From: "Goel, Akash" <akash.goel@intel.com>
To: Chris Wilson <chris@chris-wilson.co.uk>, intel-gfx@lists.freedesktop.org
Cc: akash.goel@intel.com
Subject: Re: [PATCH 06/18] drm/i915: Handle log buffer flush interrupt event from GuC
Date: Tue, 16 Aug 2016 11:07:56 +0530 [thread overview]
Message-ID: <59c116ba-8eab-974e-e86f-7589a2d775a4@intel.com> (raw)
In-Reply-To: <20160815165626.GH1869@nuc-i3427.alporthouse.com>
On 8/15/2016 10:26 PM, Chris Wilson wrote:
> On Mon, Aug 15, 2016 at 10:16:56PM +0530, Goel, Akash wrote:
>>
>>
>> On 8/15/2016 9:36 PM, Chris Wilson wrote:
>>> On Mon, Aug 15, 2016 at 08:19:47PM +0530, akash.goel@intel.com wrote:
>>>> +static void guc_read_update_log_buffer(struct intel_guc *guc)
>>>> +{
>>>> + struct guc_log_buffer_state *log_buffer_state, *log_buffer_snapshot_state;
>>>> + struct guc_log_buffer_state log_buffer_state_local;
>>>> + void *src_data_ptr, *dst_data_ptr;
>>>> + unsigned int buffer_size, expected_size;
>>>> + enum guc_log_buffer_type type;
>>>> +
>>>> + if (WARN_ON(!guc->log.buf_addr))
>>>> + return;
>>>> +
>>>> + /* Get the pointer to shared GuC log buffer */
>>>> + log_buffer_state = src_data_ptr = guc->log.buf_addr;
>>>> +
>>>> + /* Get the pointer to local buffer to store the logs */
>>>> + dst_data_ptr = log_buffer_snapshot_state = guc_get_write_buffer(guc);
>>>> +
>>>> + /* Actual logs are present from the 2nd page */
>>>> + src_data_ptr += PAGE_SIZE;
>>>> + dst_data_ptr += PAGE_SIZE;
>>>> +
>>>> + for (type = GUC_ISR_LOG_BUFFER; type < GUC_MAX_LOG_BUFFER; type++) {
>>>> + /* Make a copy of the state structure in GuC log buffer (which
>>>> + * is uncached mapped) on the stack to avoid reading from it
>>>> + * multiple times.
>>>> + */
>>>> + memcpy(&log_buffer_state_local, log_buffer_state,
>>>> + sizeof(struct guc_log_buffer_state));
>>>> + buffer_size = log_buffer_state_local.size;
>>>> +
>>>> + if (log_buffer_snapshot_state) {
>>>> + /* First copy the state structure in snapshot buffer */
>>>> + memcpy(log_buffer_snapshot_state, &log_buffer_state_local,
>>>> + sizeof(struct guc_log_buffer_state));
>>>> +
>>>> + /* The write pointer could have been updated by the GuC
>>>> + * firmware, after sending the flush interrupt to Host,
>>>> + * for consistency set the write pointer value to same
>>>> + * value of sampled_write_ptr in the snapshot buffer.
>>>> + */
>>>> + log_buffer_snapshot_state->write_ptr =
>>>> + log_buffer_snapshot_state->sampled_write_ptr;
>>>> +
>>>> + log_buffer_snapshot_state++;
>>>> +
>>>> + /* Now copy the actual logs, but before that validate
>>>> + * the buffer size value retrieved from state structure.
>>>> + */
>>>> + if (type == GUC_ISR_LOG_BUFFER)
>>>> + expected_size = (GUC_LOG_ISR_PAGES+1)*PAGE_SIZE;
>>>> + else if (type == GUC_DPC_LOG_BUFFER)
>>>> + expected_size = (GUC_LOG_DPC_PAGES+1)*PAGE_SIZE;
>>>> + else
>>>> + expected_size = (GUC_LOG_CRASH_PAGES+1)*PAGE_SIZE;
>>>> +
>>>> + if (unlikely(buffer_size != expected_size)) {
>>>> + DRM_ERROR("unexpected log buffer size\n");
>>>> + /* Continue with further copying, already state
>>>> + * structure has been copied which is enough to
>>>> + * let Userspace know about the anomaly.
>>>> + */
>>>> + buffer_size = expected_size;
>>>
>>> Urm, no.
>>>
>>> You tell userspace one thing and then do another. This code should just
>>> be a conduit and not apply its own outdated interpretation.
>>>
>> Userspace parser would get to know from the state structure about
>> the anomalous buffer size.
>
> It will, but it won't be told what the kernel did. So if believes the
> GuC (as it should since it is a packet that should be unadulterated) the
> entire stream is then corrupt.
>
>> Please suggest that what should be done here ideally.
>>
>> Should the further copying (for this snapshot) be skipped ?
>
> The kernel should be avoiding interpretting the log packets as much as
> possible - I would prefer it if we just moved the byte stream without
> trying to interpret it as datagrams. But there is probably some merit to
> at least using the log packets (datagrams).
>
It would have been ideal if log packets can be dumped without any
interpretation.
We copy the payload without any interpretation, only some bits of header
we parse.
We also have to interpret the header (in subsequent patch) to copy only
the updated payload data, for better performance.
>>>> + }
>>>> +
>>>> + memcpy(dst_data_ptr, src_data_ptr, buffer_size);
>>>
>>> Where do you validate that buffer_size is sane before copying?
>> Sorry didn't get you, the check for buffer_size is being done right
>> before this memcpy.
>
> There is no explicit check for valid src_data_ptr + buffer_size or
> dst_data_ptr + buffer_size, and a quick glance at the code suggested no
> reason to believe they must be valid.
Actually if buffer_size has been validated & corrected, then both
src_data_ptr + buffer_size and dst_data_ptr + buffer_size should be
valid. Both buffers have been allocated by Driver.
Will avoid reading the buffer_size from the header and just move the
pointer & do the copy as per the expected buffer size, which cannot go
wrong (out of bounds) as Driver only allocated the log buffer.
Best regards
Akash
> -Chris
>
_______________________________________________
Intel-gfx mailing list
Intel-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/intel-gfx
next prev parent reply other threads:[~2016-08-16 5:38 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-15 14:49 [PATCH v6 00/18] Support for sustained capturing of GuC firmware logs akash.goel
2016-08-15 14:49 ` [PATCH 01/18] drm/i915: Decouple GuC log setup from verbosity parameter akash.goel
2016-08-15 14:49 ` [PATCH 02/18] drm/i915: Add GuC ukernel logging related fields to fw interface file akash.goel
2016-08-15 14:49 ` [PATCH 03/18] drm/i915: New structure to contain GuC logging related fields akash.goel
2016-08-15 14:49 ` [PATCH 04/18] drm/i915: Add low level set of routines for programming PM IER/IIR/IMR register set akash.goel
2016-08-15 14:49 ` [PATCH 05/18] drm/i915: Support for GuC interrupts akash.goel
2016-08-15 14:54 ` Tvrtko Ursulin
2016-08-15 14:49 ` [PATCH 06/18] drm/i915: Handle log buffer flush interrupt event from GuC akash.goel
2016-08-15 15:20 ` Tvrtko Ursulin
2016-08-15 15:57 ` Goel, Akash
2016-08-15 16:06 ` Chris Wilson
2016-08-15 16:46 ` Goel, Akash
2016-08-15 16:56 ` Chris Wilson
2016-08-16 5:37 ` Goel, Akash [this message]
2016-08-15 14:49 ` [PATCH 07/18] relay: Use per CPU constructs for the relay channel buffer pointers akash.goel
2016-08-15 14:49 ` [PATCH 08/18] drm/i915: Add a relay backed debugfs interface for capturing GuC logs akash.goel
2016-08-15 15:29 ` Tvrtko Ursulin
2016-08-15 16:02 ` Goel, Akash
2016-08-15 16:09 ` Chris Wilson
2016-08-15 16:12 ` Chris Wilson
2016-08-15 16:38 ` Goel, Akash
2016-08-15 16:47 ` Chris Wilson
2016-08-15 14:49 ` [PATCH 09/18] drm/i915: New lock to serialize the Host2GuC actions akash.goel
2016-08-15 14:49 ` [PATCH 10/18] drm/i915: Add stats for GuC log buffer flush interrupts akash.goel
2016-08-15 14:49 ` [PATCH 11/18] drm/i915: Optimization to reduce the sampling time of GuC log buffer akash.goel
2016-08-15 15:36 ` Tvrtko Ursulin
2016-08-15 16:13 ` Goel, Akash
2016-08-15 14:49 ` [PATCH 12/18] drm/i915: Increase GuC log buffer size to reduce flush interrupts akash.goel
2016-08-15 14:49 ` [PATCH 13/18] drm/i915: Augment i915 error state to include the dump of GuC log buffer akash.goel
2016-08-15 15:39 ` Tvrtko Ursulin
2016-08-15 14:49 ` [PATCH 14/18] drm/i915: Forcefully flush GuC log buffer on reset akash.goel
2016-08-15 15:48 ` Tvrtko Ursulin
2016-08-16 5:25 ` Goel, Akash
2016-08-16 9:25 ` Tvrtko Ursulin
2016-08-16 9:39 ` Goel, Akash
2016-08-16 9:42 ` Tvrtko Ursulin
2016-08-16 11:27 ` Tvrtko Ursulin
2016-08-16 12:19 ` Goel, Akash
2016-08-15 14:49 ` [PATCH 15/18] drm/i915: Debugfs support for GuC logging control akash.goel
2016-08-15 16:03 ` Tvrtko Ursulin
2016-08-15 14:49 ` [PATCH 16/18] drm/i915: Use uncached(WC) mapping for acessing the GuC log buffer akash.goel
2016-08-15 14:49 ` [PATCH 17/18] drm/i915: Use SSE4.1 movntdqa based memcpy for sampling " akash.goel
2016-08-15 14:49 ` [PATCH 18/18] drm/i915: Early creation of relay channel for capturing boot time logs akash.goel
2016-08-15 15:59 ` Tvrtko Ursulin
2016-08-15 15:10 ` ✗ Ro.CI.BAT: failure for Support for sustained capturing of GuC firmware logs (rev7) Patchwork
-- strict thread matches above, loose matches on Subject: below --
2016-09-08 10:39 [PATCH v9 00/18] Support for sustained capturing of GuC firmware logs akash.goel
2016-09-08 10:39 ` [PATCH 06/18] drm/i915: Handle log buffer flush interrupt event from GuC akash.goel
2016-10-12 16:24 [PATCH v10 00/18] Support for sustained capturing of GuC firmware logs akash.goel
2016-10-12 16:24 ` [PATCH 06/18] drm/i915: Handle log buffer flush interrupt event from GuC akash.goel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=59c116ba-8eab-974e-e86f-7589a2d775a4@intel.com \
--to=akash.goel@intel.com \
--cc=chris@chris-wilson.co.uk \
--cc=intel-gfx@lists.freedesktop.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox