From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:43417)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <groug@kaod.org>) id 1c6kSH-0000B0-Gt
	for qemu-devel@nongnu.org; Tue, 15 Nov 2016 15:35:46 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <groug@kaod.org>) id 1c6kSD-0005r7-Hh
	for qemu-devel@nongnu.org; Tue, 15 Nov 2016 15:35:45 -0500
Received: from 8.mo53.mail-out.ovh.net ([87.98.185.57]:51893)
	by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
	(Exim 4.71) (envelope-from <groug@kaod.org>) id 1c6kSD-0005qF-74
	for qemu-devel@nongnu.org; Tue, 15 Nov 2016 15:35:41 -0500
Received: from player158.ha.ovh.net (b7.ovh.net [213.186.33.57])
	by mo53.mail-out.ovh.net (Postfix) with ESMTP id C448643052
	for <qemu-devel@nongnu.org>; Tue, 15 Nov 2016 21:35:39 +0100 (CET)
Date: Tue, 15 Nov 2016 21:35:34 +0100
From: Greg Kurz <groug@kaod.org>
Message-ID: <20161115213534.09a8145d@bahia>
In-Reply-To: <1479237527-11846-27-git-send-email-mst@redhat.com>
References: <1479237527-11846-1-git-send-email-mst@redhat.com>
	<1479237527-11846-27-git-send-email-mst@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PULL v3 26/28] vhost: drop legacy vring layout
 bits
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: "Michael S. Tsirkin" <mst@redhat.com>
Cc: qemu-devel@nongnu.org, Cornelia Huck <cornelia.huck@de.ibm.com>, Peter Maydell <peter.maydell@linaro.org>, qemu-stable@nongnu.org

On Tue, 15 Nov 2016 21:22:31 +0200
"Michael S. Tsirkin" <mst@redhat.com> wrote:

> From: Greg Kurz <groug@kaod.org>
> 
> The legacy vring layout is not used anymore as we use the separate
> mappings even for legacy devices.
> This patch simply removes it.
> 
> This also fixes a bug with virtio 1 devices when the vring descriptor table
> is mapped at a higher address than the used vring because the following
> function may return an insanely great value:
> 
> hwaddr virtio_queue_get_ring_size(VirtIODevice *vdev, int n)
> {
>     return vdev->vq[n].vring.used - vdev->vq[n].vring.desc +
>            virtio_queue_get_used_size(vdev, n);
> }
> 
> and the mapping fails.
> 

Michael,

I see the "vhost: adapt vhost_verify_ring_mappings() to virtio  1 ring layout"
patch got Cc'ed to stable... any reason for not doing the same with this patch
since it fixes the bug which motivated the whole series ?

Cheers.

--
Greg

> Signed-off-by: Greg Kurz <groug@kaod.org>
> Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
> ---
>  include/hw/virtio/vhost.h |  3 ---
>  hw/virtio/vhost.c         | 13 -------------
>  2 files changed, 16 deletions(-)
> 
> diff --git a/include/hw/virtio/vhost.h b/include/hw/virtio/vhost.h
> index 56b567f..1fe5aad 100644
> --- a/include/hw/virtio/vhost.h
> +++ b/include/hw/virtio/vhost.h
> @@ -20,9 +20,6 @@ struct vhost_virtqueue {
>      unsigned avail_size;
>      unsigned long long used_phys;
>      unsigned used_size;
> -    void *ring;
> -    unsigned long long ring_phys;
> -    unsigned ring_size;
>      EventNotifier masked_notifier;
>  };
>  
> diff --git a/hw/virtio/vhost.c b/hw/virtio/vhost.c
> index d88d34a..30aee88 100644
> --- a/hw/virtio/vhost.c
> +++ b/hw/virtio/vhost.c
> @@ -923,14 +923,6 @@ static int vhost_virtqueue_start(struct vhost_dev *dev,
>          goto fail_alloc_used;
>      }
>  
> -    vq->ring_size = s = l = virtio_queue_get_ring_size(vdev, idx);
> -    vq->ring_phys = a = virtio_queue_get_ring_addr(vdev, idx);
> -    vq->ring = cpu_physical_memory_map(a, &l, 1);
> -    if (!vq->ring || l != s) {
> -        r = -ENOMEM;
> -        goto fail_alloc_ring;
> -    }
> -
>      r = vhost_virtqueue_set_addr(dev, vq, vhost_vq_index, dev->log_enabled);
>      if (r < 0) {
>          r = -errno;
> @@ -971,9 +963,6 @@ static int vhost_virtqueue_start(struct vhost_dev *dev,
>  fail_vector:
>  fail_kick:
>  fail_alloc:
> -    cpu_physical_memory_unmap(vq->ring, virtio_queue_get_ring_size(vdev, idx),
> -                              0, 0);
> -fail_alloc_ring:
>      cpu_physical_memory_unmap(vq->used, virtio_queue_get_used_size(vdev, idx),
>                                0, 0);
>  fail_alloc_used:
> @@ -1014,8 +1003,6 @@ static void vhost_virtqueue_stop(struct vhost_dev *dev,
>                                                  vhost_vq_index);
>      }
>  
> -    cpu_physical_memory_unmap(vq->ring, virtio_queue_get_ring_size(vdev, idx),
> -                              0, virtio_queue_get_ring_size(vdev, idx));
>      cpu_physical_memory_unmap(vq->used, virtio_queue_get_used_size(vdev, idx),
>                                1, virtio_queue_get_used_size(vdev, idx));
>      cpu_physical_memory_unmap(vq->avail, virtio_queue_get_avail_size(vdev, idx),