projects / dragonfly.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 92eb8a6) | patch
if_vtnet - Allocate struct vtnet_tx_header entries from a queue.
authorImre Vadász <imre@vdsz.com>
Mon, 20 Mar 2017 19:16:50 +0000 (20:16 +0100)
committerSascha Wildner <saw@online.de>
Sun, 30 Jul 2017 19:42:40 +0000 (21:42 +0200)
commit211ee88e094b99dcf6360eb1d356ccdb438d2daf
treeb2189175fe24aaebb609edfbebb468f96a4415eftree | snapshot
parent92eb8a6b114f0d20a11d6cb3de5457f6caebfc2ccommit | diff
if_vtnet - Allocate struct vtnet_tx_header entries from a queue.

* The existing code was sequentially allocating from an array of
  struct vtnet_tx_header, using an appropriately sized area.
  But this scheme turns out to be a very bad idea when we get out-of-order
  completions in the virtqueue.

* Instead allocate struct vtnet_tx_header entries from an SLIST.

* This should avoid crashes from memory-corruption or use-after-free in
  if_vtnet(9), when running in KVM on Linux, using Linux's vhost-net
  in-kernel virtqueue accelerator.
sys/dev/virtual/virtio/net/if_vtnet.c diff | blob | blame | history
sys/dev/virtual/virtio/net/if_vtnetvar.h diff | blob | blame | history
DragonFly Project Source