On 2024/1/6 0:06, Alexander H Duyck wrote:
>>  
>>  static void handle_tx_copy(struct vhost_net *net, struct socket *sock)
>> @@ -1353,8 +1318,7 @@ static int vhost_net_open(struct inode *inode, struct 
>> file *f)
>>                      vqs[VHOST_NET_VQ_RX]);
>>  
>>      f->private_data = n;
>> -    n->page_frag.page = NULL;
>> -    n->refcnt_bias = 0;
>> +    n->pf_cache.va = NULL;
>>  
>>      return 0;
>>  }
>> @@ -1422,8 +1386,9 @@ static int vhost_net_release(struct inode *inode, 
>> struct file *f)
>>      kfree(n->vqs[VHOST_NET_VQ_RX].rxq.queue);
>>      kfree(n->vqs[VHOST_NET_VQ_TX].xdp);
>>      kfree(n->dev.vqs);
>> -    if (n->page_frag.page)
>> -            __page_frag_cache_drain(n->page_frag.page, n->refcnt_bias);
>> +    if (n->pf_cache.va)
>> +            __page_frag_cache_drain(virt_to_head_page(n->pf_cache.va),
>> +                                    n->pf_cache.pagecnt_bias);
>>      kvfree(n);
>>      return 0;
>>  }
> 
> I would recommend reordering this patch with patch 5. Then you could
> remove the block that is setting "n->pf_cache.va = NULL" above and just
> make use of page_frag_cache_drain in the lower block which would also
> return the va to NULL.

I am not sure if we can as there is no zeroing for 'struct vhost_net' in
vhost_net_open().

If we don't have "n->pf_cache.va = NULL", don't we use the uninitialized data
when calling page_frag_alloc_align() for the first time?

> .
> 

Reply via email to