From: Tiwei Bie <tiwei.bie@intel.com>
To: Xiao Wang <xiao.w.wang@intel.com>
Cc: maxime.coquelin@redhat.com, dev@dpdk.org, zhihong.wang@intel.com,
xiaolong.ye@intel.com
Subject: Re: [PATCH 2/9] vhost: provide helpers for virtio ring relay
Date: Tue, 4 Dec 2018 14:22:41 +0800 [thread overview]
Message-ID: <20181204062241.GA19852@btwcube1> (raw)
In-Reply-To: <20181128094607.106173-3-xiao.w.wang@intel.com>
On Wed, Nov 28, 2018 at 05:46:00PM +0800, Xiao Wang wrote:
[...]
> +
> +/**
> + * @warning
> + * @b EXPERIMENTAL: this API may change without prior notice
> + *
> + * Synchronize the available ring from guest to mediate ring, help to
> + * check desc validity to protect against malicious guest driver.
> + *
> + * @param vid
> + * vhost device id
> + * @param qid
> + * vhost queue id
> + * @param m_vring
> + * mediate virtio ring pointer
> + * @return
> + * number of synced available entries on success, -1 on failure
> + */
> +int __rte_experimental
> +rte_vdpa_relay_avail_ring(int vid, int qid, struct vring *m_vring);
> +
> +/**
> + * @warning
> + * @b EXPERIMENTAL: this API may change without prior notice
> + *
> + * Synchronize the used ring from mediate ring to guest, log dirty
> + * page for each Rx buffer used.
> + *
> + * @param vid
> + * vhost device id
> + * @param qid
> + * vhost queue id
> + * @param m_vring
> + * mediate virtio ring pointer
> + * @return
> + * number of synced used entries on success, -1 on failure
> + */
> +int __rte_experimental
> +rte_vdpa_relay_used_ring(int vid, int qid, struct vring *m_vring);
Above APIs are split ring specific. We also need to take
packed ring into consideration.
> #endif /* _RTE_VDPA_H_ */
[...]
> diff --git a/lib/librte_vhost/vdpa.c b/lib/librte_vhost/vdpa.c
> index e7d849ee0..e41117776 100644
> --- a/lib/librte_vhost/vdpa.c
> +++ b/lib/librte_vhost/vdpa.c
> @@ -122,3 +122,176 @@ rte_vdpa_get_device_num(void)
> {
> return vdpa_device_num;
> }
> +
> +static int
> +invalid_desc_check(struct virtio_net *dev, struct vhost_virtqueue *vq,
> + uint64_t desc_iova, uint64_t desc_len, uint8_t perm)
> +{
> + uint64_t desc_addr, desc_chunck_len;
> +
> + while (desc_len) {
> + desc_chunck_len = desc_len;
> + desc_addr = vhost_iova_to_vva(dev, vq,
> + desc_iova,
> + &desc_chunck_len,
> + perm);
> +
> + if (!desc_addr)
> + return -1;
> +
> + desc_len -= desc_chunck_len;
> + desc_iova += desc_chunck_len;
> + }
> +
> + return 0;
> +}
> +
> +int
> +rte_vdpa_relay_avail_ring(int vid, int qid, struct vring *m_vring)
> +{
> + struct virtio_net *dev = get_device(vid);
> + uint16_t idx, idx_m, desc_id;
> + struct vring_desc desc;
> + struct vhost_virtqueue *vq;
> + struct vring_desc *desc_ring;
> + struct vring_desc *idesc = NULL;
> + uint64_t dlen;
> + int ret;
> +
> + if (!dev)
> + return -1;
> +
> + vq = dev->virtqueue[qid];
Better to also validate qid.
> + idx = vq->avail->idx;
> + idx_m = m_vring->avail->idx;
> + ret = idx - idx_m;
Need to cast (idx - idx_m) to uint16_t.
> +
> + while (idx_m != idx) {
> + /* avail entry copy */
> + desc_id = vq->avail->ring[idx_m % vq->size];
idx_m & (vq->size - 1) should be faster.
> + m_vring->avail->ring[idx_m % vq->size] = desc_id;
> + desc_ring = vq->desc;
> +
> + if (vq->desc[desc_id].flags & VRING_DESC_F_INDIRECT) {
> + dlen = vq->desc[desc_id].len;
> + desc_ring = (struct vring_desc *)(uintptr_t)
> + vhost_iova_to_vva(dev, vq, vq->desc[desc_id].addr,
The indent needs to be fixed.
> + &dlen,
> + VHOST_ACCESS_RO);
> + if (unlikely(!desc_ring))
> + return -1;
> +
> + if (unlikely(dlen < vq->desc[idx].len)) {
> + idesc = alloc_copy_ind_table(dev, vq,
> + vq->desc[idx].addr, vq->desc[idx].len);
> + if (unlikely(!idesc))
> + return -1;
> +
> + desc_ring = idesc;
> + }
> +
> + desc_id = 0;
> + }
> +
> + /* check if the buf addr is within the guest memory */
> + do {
> + desc = desc_ring[desc_id];
> + if (invalid_desc_check(dev, vq, desc.addr, desc.len,
> + VHOST_ACCESS_RW))
Should check with < 0, otherwise should return bool.
We may just have RO access.
> + return -1;
The memory allocated for idesc if any will leak in this case.
> + desc_id = desc.next;
> + } while (desc.flags & VRING_DESC_F_NEXT);
> +
> + if (unlikely(!!idesc)) {
The !! isn't needed.
> + free_ind_table(idesc);
> + idesc = NULL;
> + }
> +
> + idx_m++;
> + }
> +
Barrier is needed here.
> + m_vring->avail->idx = idx;
> +
> + if (dev->features & (1ULL << VIRTIO_RING_F_EVENT_IDX))
> + vhost_avail_event(vq) = vq->avail->idx;
Need to use idx instead of vq->avail->idx which may
have already been changed by driver.
> +
> + return ret;
> +}
> +
> +int
> +rte_vdpa_relay_used_ring(int vid, int qid, struct vring *m_vring)
> +{
> + struct virtio_net *dev = get_device(vid);
> + uint16_t idx, idx_m, desc_id;
> + struct vhost_virtqueue *vq;
> + struct vring_desc desc;
> + struct vring_desc *desc_ring;
> + struct vring_desc *idesc = NULL;
> + uint64_t dlen;
> + int ret;
> +
> + if (!dev)
> + return -1;
> +
> + vq = dev->virtqueue[qid];
Better to also validate qid.
> + idx = vq->used->idx;
> + idx_m = m_vring->used->idx;
> + ret = idx_m - idx;
Need to cast (idx_m - idx) to uint16_t.
> +
> + while (idx != idx_m) {
> + /* copy used entry, used ring logging is not covered here */
The used ring logging has been covered here by the following call
to vhost_log_used_vring() after used ring is changed.
> + vq->used->ring[idx % vq->size] =
idx & (vq->size - 1) should be faster.
> + m_vring->used->ring[idx % vq->size];
> +
> + /* dirty page logging for used ring */
> + vhost_log_used_vring(dev, vq,
> + offsetof(struct vring_used, ring[idx % vq->size]),
> + sizeof(struct vring_used_elem));
> +
> + desc_id = vq->used->ring[idx % vq->size].id;
> + desc_ring = vq->desc;
> +
> + if (vq->desc[desc_id].flags & VRING_DESC_F_INDIRECT) {
> + dlen = vq->desc[desc_id].len;
> + desc_ring = (struct vring_desc *)(uintptr_t)
> + vhost_iova_to_vva(dev, vq, vq->desc[desc_id].addr,
The indent needs to be fixed.
> + &dlen,
> + VHOST_ACCESS_RO);
> + if (unlikely(!desc_ring))
> + return -1;
> +
> + if (unlikely(dlen < vq->desc[idx].len)) {
> + idesc = alloc_copy_ind_table(dev, vq,
> + vq->desc[idx].addr, vq->desc[idx].len);
> + if (unlikely(!idesc))
> + return -1;
> +
> + desc_ring = idesc;
> + }
> +
> + desc_id = 0;
> + }
> +
> + /* dirty page logging for Rx buffer */
Rx is for net, this API isn't net specific.
> + do {
> + desc = desc_ring[desc_id];
> + if (desc.flags & VRING_DESC_F_WRITE)
> + vhost_log_write(dev, desc.addr, desc.len);
> + desc_id = desc.next;
> + } while (desc.flags & VRING_DESC_F_NEXT);
> +
> + if (unlikely(!!idesc)) {
The !! isn't needed.
> + free_ind_table(idesc);
> + idesc = NULL;
> + }
> +
> + idx++;
> + }
> +
Barrier is needed here.
> + vq->used->idx = idx_m;
> +
> + if (dev->features & (1ULL << VIRTIO_RING_F_EVENT_IDX))
> + vring_used_event(m_vring) = m_vring->used->idx;
> +
> + return ret;
> +}
[...]
next prev parent reply other threads:[~2018-12-04 6:24 UTC|newest]
Thread overview: 86+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-28 9:45 [PATCH 0/9] support SW assisted VDPA live migration Xiao Wang
2018-11-28 9:45 ` [PATCH 1/9] vhost: provide helper for host notifier ctrl Xiao Wang
2018-11-28 9:46 ` [PATCH 2/9] vhost: provide helpers for virtio ring relay Xiao Wang
2018-12-04 6:22 ` Tiwei Bie [this message]
2018-12-12 6:51 ` Wang, Xiao W
2018-12-13 1:10 ` [PATCH v2 0/9] support SW assisted VDPA live migration Xiao Wang
2018-12-13 1:10 ` [PATCH v2 1/9] vhost: provide helper for host notifier ctrl Xiao Wang
2018-12-13 1:10 ` [PATCH v2 2/9] vhost: provide helpers for virtio ring relay Xiao Wang
2018-12-13 10:09 ` [PATCH v3 0/9] support SW assisted VDPA live migration Xiao Wang
2018-12-13 10:09 ` [PATCH v3 1/9] vhost: provide helper for host notifier ctrl Xiao Wang
2018-12-14 13:33 ` Maxime Coquelin
2018-12-14 19:05 ` Wang, Xiao W
2018-12-14 21:16 ` [PATCH v4 00/10] support SW assisted VDPA live migration Xiao Wang
2018-12-14 21:16 ` [PATCH v4 01/10] vhost: remove unused internal API Xiao Wang
2018-12-16 8:58 ` Maxime Coquelin
2018-12-14 21:16 ` [PATCH v4 02/10] vhost: provide helper for host notifier ctrl Xiao Wang
2018-12-16 9:00 ` Maxime Coquelin
2018-12-14 21:16 ` [PATCH v4 03/10] vhost: provide helpers for virtio ring relay Xiao Wang
2018-12-16 9:10 ` Maxime Coquelin
2018-12-17 8:51 ` Wang, Xiao W
2018-12-17 11:02 ` Maxime Coquelin
2018-12-17 14:41 ` Wang, Xiao W
2018-12-17 19:00 ` Maxime Coquelin
2018-12-18 8:27 ` Wang, Xiao W
2018-12-18 8:44 ` Thomas Monjalon
2018-12-18 8:01 ` [PATCH v5 00/10] support SW assisted VDPA live migration Xiao Wang
2018-12-18 8:01 ` [PATCH v5 01/10] vhost: remove unused internal API Xiao Wang
2018-12-18 8:01 ` [PATCH v5 02/10] vhost: provide helper for host notifier ctrl Xiao Wang
2018-12-18 15:37 ` Ferruh Yigit
2018-12-18 8:02 ` [PATCH v5 03/10] vhost: provide helpers for virtio ring relay Xiao Wang
2018-12-18 8:02 ` [PATCH v5 04/10] net/ifc: dump debug message for error Xiao Wang
2018-12-18 8:02 ` [PATCH v5 05/10] net/ifc: store only registered device instance Xiao Wang
2018-12-18 8:02 ` [PATCH v5 06/10] net/ifc: detect if VDPA mode is specified Xiao Wang
2018-12-18 8:02 ` [PATCH v5 07/10] net/ifc: add devarg for LM mode Xiao Wang
2018-12-18 11:23 ` Maxime Coquelin
2018-12-18 8:02 ` [PATCH v5 08/10] net/ifc: use lib API for used ring logging Xiao Wang
2018-12-18 8:02 ` [PATCH v5 09/10] net/ifc: support SW assisted VDPA live migration Xiao Wang
2018-12-18 11:33 ` Maxime Coquelin
2018-12-18 8:02 ` [PATCH v5 10/10] doc: update ifc NIC document Xiao Wang
2018-12-18 11:35 ` Maxime Coquelin
2018-12-14 21:16 ` [PATCH v4 04/10] net/ifc: dump debug message for error Xiao Wang
2018-12-16 9:11 ` Maxime Coquelin
2018-12-14 21:16 ` [PATCH v4 05/10] net/ifc: store only registered device instance Xiao Wang
2018-12-16 9:12 ` Maxime Coquelin
2018-12-14 21:16 ` [PATCH v4 06/10] net/ifc: detect if VDPA mode is specified Xiao Wang
2018-12-16 9:17 ` Maxime Coquelin
2018-12-17 8:54 ` Wang, Xiao W
2018-12-14 21:16 ` [PATCH v4 07/10] net/ifc: add devarg for LM mode Xiao Wang
2018-12-16 9:21 ` Maxime Coquelin
2018-12-17 9:00 ` Wang, Xiao W
2018-12-14 21:16 ` [PATCH v4 08/10] net/ifc: use lib API for used ring logging Xiao Wang
2018-12-16 9:24 ` Maxime Coquelin
2018-12-14 21:16 ` [PATCH v4 09/10] net/ifc: support SW assisted VDPA live migration Xiao Wang
2018-12-16 9:35 ` Maxime Coquelin
2018-12-17 9:12 ` Wang, Xiao W
2018-12-17 11:08 ` Maxime Coquelin
2018-12-14 21:16 ` [PATCH v4 10/10] doc: update ifc NIC document Xiao Wang
2018-12-16 9:36 ` Maxime Coquelin
2018-12-17 9:15 ` Wang, Xiao W
2018-12-18 14:01 ` [PATCH v4 00/10] support SW assisted VDPA live migration Maxime Coquelin
2018-12-13 10:09 ` [PATCH v3 2/9] vhost: provide helpers for virtio ring relay Xiao Wang
2018-12-13 10:09 ` [PATCH v3 3/9] net/ifc: dump debug message for error Xiao Wang
2018-12-13 10:09 ` [PATCH v3 4/9] net/ifc: store only registered device instance Xiao Wang
2018-12-13 10:09 ` [PATCH v3 5/9] net/ifc: detect if VDPA mode is specified Xiao Wang
2018-12-13 10:09 ` [PATCH v3 6/9] net/ifc: add devarg for LM mode Xiao Wang
2018-12-13 10:09 ` [PATCH v3 7/9] net/ifc: use lib API for used ring logging Xiao Wang
2018-12-13 10:09 ` [PATCH v3 8/9] net/ifc: support SW assisted VDPA live migration Xiao Wang
2018-12-13 10:09 ` [PATCH v3 9/9] doc: update ifc NIC document Xiao Wang
2018-12-13 1:10 ` [PATCH v2 3/9] net/ifc: dump debug message for error Xiao Wang
2018-12-13 1:10 ` [PATCH v2 4/9] net/ifc: store only registered device instance Xiao Wang
2018-12-13 1:10 ` [PATCH v2 5/9] net/ifc: detect if VDPA mode is specified Xiao Wang
2018-12-13 1:10 ` [PATCH v2 6/9] net/ifc: add devarg for LM mode Xiao Wang
2018-12-13 1:10 ` [PATCH v2 7/9] net/ifc: use lib API for used ring logging Xiao Wang
2018-12-13 1:10 ` [PATCH v2 8/9] net/ifc: support SW assisted VDPA live migration Xiao Wang
2018-12-13 1:10 ` [PATCH v2 9/9] doc: update ifc NIC document Xiao Wang
2018-11-28 9:46 ` [PATCH 3/9] net/ifc: dump debug message for error Xiao Wang
2018-11-28 9:46 ` [PATCH 4/9] net/ifc: store only registered device instance Xiao Wang
2018-11-28 9:46 ` [PATCH 5/9] net/ifc: detect if VDPA mode is specified Xiao Wang
2018-11-28 9:46 ` [PATCH 6/9] net/ifc: add devarg for LM mode Xiao Wang
2018-12-04 6:31 ` Tiwei Bie
2018-12-12 6:53 ` Wang, Xiao W
2018-12-12 10:15 ` Alejandro Lucero
2018-12-12 10:23 ` Wang, Xiao W
2018-11-28 9:46 ` [PATCH 7/9] net/ifc: use lib API for used ring logging Xiao Wang
2018-11-28 9:46 ` [PATCH 8/9] net/ifc: support SW assisted VDPA live migration Xiao Wang
2018-11-28 9:46 ` [PATCH 9/9] doc: update ifc NIC document Xiao Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181204062241.GA19852@btwcube1 \
--to=tiwei.bie@intel.com \
--cc=dev@dpdk.org \
--cc=maxime.coquelin@redhat.com \
--cc=xiao.w.wang@intel.com \
--cc=xiaolong.ye@intel.com \
--cc=zhihong.wang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.