Thread (8 messages) 8 messages, 4 authors, 2021-01-28

RE: [PATCH] xen-blkback: fix compatibility bug with single page rings

From: Paul Durrant <hidden>
Date: 2021-01-27 11:12:25
Also in: lkml, xen-devel

-----Original Message-----
From: Jan Beulich <redacted>
Sent: 27 January 2021 10:57
To: Paul Durrant <paul@xen.org>
Cc: Paul Durrant <redacted>; Konrad Rzeszutek Wilk <redacted>; Roger Pau
Monné [off-list ref]; Jens Axboe [off-list ref]; Dongli Zhang [off-list ref];
linux-kernel@vger.kernel.org; linux-block@vger.kernel.org; xen-devel@lists.xenproject.org
Subject: Re: [PATCH] xen-blkback: fix compatibility bug with single page rings

On 27.01.2021 11:30, Paul Durrant wrote:
quoted
From: Paul Durrant <redacted>

Prior to commit 4a8c31a1c6f5 ("xen/blkback: rework connect_ring() to avoid
inconsistent xenstore 'ring-page-order' set by malicious blkfront"), the
behaviour of xen-blkback when connecting to a frontend was:

- read 'ring-page-order'
- if not present then expect a single page ring specified by 'ring-ref'
- else expect a ring specified by 'ring-refX' where X is between 0 and
  1 << ring-page-order

This was correct behaviour, but was broken by the afforementioned commit to
become:

- read 'ring-page-order'
- if not present then expect a single page ring
- expect a ring specified by 'ring-refX' where X is between 0 and
  1 << ring-page-order
- if that didn't work then see if there's a single page ring specified by
  'ring-ref'

This incorrect behaviour works most of the time but fails when a frontend
that sets 'ring-page-order' is unloaded and replaced by one that does not
because, instead of reading 'ring-ref', xen-blkback will read the stale
'ring-ref0' left around by the previous frontend will try to map the wrong
grant reference.

This patch restores the original behaviour.
Isn't this only the 2nd of a pair of fixes that's needed, the
first being the drivers, upon being unloaded, to fully clean up
after itself? Any stale key left may lead to confusion upon
re-use of the containing directory.
In a backend we shouldn't be relying on, nor really expect IMO, a frontend to clean up after itself. Any backend should know *exactly* what xenstore nodes it’s looking for from a frontend.

  Paul
Jan
  
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help