at 02:15:41PM +0100, Will Deacon wrote:
When receiving a packet from a guest, vhost_vsock_handle_tx_kick()
calls vhost_vsock_alloc_skb() to allocate and fill an SKB with the
receive data. Unfortunately, these are always linear allocations and can
therefore result in significa
On Wed, Jun 25, 2025 at 02:15:40PM +0100, Will Deacon wrote:
When allocating receive buffers for the vsock virtio RX virtqueue, an
SKB is allocated with a 4140 data payload (the 44-byte packet header +
VIRTIO_VSOCK_DEFAULT_RX_BUF_SIZE). Even when factoring in the SKB
overhead, the resulting 8KiB
On Wed, Jun 25, 2025 at 02:15:39PM +0100, Will Deacon wrote:
vhost_vsock_alloc_skb() returns NULL for packets advertising a length
larger than VIRTIO_VSOCK_MAX_PKT_BUF_SIZE in the packet header. However,
this is only checked once the SKB has been allocated and, if the length
in the packet header
On Wed, Jun 25, 2025 at 11:23:54PM +0200, Michal Luczaj wrote:
On 6/25/25 10:54, Stefano Garzarella wrote:
On Fri, Jun 20, 2025 at 09:52:45PM +0200, Michal Luczaj wrote:
Support returning VMADDR_CID_LOCAL in case no other vsock transport is
available.
Fixes: 0e12190578d0 ("vsock: add
On Fri, Jun 20, 2025 at 09:52:44PM +0200, Michal Luczaj wrote:
Transport assignment may race with module unload. Protect new_transport
from becoming a stale pointer.
This also takes care of an insecure call in vsock_use_local_transport();
add a lockdep assert.
BUG: unable to handle page fault f
On Wed, Jun 25, 2025 at 11:23:30PM +0200, Michal Luczaj wrote:
On 6/25/25 10:43, Stefano Garzarella wrote:
On Fri, Jun 20, 2025 at 09:52:43PM +0200, Michal Luczaj wrote:
vsock_find_cid() and vsock_dev_do_ioctl() may race with module unload.
transport_{g2h,h2g} may become NULL after the NULL
On Tue, Jun 24, 2025 at 05:40:15PM +0200, Luigi Leonardi wrote:
Add a new test to ensure that when the transport changes a null pointer
dereference does not occur. The bug was reported upstream [1] and fixed
with commit 2cb7c756f605 ("vsock/virtio: discard packets if the
transport changes").
KAS
[0x0118-0x011f]
RIP: 0010:vsock_dev_do_ioctl.isra.0+0x58/0xf0
Call Trace:
__x64_sys_ioctl+0x12d/0x190
do_syscall_64+0x92/0x1c0
entry_SYSCALL_64_after_hwframe+0x4b/0x53
Fixes: c0cfa2d8a788 ("vsock: add multi-transports support")
Suggested-by: Stefano Garzarella
Signed-off-
On Fri, Jun 20, 2025 at 09:52:45PM +0200, Michal Luczaj wrote:
Support returning VMADDR_CID_LOCAL in case no other vsock transport is
available.
Fixes: 0e12190578d0 ("vsock: add local transport support in the vsock core")
Suggested-by: Stefano Garzarella
Signed-off-by: Michal Lucza
: add multi-transports support")
Signed-off-by: Michal Luczaj
---
net/vmw_vsock/af_vsock.c | 28 +++-
1 file changed, 23 insertions(+), 5 deletions(-)
LGTM!
Reviewed-by: Stefano Garzarella
diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vso
From: Stefano Garzarella
If a userspace application just include will fail
to build with the following errors:
/usr/include/linux/vm_sockets.h:182:39: error: invalid application of
‘sizeof’ to incomplete type ‘struct sockaddr’
182 | unsigned char svm_zero[sizeof(struct
On Fri, Jun 20, 2025 at 02:58:49PM +0200, Michal Luczaj wrote:
On 6/20/25 10:32, Stefano Garzarella wrote:
On Wed, Jun 18, 2025 at 02:34:00PM +0200, Michal Luczaj wrote:
Checking transport_{h2g,g2h} != NULL may race with vsock_core_unregister().
Make sure pointers remain valid.
KASAN: null
On Fri, 20 Jun 2025 at 16:23, Michal Luczaj wrote:
>
> On 6/20/25 15:20, Stefano Garzarella wrote:
> > On Fri, Jun 20, 2025 at 02:58:49PM +0200, Michal Luczaj wrote:
> >> On 6/20/25 10:32, Stefano Garzarella wrote:
> >>> On Wed, Jun 18, 2025 at 02:3
On Wed, Jun 18, 2025 at 02:34:02PM +0200, Michal Luczaj wrote:
Transport assignment may race with module unload. Protect new_transport
from becoming a stale pointer.
This also takes care of an insecure call in vsock_use_local_transport();
add a lockdep assert.
BUG: unable to handle page fault f
On Wed, Jun 18, 2025 at 02:34:00PM +0200, Michal Luczaj wrote:
Checking transport_{h2g,g2h} != NULL may race with vsock_core_unregister().
Make sure pointers remain valid.
KASAN: null-ptr-deref in range [0x0118-0x011f]
RIP: 0010:vsock_dev_do_ioctl.isra.0+0x58/0xf0
Call Tr
CCing Daniel who commented v2.
On Mon, Jun 16, 2025 at 09:32:49PM -0700, Bobby Eshleman wrote:
This series adds namespace support to vhost-vsock. It does not add
namespaces to any of the guest transports (virtio-vsock, hyperv, or
vmci).
The current revision only supports two modes: local or glo
On Tue, Jun 17, 2025 at 12:53:46PM +0800, Xuewei Niu wrote:
Add SIOCINQ ioctl tests for both SOCK_STREAM and SOCK_SEQPACKET.
The client waits for the server to send data, and checks if the SIOCINQ
ioctl value matches the data size. After consuming the data, the client
checks if the SIOCINQ value
On Tue, Jun 17, 2025 at 12:53:45PM +0800, Xuewei Niu wrote:
Wrap the ioctl in `ioctl_int()`, which takes a pointer to the actual
int value and an expected int value. The function will not return until
either the ioctl returns the expected value or a timeout occurs, thus
avoiding immediate failure
sock_close+0x14/0x20
__fput+0x35a/0xaa0
task_work_run+0xff/0x1c0
do_exit+0x849/0x24c0
make_task_dead+0xf3/0x110
rewind_stack_and_make_dead+0x16/0x20
[1]:
https://lore.kernel.org/netdev/CAGxU2F5zhfWymY8u0hrKksW8PumXAYz-9_qRmW==92oax1b...@mail.gmail.com/
Suggested-by: Stefano Garzarella
Signed-off-by
efine KSYM_ENTRY(sym) "d " sym "_transport"
/* Keep `enum transport` order */
static const char * const transport_ksyms[] = {
KSYM_ENTRY("loopback"),
KSYM_ENTRY("virtio"),
KSYM_ENTRY("vhost"),
KSYM_ENTRY("vmci"
On Mon, Jun 16, 2025 at 02:57:29PM -0700, Jakub Kicinski wrote:
On Wed, 11 Jun 2025 21:56:49 +0200 Michal Luczaj wrote:
Increase the coverage of a test implemented in commit 301a62dfb0d0
("vsock/test: Add test for UAF due to socket unbinding"). Take this
opportunity to factor out some utility co
On Mon, 16 Jun 2025 at 16:39, Xuewei Niu wrote:
>
> > On Fri, Jun 13, 2025 at 11:11:52AM +0800, Xuewei Niu wrote:
> > >This patch adds SIOCINQ ioctl tests for both SOCK_STREAM and
> > >SOCK_SEQPACKET.
> > >
> > >The client waits for the server to send data, and checks if the SIOCINQ
> > >ioctl val
On Mon, Jun 16, 2025 at 10:28:22PM +0800, Xuewei Niu wrote:
On Fri, Jun 13, 2025 at 11:11:50AM +0800, Xuewei Niu wrote:
>This patch adds support for SIOCINQ ioctl, which returns the number of
>bytes unread in the socket.
>
>Signed-off-by: Xuewei Niu
>---
> include/net/af_vsock.h | 2 ++
> net/
On Fri, Jun 13, 2025 at 11:11:52AM +0800, Xuewei Niu wrote:
This patch adds SIOCINQ ioctl tests for both SOCK_STREAM and
SOCK_SEQPACKET.
The client waits for the server to send data, and checks if the SIOCINQ
ioctl value matches the data size. After consuming the data, the client
checks if the S
On Fri, Jun 13, 2025 at 11:11:50AM +0800, Xuewei Niu wrote:
This patch adds support for SIOCINQ ioctl, which returns the number of
bytes unread in the socket.
Signed-off-by: Xuewei Niu
---
include/net/af_vsock.h | 2 ++
net/vmw_vsock/af_vsock.c | 22 ++
2 files changed, 24
On Thu, Jun 12, 2025 at 04:55:14PM +0800, Xuewei Niu wrote:
On Thu, 12 Jun 2025 at 10:21, Xuewei Niu wrote:
>
> > On Thu, 12 Jun 2025 at 08:50, Xuewei Niu wrote:
> > >
> > > > On Thu, Jun 12, 2025 at 01:32:01PM +0800, Xuewei Niu wrote:
> > > > > No comments since last month.
> > > > >
> > > > >
On Thu, 12 Jun 2025 at 10:21, Xuewei Niu wrote:
>
> > On Thu, 12 Jun 2025 at 08:50, Xuewei Niu wrote:
> > >
> > > > On Thu, Jun 12, 2025 at 01:32:01PM +0800, Xuewei Niu wrote:
> > > > > No comments since last month.
> > > > >
> > > > > The patch [1], which adds SIOCINQ ioctl support for vsock, de
On Thu, 12 Jun 2025 at 08:50, Xuewei Niu wrote:
>
> > On Thu, Jun 12, 2025 at 01:32:01PM +0800, Xuewei Niu wrote:
> > > No comments since last month.
> > >
> > > The patch [1], which adds SIOCINQ ioctl support for vsock, depends on this
> > > patch. Could I get more eyes on this one?
> > >
> > > [
On Wed, Jun 11, 2025 at 04:07:25PM +0200, Luigi Leonardi wrote:
Add a new test to ensure that when the transport changes a null pointer
dereference does not occur. The bug was reported upstream [1] and fixed
with commit 2cb7c756f605 ("vsock/virtio: discard packets if the
transport changes").
KAS
---
Changes in v10:
- remove dupes in tools/testing/selftests/vsock/config
- Link to v9:
https://lore.kernel.org/r/20250527-vsock-vmtest-v9-1-24eaeec6f...@gmail.com
Thanks, tested locally!
For vsock POV:
Reviewed-by: Stefano Garzarella
Changes in v9:
- make kselftest build target depend o
On Fri, Jun 06, 2025 at 09:51:29AM +0200, Michal Luczaj wrote:
On 6/5/25 12:46, Stefano Garzarella wrote:
On Wed, Jun 04, 2025 at 09:10:19PM +0200, Michal Luczaj wrote:
On 6/4/25 11:07, Stefano Garzarella wrote:
On Wed, May 28, 2025 at 10:44:42PM +0200, Michal Luczaj wrote:
+static int
On Wed, Jun 04, 2025 at 09:11:33PM +0200, Michal Luczaj wrote:
On 6/4/25 11:37, Stefano Garzarella wrote:
On Wed, May 28, 2025 at 10:44:43PM +0200, Michal Luczaj wrote:
+static bool test_stream_transport_uaf(int cid)
{
int sockets[MAX_PORT_RETRIES];
struct sockaddr_vm addr
On Wed, Jun 04, 2025 at 09:10:19PM +0200, Michal Luczaj wrote:
On 6/4/25 11:07, Stefano Garzarella wrote:
On Wed, May 28, 2025 at 10:44:42PM +0200, Michal Luczaj wrote:
+static int __get_transports(void)
+{
+ /* Order must match transports defined in util.h.
+* man nm: "d
run+0xff/0x1c0
do_exit+0x849/0x24c0
make_task_dead+0xf3/0x110
rewind_stack_and_make_dead+0x16/0x20
[1]:
https://lore.kernel.org/netdev/CAGxU2F5zhfWymY8u0hrKksW8PumXAYz-9_qRmW==92oax1b...@mail.gmail.com/
Suggested-by: Stefano Garzarella
Signed-off-by: Michal Luczaj
---
to
On Wed, May 28, 2025 at 10:44:41PM +0200, Michal Luczaj wrote:
Create a socket and bind() it. If binding failed, gracefully return an
error code while preserving `errno`.
Base vsock_bind() on top of it.
Suggested-by: Stefano Garzarella
Signed-off-by: Michal Luczaj
---
tools/testing/vsock
On Wed, May 28, 2025 at 10:44:42PM +0200, Michal Luczaj wrote:
Return a bitmap of registered vsock transports. As guesstimated by grepping
/proc/kallsyms (CONFIG_KALLSYMS=y) for known symbols of type `struct
virtio_transport`.
Suggested-by: Stefano Garzarella
Signed-off-by: Michal Luczaj
On Wed, May 28, 2025 at 10:58:28AM +0200, Michal Luczaj wrote:
On 5/27/25 10:41, Stefano Garzarella wrote:
On Mon, May 26, 2025 at 10:44:05PM +0200, Michal Luczaj wrote:
On 5/26/25 16:39, Stefano Garzarella wrote:
On Mon, May 26, 2025 at 02:51:18PM +0200, Michal Luczaj wrote:
On 5/26/25 10
On Tue, May 27, 2025 at 05:36:54PM -0700, Bobby Eshleman wrote:
This commit introduces a new vmtest.sh runner for vsock.
It uses virtme-ng/qemu to run tests in a VM. The tests validate G2H,
H2G, and loopback. The testing tools from tools/testing/vsock/ are
reused. Currently, only vsock_test is u
On Tue, May 27, 2025 at 07:30:29AM -0700, Bobby Eshleman wrote:
On Mon, May 26, 2025 at 01:18:18PM +0200, Stefano Garzarella wrote:
On Thu, May 22, 2025 at 09:59:07PM -0700, Bobby Eshleman wrote:
> This commit introduces a new vmtest.sh runner for vsock.
>
> It uses virtme-ng/qemu to
On Mon, May 26, 2025 at 10:44:05PM +0200, Michal Luczaj wrote:
On 5/26/25 16:39, Stefano Garzarella wrote:
On Mon, May 26, 2025 at 02:51:18PM +0200, Michal Luczaj wrote:
On 5/26/25 10:25, Stefano Garzarella wrote:
On Fri, May 23, 2025 at 12:31:16AM +0200, Michal Luczaj wrote:
Increase the
On Mon, May 26, 2025 at 02:51:18PM +0200, Michal Luczaj wrote:
On 5/26/25 10:25, Stefano Garzarella wrote:
On Fri, May 23, 2025 at 12:31:16AM +0200, Michal Luczaj wrote:
Increase the coverage of test for UAF due to socket unbinding, and losing
transport in general. It's a follow up to c
On Mon, 26 May 2025 at 15:50, Konstantin Shkolnyy wrote:
>
> The test outputs:
> "SOCK_STREAM SHUT_RD...expected send(2) failure, got 1".
>
> It tests that shutdown(fd, SHUT_RD) on one side causes send() to fail on
> the other side. However, sometimes there is a delay in delivery of the
> SHUT_RD
On Thu, May 22, 2025 at 09:59:07PM -0700, Bobby Eshleman wrote:
This commit introduces a new vmtest.sh runner for vsock.
It uses virtme-ng/qemu to run tests in a VM. The tests validate G2H,
H2G, and loopback. The testing tools from tools/testing/vsock/ are
reused. Currently, only vsock_test is u
ase+0xaa/0x260
sock_close+0x14/0x20
__fput+0x35a/0xaa0
task_work_run+0xff/0x1c0
do_exit+0x849/0x24c0
make_task_dead+0xf3/0x110
rewind_stack_and_make_dead+0x16/0x20
[1]:
https://lore.kernel.org/netdev/CAGxU2F5zhfWymY8u0hrKksW8PumXAYz-9_qRmW==92oax1b...@mail.gmail.com/
Suggested-by: Stefano Garzarel
On Sun, May 25, 2025 at 11:32:20PM -0500, Konstantin Shkolnyy wrote:
The test outputs:
"SOCK_STREAM SHUT_RD...expected send(2) failure, got 1".
It tests that shutdown(fd, SHUT_RD) on one side causes send() to fail on
the other side. However, sometimes there is a delay in delivery of the
SHUT_RD
On Thu, May 22, 2025 at 01:18:20AM +0200, Michal Luczaj wrote:
Change vsock's lingerning to wait on close() until all data is sent, i.e.
until workers picked all the packets for processing.
Thanks for the series and the patience :-)
LGTM! There should be my R-b for all patches.
Thanks,
Stefan
test to alert on close() lingering when it should not.
Signed-off-by: Michal Luczaj
---
tools/testing/vsock/vsock_test.c | 52
1 file changed, 52 insertions(+)
Reviewed-by: Stefano Garzarella
diff --git a/tools/testing/vsock/vsock_test.c b/tools
+-
3 files changed, 15 insertions(+), 9 deletions(-)
Reviewed-by: Stefano Garzarella
diff --git a/tools/testing/vsock/util.c b/tools/testing/vsock/util.c
index
4427d459e199f643d415dfc13e071f21a2e4d6ba..0c7e9cbcbc85cde9c8764fc3bb623cde2f6c77a6
100644
--- a/tools/testing/vsock/util.c
+++ b
/vsock/util.h | 1 +
tools/testing/vsock/vsock_test.c | 23 ++-
3 files changed, 32 insertions(+), 17 deletions(-)
Reviewed-by: Stefano Garzarella
diff --git a/tools/testing/vsock/util.c b/tools/testing/vsock/util.c
index
de25892f865f07672da0886be8bd1a429ade8b05
On Wed, May 21, 2025 at 12:55:21AM +0200, Michal Luczaj wrote:
Distill the virtio_vsock_sock::bytes_unsent checking loop (ioctl SIOCOUTQ)
and move it to utils. Tweak the comment.
Signed-off-by: Michal Luczaj
---
tools/testing/vsock/util.c | 25 +
tools/testing/vsock
On Wed, May 21, 2025 at 12:55:22AM +0200, Michal Luczaj wrote:
Add a helper function that sets SO_LINGER. Adapt the caller.
Signed-off-by: Michal Luczaj
---
tools/testing/vsock/util.c | 13 +
tools/testing/vsock/util.h | 4
tools/testing/vsock/vsock_test.c | 10 +
On Wed, May 21, 2025 at 12:55:23AM +0200, Michal Luczaj wrote:
There was an issue with SO_LINGER: instead of blocking until all queued
messages for the socket have been successfully sent (or the linger timeout
has been reached), close() would block until packets were handled by the
peer.
Add a t
the
callback being unimplemented. Do not pass sk_lingertime explicitly. Pull
SOCK_LINGER check into vsock_linger().
Flatten the function. Remove the nested block by inverting the condition:
return early on !timeout.
Suggested-by: Stefano Garzarella
Signed-off-by: Michal Luczaj
---
include/net
From: Stefano Garzarella
In `struct virtio_vsock_sock`, we maintain two counters:
- `rx_bytes`: used internally to track how many bytes have been read.
This supports mechanisms like .stream_has_data() and sock_rcvlowat().
- `fwd_cnt`: used for the credit mechanism to inform available receive
1 - 100 of 986 matches
Mail list logo
