1. Patchew
  2. QEMU
  3. [PATCH 0/2] net: Fix announce_self with vhost
  4. View patch

[PATCH 1/2] net: Fix announce_self

Laurent Vivier posted 2 patches 1 year ago
Maintainers: Jason Wang <jasowang@redhat.com>
[PATCH 1/2] net: Fix announce_self
Posted by Laurent Vivier 1 year ago 
b9ad513e1876 ("net: Remove receive_raw()") adds an iovec entry
in qemu_deliver_packet_iov() to add the virtio-net header
in the data when QEMU_NET_PACKET_FLAG_RAW is set but forgets
to increase the number of iovec entries in the array, so
receive_iov() will only send the first entry (the virtio-net
entry, full of 0) and no data. The packet will be discarded.

The only user of QEMU_NET_PACKET_FLAG_RAW is announce_self.

We can see the problem with tcpdump:

- QEMU parameters:

  .. -monitor stdio \
     -netdev bridge,id=netdev0,br=virbr0 \
     -device virtio-net,mac=9a:2b:2c:2d:2e:2f,netdev=netdev0 \

- HMP command:

  (qemu) announce_self

- TCP dump:

  $ sudo tcpdump -nxi virbr0

  without the fix:

    <nothing>

  with the fix:

   ARP, Reverse Request who-is 9a:2b:2c:2d:2e:2f tell 9a:2b:2c:2d:2e:2f, length 46
        0x0000:  0001 0800 0604 0003 9a2b 2c2d 2e2f 0000
        0x0010:  0000 9a2b 2c2d 2e2f 0000 0000 0000 0000
        0x0020:  0000 0000 0000 0000 0000 0000 0000

Reported-by: Xiaohui Li <xiaohli@redhat.com>
Bug: https://issues.redhat.com/browse/RHEL-73891
Fixes: b9ad513e1876 ("net: Remove receive_raw()")
Cc: akihiko.odaki@daynix.com
Signed-off-by: Laurent Vivier <lvivier@redhat.com>
---
 net/net.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/net/net.c b/net/net.c
index c1bb19a52373..9cded70dde74 100644
--- a/net/net.c
+++ b/net/net.c
@@ -822,6 +822,7 @@ static ssize_t qemu_deliver_packet_iov(NetClientState *sender,
         iov_copy[0].iov_len =  nc->vnet_hdr_len;
         memcpy(&iov_copy[1], iov, iovcnt * sizeof(*iov));
         iov = iov_copy;
+        iovcnt++;
     }
 
     if (nc->info->receive_iov) {
-- 
2.47.1
Re: [PATCH 1/2] net: Fix announce_self
Posted by Jason Wang 1 year ago 
On Fri, Jan 17, 2025 at 7:17 PM Laurent Vivier <lvivier@redhat.com> wrote:
>
> b9ad513e1876 ("net: Remove receive_raw()") adds an iovec entry
> in qemu_deliver_packet_iov() to add the virtio-net header
> in the data when QEMU_NET_PACKET_FLAG_RAW is set but forgets
> to increase the number of iovec entries in the array, so
> receive_iov() will only send the first entry (the virtio-net
> entry, full of 0) and no data. The packet will be discarded.
>
> The only user of QEMU_NET_PACKET_FLAG_RAW is announce_self.
>
> We can see the problem with tcpdump:
>
> - QEMU parameters:
>
>   .. -monitor stdio \
>      -netdev bridge,id=netdev0,br=virbr0 \
>      -device virtio-net,mac=9a:2b:2c:2d:2e:2f,netdev=netdev0 \
>
> - HMP command:
>
>   (qemu) announce_self
>
> - TCP dump:
>
>   $ sudo tcpdump -nxi virbr0
>
>   without the fix:
>
>     <nothing>
>
>   with the fix:
>
>    ARP, Reverse Request who-is 9a:2b:2c:2d:2e:2f tell 9a:2b:2c:2d:2e:2f, length 46
>         0x0000:  0001 0800 0604 0003 9a2b 2c2d 2e2f 0000
>         0x0010:  0000 9a2b 2c2d 2e2f 0000 0000 0000 0000
>         0x0020:  0000 0000 0000 0000 0000 0000 0000
>
> Reported-by: Xiaohui Li <xiaohli@redhat.com>
> Bug: https://issues.redhat.com/browse/RHEL-73891
> Fixes: b9ad513e1876 ("net: Remove receive_raw()")
> Cc: akihiko.odaki@daynix.com
> Signed-off-by: Laurent Vivier <lvivier@redhat.com>
> ---

Acked-by: Jason Wang <jasowang@redhat.com>

Thanks
Re: [PATCH 1/2] net: Fix announce_self
Posted by Akihiko Odaki 1 year ago 
On 2025/01/17 20:17, Laurent Vivier wrote:
> b9ad513e1876 ("net: Remove receive_raw()") adds an iovec entry
> in qemu_deliver_packet_iov() to add the virtio-net header
> in the data when QEMU_NET_PACKET_FLAG_RAW is set but forgets
> to increase the number of iovec entries in the array, so
> receive_iov() will only send the first entry (the virtio-net
> entry, full of 0) and no data. The packet will be discarded.
> 
> The only user of QEMU_NET_PACKET_FLAG_RAW is announce_self.
> 
> We can see the problem with tcpdump:
> 
> - QEMU parameters:
> 
>    .. -monitor stdio \
>       -netdev bridge,id=netdev0,br=virbr0 \
>       -device virtio-net,mac=9a:2b:2c:2d:2e:2f,netdev=netdev0 \
> 
> - HMP command:
> 
>    (qemu) announce_self
> 
> - TCP dump:
> 
>    $ sudo tcpdump -nxi virbr0
> 
>    without the fix:
> 
>      <nothing>
> 
>    with the fix:
> 
>     ARP, Reverse Request who-is 9a:2b:2c:2d:2e:2f tell 9a:2b:2c:2d:2e:2f, length 46
>          0x0000:  0001 0800 0604 0003 9a2b 2c2d 2e2f 0000
>          0x0010:  0000 9a2b 2c2d 2e2f 0000 0000 0000 0000
>          0x0020:  0000 0000 0000 0000 0000 0000 0000
> 
> Reported-by: Xiaohui Li <xiaohli@redhat.com>
> Bug: https://issues.redhat.com/browse/RHEL-73891
> Fixes: b9ad513e1876 ("net: Remove receive_raw()")
> Cc: akihiko.odaki@daynix.com
> Signed-off-by: Laurent Vivier <lvivier@redhat.com>

Thanks for finding out this bug:

Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com>

I believe this should have:

Cc: qemu-stable@nongnu.org

> ---
>   net/net.c | 1 +
>   1 file changed, 1 insertion(+)
> 
> diff --git a/net/net.c b/net/net.c
> index c1bb19a52373..9cded70dde74 100644
> --- a/net/net.c
> +++ b/net/net.c
> @@ -822,6 +822,7 @@ static ssize_t qemu_deliver_packet_iov(NetClientState *sender,
>           iov_copy[0].iov_len =  nc->vnet_hdr_len;
>           memcpy(&iov_copy[1], iov, iovcnt * sizeof(*iov));
>           iov = iov_copy;
> +        iovcnt++;
>       }
>   
>       if (nc->info->receive_iov) {

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.