vhost: fix external message handlers
Checks
Commit Message
Following a rework, external message handlers were receiving a pointer
to a vhost_user message (as stated in the API), but lost the ability to
interact with fds attached to the message.
Restore the original layout and put a build check and reminders.
Bugzilla ID: 953
Fixes: 5e0099dc709e ("vhost: remove payload size limitation")
Signed-off-by: David Marchand <david.marchand@redhat.com>
---
This patch is untested, but sending quickly to get feedback from the
reporter and comments from author and maintainers.
---
lib/vhost/vhost_user.c | 8 ++++----
lib/vhost/vhost_user.h | 7 +++++--
2 files changed, 9 insertions(+), 6 deletions(-)
Comments
Hi,
On 3/7/22 19:11, David Marchand wrote:
> Following a rework, external message handlers were receiving a pointer
> to a vhost_user message (as stated in the API), but lost the ability to
> interact with fds attached to the message.
> Restore the original layout and put a build check and reminders.
>
> Bugzilla ID: 953
> Fixes: 5e0099dc709e ("vhost: remove payload size limitation")
>
> Signed-off-by: David Marchand <david.marchand@redhat.com>
> ---
> This patch is untested, but sending quickly to get feedback from the
> reporter and comments from author and maintainers.
>
>
> ---
> lib/vhost/vhost_user.c | 8 ++++----
> lib/vhost/vhost_user.h | 7 +++++--
> 2 files changed, 9 insertions(+), 6 deletions(-)
>
> diff --git a/lib/vhost/vhost_user.c b/lib/vhost/vhost_user.c
> index 723c6890c3..589b950458 100644
> --- a/lib/vhost/vhost_user.c
> +++ b/lib/vhost/vhost_user.c
> @@ -3023,8 +3023,8 @@ vhost_user_msg_handler(int vid, int fd)
>
> handled = false;
> if (dev->extern_ops.pre_msg_handle) {
> - ret = (*dev->extern_ops.pre_msg_handle)(dev->vid,
> - (void *)&ctx.msg);
> + RTE_BUILD_BUG_ON(offsetof(struct vhu_msg_context, msg) != 0);
> + ret = (*dev->extern_ops.pre_msg_handle)(dev->vid, &ctx);
> switch (ret) {
> case RTE_VHOST_MSG_RESULT_REPLY:
> send_vhost_reply(dev, fd, &ctx);
> @@ -3069,8 +3069,8 @@ vhost_user_msg_handler(int vid, int fd)
> skip_to_post_handle:
> if (ret != RTE_VHOST_MSG_RESULT_ERR &&
> dev->extern_ops.post_msg_handle) {
> - ret = (*dev->extern_ops.post_msg_handle)(dev->vid,
> - (void *)&ctx.msg);
> + RTE_BUILD_BUG_ON(offsetof(struct vhu_msg_context, msg) != 0);
> + ret = (*dev->extern_ops.post_msg_handle)(dev->vid, &ctx);
> switch (ret) {
> case RTE_VHOST_MSG_RESULT_REPLY:
> send_vhost_reply(dev, fd, &ctx);
> diff --git a/lib/vhost/vhost_user.h b/lib/vhost/vhost_user.h
> index be53669f3b..555f89c97a 100644
> --- a/lib/vhost/vhost_user.h
> +++ b/lib/vhost/vhost_user.h
> @@ -152,10 +152,13 @@ typedef struct VhostUserMsg {
> /* Nothing should be added after the payload */
> } __rte_packed VhostUserMsg;
>
> -struct vhu_msg_context {
> +/* Note: this structure and VhostUserMsg can't be changed carelessly as
> + * external message handlers rely on them.
> + */
> +__rte_packed struct vhu_msg_context {
> + VhostUserMsg msg;
> int fds[VHOST_MEMORY_MAX_NREGIONS];
> int fd_num;
> - VhostUserMsg msg;
> };
>
> #define VHOST_USER_HDR_SIZE offsetof(VhostUserMsg, payload.u64)
We should revisit the callbacks prototype when we'll be allowed to break
API, passing the message pointer as void * is definitely not a good
idea.
In the mean time, I agree with your fix:
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
We may also add Reported-by tag when applying.
Thanks!
Maxime
On Tue, Mar 8, 2022 at 9:34 AM Maxime Coquelin
<maxime.coquelin@redhat.com> wrote:
> On 3/7/22 19:11, David Marchand wrote:
> > Following a rework, external message handlers were receiving a pointer
> > to a vhost_user message (as stated in the API), but lost the ability to
> > interact with fds attached to the message.
> > Restore the original layout and put a build check and reminders.
> >
> > Bugzilla ID: 953
> > Fixes: 5e0099dc709e ("vhost: remove payload size limitation")
> >
> > Signed-off-by: David Marchand <david.marchand@redhat.com>
> > ---
> > This patch is untested, but sending quickly to get feedback from the
> > reporter and comments from author and maintainers.
> >
> >
> > ---
> > lib/vhost/vhost_user.c | 8 ++++----
> > lib/vhost/vhost_user.h | 7 +++++--
> > 2 files changed, 9 insertions(+), 6 deletions(-)
> >
> > diff --git a/lib/vhost/vhost_user.c b/lib/vhost/vhost_user.c
> > index 723c6890c3..589b950458 100644
> > --- a/lib/vhost/vhost_user.c
> > +++ b/lib/vhost/vhost_user.c
> > @@ -3023,8 +3023,8 @@ vhost_user_msg_handler(int vid, int fd)
> >
> > handled = false;
> > if (dev->extern_ops.pre_msg_handle) {
> > - ret = (*dev->extern_ops.pre_msg_handle)(dev->vid,
> > - (void *)&ctx.msg);
> > + RTE_BUILD_BUG_ON(offsetof(struct vhu_msg_context, msg) != 0);
> > + ret = (*dev->extern_ops.pre_msg_handle)(dev->vid, &ctx);
> > switch (ret) {
> > case RTE_VHOST_MSG_RESULT_REPLY:
> > send_vhost_reply(dev, fd, &ctx);
> > @@ -3069,8 +3069,8 @@ vhost_user_msg_handler(int vid, int fd)
> > skip_to_post_handle:
> > if (ret != RTE_VHOST_MSG_RESULT_ERR &&
> > dev->extern_ops.post_msg_handle) {
> > - ret = (*dev->extern_ops.post_msg_handle)(dev->vid,
> > - (void *)&ctx.msg);
> > + RTE_BUILD_BUG_ON(offsetof(struct vhu_msg_context, msg) != 0);
> > + ret = (*dev->extern_ops.post_msg_handle)(dev->vid, &ctx);
> > switch (ret) {
> > case RTE_VHOST_MSG_RESULT_REPLY:
> > send_vhost_reply(dev, fd, &ctx);
> > diff --git a/lib/vhost/vhost_user.h b/lib/vhost/vhost_user.h
> > index be53669f3b..555f89c97a 100644
> > --- a/lib/vhost/vhost_user.h
> > +++ b/lib/vhost/vhost_user.h
> > @@ -152,10 +152,13 @@ typedef struct VhostUserMsg {
> > /* Nothing should be added after the payload */
> > } __rte_packed VhostUserMsg;
> >
> > -struct vhu_msg_context {
> > +/* Note: this structure and VhostUserMsg can't be changed carelessly as
> > + * external message handlers rely on them.
> > + */
> > +__rte_packed struct vhu_msg_context {
> > + VhostUserMsg msg;
> > int fds[VHOST_MEMORY_MAX_NREGIONS];
> > int fd_num;
> > - VhostUserMsg msg;
> > };
> >
> > #define VHOST_USER_HDR_SIZE offsetof(VhostUserMsg, payload.u64)
>
> We should revisit the callbacks prototype when we'll be allowed to break
> API, passing the message pointer as void * is definitely not a good
> idea.
Indeed.
>
> In the mean time, I agree with your fix:
>
> Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
>
> We may also add Reported-by tag when applying.
There is an issue with clang, I'll send a v2.
On 3/8/22 09:37, David Marchand wrote:
> On Tue, Mar 8, 2022 at 9:34 AM Maxime Coquelin
> <maxime.coquelin@redhat.com> wrote:
>> On 3/7/22 19:11, David Marchand wrote:
>>> Following a rework, external message handlers were receiving a pointer
>>> to a vhost_user message (as stated in the API), but lost the ability to
>>> interact with fds attached to the message.
>>> Restore the original layout and put a build check and reminders.
>>>
>>> Bugzilla ID: 953
>>> Fixes: 5e0099dc709e ("vhost: remove payload size limitation")
>>>
>>> Signed-off-by: David Marchand <david.marchand@redhat.com>
>>> ---
>>> This patch is untested, but sending quickly to get feedback from the
>>> reporter and comments from author and maintainers.
>>>
>>>
>>> ---
>>> lib/vhost/vhost_user.c | 8 ++++----
>>> lib/vhost/vhost_user.h | 7 +++++--
>>> 2 files changed, 9 insertions(+), 6 deletions(-)
>>>
>>> diff --git a/lib/vhost/vhost_user.c b/lib/vhost/vhost_user.c
>>> index 723c6890c3..589b950458 100644
>>> --- a/lib/vhost/vhost_user.c
>>> +++ b/lib/vhost/vhost_user.c
>>> @@ -3023,8 +3023,8 @@ vhost_user_msg_handler(int vid, int fd)
>>>
>>> handled = false;
>>> if (dev->extern_ops.pre_msg_handle) {
>>> - ret = (*dev->extern_ops.pre_msg_handle)(dev->vid,
>>> - (void *)&ctx.msg);
>>> + RTE_BUILD_BUG_ON(offsetof(struct vhu_msg_context, msg) != 0);
>>> + ret = (*dev->extern_ops.pre_msg_handle)(dev->vid, &ctx);
>>> switch (ret) {
>>> case RTE_VHOST_MSG_RESULT_REPLY:
>>> send_vhost_reply(dev, fd, &ctx);
>>> @@ -3069,8 +3069,8 @@ vhost_user_msg_handler(int vid, int fd)
>>> skip_to_post_handle:
>>> if (ret != RTE_VHOST_MSG_RESULT_ERR &&
>>> dev->extern_ops.post_msg_handle) {
>>> - ret = (*dev->extern_ops.post_msg_handle)(dev->vid,
>>> - (void *)&ctx.msg);
>>> + RTE_BUILD_BUG_ON(offsetof(struct vhu_msg_context, msg) != 0);
>>> + ret = (*dev->extern_ops.post_msg_handle)(dev->vid, &ctx);
>>> switch (ret) {
>>> case RTE_VHOST_MSG_RESULT_REPLY:
>>> send_vhost_reply(dev, fd, &ctx);
>>> diff --git a/lib/vhost/vhost_user.h b/lib/vhost/vhost_user.h
>>> index be53669f3b..555f89c97a 100644
>>> --- a/lib/vhost/vhost_user.h
>>> +++ b/lib/vhost/vhost_user.h
>>> @@ -152,10 +152,13 @@ typedef struct VhostUserMsg {
>>> /* Nothing should be added after the payload */
>>> } __rte_packed VhostUserMsg;
>>>
>>> -struct vhu_msg_context {
>>> +/* Note: this structure and VhostUserMsg can't be changed carelessly as
>>> + * external message handlers rely on them.
>>> + */
>>> +__rte_packed struct vhu_msg_context {
>>> + VhostUserMsg msg;
>>> int fds[VHOST_MEMORY_MAX_NREGIONS];
>>> int fd_num;
>>> - VhostUserMsg msg;
>>> };
>>>
>>> #define VHOST_USER_HDR_SIZE offsetof(VhostUserMsg, payload.u64)
>>
>> We should revisit the callbacks prototype when we'll be allowed to break
>> API, passing the message pointer as void * is definitely not a good
>> idea.
>
> Indeed.
>
>>
>> In the mean time, I agree with your fix:
>>
>> Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
>>
>> We may also add Reported-by tag when applying.
>
> There is an issue with clang, I'll send a v2.
>
Ok.
Fan, can you have a try and confirm it fixes the issue on your side?
Thanks,
Maxime
@@ -3023,8 +3023,8 @@ vhost_user_msg_handler(int vid, int fd)
handled = false;
if (dev->extern_ops.pre_msg_handle) {
- ret = (*dev->extern_ops.pre_msg_handle)(dev->vid,
- (void *)&ctx.msg);
+ RTE_BUILD_BUG_ON(offsetof(struct vhu_msg_context, msg) != 0);
+ ret = (*dev->extern_ops.pre_msg_handle)(dev->vid, &ctx);
switch (ret) {
case RTE_VHOST_MSG_RESULT_REPLY:
send_vhost_reply(dev, fd, &ctx);
@@ -3069,8 +3069,8 @@ vhost_user_msg_handler(int vid, int fd)
skip_to_post_handle:
if (ret != RTE_VHOST_MSG_RESULT_ERR &&
dev->extern_ops.post_msg_handle) {
- ret = (*dev->extern_ops.post_msg_handle)(dev->vid,
- (void *)&ctx.msg);
+ RTE_BUILD_BUG_ON(offsetof(struct vhu_msg_context, msg) != 0);
+ ret = (*dev->extern_ops.post_msg_handle)(dev->vid, &ctx);
switch (ret) {
case RTE_VHOST_MSG_RESULT_REPLY:
send_vhost_reply(dev, fd, &ctx);
@@ -152,10 +152,13 @@ typedef struct VhostUserMsg {
/* Nothing should be added after the payload */
} __rte_packed VhostUserMsg;
-struct vhu_msg_context {
+/* Note: this structure and VhostUserMsg can't be changed carelessly as
+ * external message handlers rely on them.
+ */
+__rte_packed struct vhu_msg_context {
+ VhostUserMsg msg;
int fds[VHOST_MEMORY_MAX_NREGIONS];
int fd_num;
- VhostUserMsg msg;
};
#define VHOST_USER_HDR_SIZE offsetof(VhostUserMsg, payload.u64)