On Fri, Apr 03, 2026 at 06:38:09PM +0200, Laurent Vivier wrote:
Currently vu_flush() derives the frame size from the iov, but in preparation for iov arrays that may be larger than the actual frame, pass the total length (including vnet header) explicitly so that only the relevant portion is reported to the virtqueue.
Ensure a minimum frame size of ETH_ZLEN + VNET_HLEN to handle short frames. All elements are still flushed to avoid descriptor leaks, but trailing elements beyond frame_len will report a zero length.
Signed-off-by: Laurent Vivier
Reviewed-by: David Gibson
--- tcp_vu.c | 6 +++--- udp_vu.c | 2 +- vu_common.c | 16 ++++++++++++---- vu_common.h | 2 +- 4 files changed, 17 insertions(+), 9 deletions(-)
diff --git a/tcp_vu.c b/tcp_vu.c index 7b7ea9c789b1..4eba7b8a5190 100644 --- a/tcp_vu.c +++ b/tcp_vu.c @@ -140,7 +140,7 @@ int tcp_vu_send_flag(const struct ctx *c, struct tcp_tap_conn *conn, int flags)
vu_pad(&flags_elem[0].in_sg[0], l2len);
- vu_flush(vdev, vq, flags_elem, 1); + vu_flush(vdev, vq, flags_elem, 1, hdrlen + optlen);
if (*c->pcap) pcap_iov(&flags_elem[0].in_sg[0], 1, VNET_HLEN, l2len); @@ -156,7 +156,7 @@ int tcp_vu_send_flag(const struct ctx *c, struct tcp_tap_conn *conn, int flags) flags_elem[0].in_sg[0].iov_base, flags_elem[0].in_sg[0].iov_len);
- vu_flush(vdev, vq, &flags_elem[1], 1); + vu_flush(vdev, vq, &flags_elem[1], 1, hdrlen + optlen);
if (*c->pcap) { pcap_iov(&flags_elem[1].in_sg[0], 1, VNET_HLEN, @@ -463,7 +463,7 @@ int tcp_vu_data_from_sock(const struct ctx *c, struct tcp_tap_conn *conn) l2len = dlen + hdrlen - VNET_HLEN; vu_pad(iov, l2len);
- vu_flush(vdev, vq, &elem[head[i]], buf_cnt); + vu_flush(vdev, vq, &elem[head[i]], buf_cnt, dlen + hdrlen);
if (*c->pcap) pcap_iov(iov, buf_cnt, VNET_HLEN, l2len); diff --git a/udp_vu.c b/udp_vu.c index 81491afa7e6a..4641f42eb5c4 100644 --- a/udp_vu.c +++ b/udp_vu.c @@ -234,7 +234,7 @@ void udp_vu_sock_to_tap(const struct ctx *c, int s, int n, flow_sidx_t tosidx) pcap_iov(iov_vu, iov_cnt, VNET_HLEN, hdrlen + dlen - VNET_HLEN); } - vu_flush(vdev, vq, elem, elem_used); + vu_flush(vdev, vq, elem, elem_used, hdrlen + dlen); vu_queue_notify(vdev, vq); } } diff --git a/vu_common.c b/vu_common.c index f254cb67ec78..704e908aa02c 100644 --- a/vu_common.c +++ b/vu_common.c @@ -134,18 +134,26 @@ static void vu_set_vnethdr(struct virtio_net_hdr_mrg_rxbuf *vnethdr, * @vq: vhost-user virtqueue * @elem: virtqueue elements array to send back to the virtqueue * @elem_cnt: Length of the array + * @frame_len: Total frame length including vnet header */ void vu_flush(const struct vu_dev *vdev, struct vu_virtq *vq, - struct vu_virtq_element *elem, int elem_cnt) + struct vu_virtq_element *elem, int elem_cnt, size_t frame_len) { + size_t len; int i;
vu_set_vnethdr(elem[0].in_sg[0].iov_base, elem_cnt);
+ len = MAX(ETH_ZLEN + VNET_HLEN, frame_len); for (i = 0; i < elem_cnt; i++) { - size_t elem_size = iov_size(elem[i].in_sg, elem[i].in_num); + size_t elem_size, fill_size;
- vu_queue_fill(vdev, vq, &elem[i], elem_size, i); + elem_size = iov_size(elem[i].in_sg, elem[i].in_num); + fill_size = MIN(elem_size, len); + + vu_queue_fill(vdev, vq, &elem[i], fill_size, i); + + len -= fill_size; }
vu_queue_flush(vdev, vq, elem_cnt); @@ -270,7 +278,7 @@ int vu_send_single(const struct ctx *c, const void *buf, size_t size) if (*c->pcap) pcap_iov(in_sg, in_total, VNET_HLEN, size);
- vu_flush(vdev, vq, elem, elem_cnt); + vu_flush(vdev, vq, elem, elem_cnt, VNET_HLEN + size); vu_queue_notify(vdev, vq);
trace("vhost-user sent %zu", total); diff --git a/vu_common.h b/vu_common.h index 4037ab765b7d..77d1849e6115 100644 --- a/vu_common.h +++ b/vu_common.h @@ -40,7 +40,7 @@ int vu_collect(const struct vu_dev *vdev, struct vu_virtq *vq, struct iovec *in_sg, size_t max_in_sg, size_t *in_total, size_t size, size_t *collected); void vu_flush(const struct vu_dev *vdev, struct vu_virtq *vq, - struct vu_virtq_element *elem, int elem_cnt); + struct vu_virtq_element *elem, int elem_cnt, size_t frame_len); void vu_kick_cb(struct vu_dev *vdev, union epoll_ref ref, const struct timespec *now); int vu_send_single(const struct ctx *c, const void *buf, size_t size); -- 2.53.0
-- David Gibson (he or they) | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you, not the other way | around. http://www.ozlabs.org/~dgibson