* [PULL 0/6] hw/nvme updates
@ 2022-02-14 8:07 Klaus Jensen
2022-02-14 8:07 ` [PULL 1/6] hw/nvme: fix CVE-2021-3929 Klaus Jensen
` (6 more replies)
0 siblings, 7 replies; 17+ messages in thread
From: Klaus Jensen @ 2022-02-14 8:07 UTC (permalink / raw)
To: Peter Maydell, qemu-devel
Cc: Fam Zheng, Kevin Wolf, qemu-block, Klaus Jensen,
Philippe Mathieu-Daudé, Klaus Jensen, Hanna Reitz,
Stefan Hajnoczi, Keith Busch
From: Klaus Jensen <k.jensen@samsung.com>
Hi Peter,
The following changes since commit 48033ad678ae2def43bf0d543a2c4c3d2a93feaf:
Merge remote-tracking branch 'remotes/vsementsov/tags/pull-nbd-2022-02-09-v2' into staging (2022-02-12 22:04:07 +0000)
are available in the Git repository at:
git://git.infradead.org/qemu-nvme.git tags/nvme-next-pull-request
for you to fetch changes up to e321b4cdc2dd0b5e806ecf759138be7f83774142:
hw/nvme: add support for zoned random write area (2022-02-14 08:58:29 +0100)
----------------------------------------------------------------
hw/nvme updates
- fix CVE-2021-3929
- add zone random write area support
- misc cleanups from Philippe
----------------------------------------------------------------
Klaus Jensen (4):
hw/nvme: fix CVE-2021-3929
hw/nvme: add struct for zone management send
hw/nvme: add ozcs enum
hw/nvme: add support for zoned random write area
Philippe Mathieu-Daudé (2):
hw/nvme/ctrl: Have nvme_addr_write() take const buffer
hw/nvme/ctrl: Pass buffers as 'void *' types
hw/nvme/ctrl.c | 215 ++++++++++++++++++++++++++++++++++++-------
hw/nvme/ns.c | 61 +++++++++++-
hw/nvme/nvme.h | 14 ++-
hw/nvme/trace-events | 1 +
include/block/nvme.h | 40 +++++++-
5 files changed, 296 insertions(+), 35 deletions(-)
--
2.35.1
^ permalink raw reply [flat|nested] 17+ messages in thread
* [PULL 1/6] hw/nvme: fix CVE-2021-3929
2022-02-14 8:07 [PULL 0/6] hw/nvme updates Klaus Jensen
@ 2022-02-14 8:07 ` Klaus Jensen
2022-02-14 8:07 ` [PULL 2/6] hw/nvme/ctrl: Have nvme_addr_write() take const buffer Klaus Jensen
` (5 subsequent siblings)
6 siblings, 0 replies; 17+ messages in thread
From: Klaus Jensen @ 2022-02-14 8:07 UTC (permalink / raw)
To: Peter Maydell, qemu-devel
Cc: Fam Zheng, Kevin Wolf, qemu-block, Klaus Jensen,
Philippe Mathieu-Daudé, Qiuhao Li, Klaus Jensen, Hanna Reitz,
Stefan Hajnoczi, Keith Busch
From: Klaus Jensen <k.jensen@samsung.com>
This fixes CVE-2021-3929 "locally" by denying DMA to the iomem of the
device itself. This still allows DMA to MMIO regions of other devices
(e.g. doing P2P DMA to the controller memory buffer of another NVMe
device).
Fixes: CVE-2021-3929
Reported-by: Qiuhao Li <Qiuhao.Li@outlook.com>
Reviewed-by: Keith Busch <kbusch@kernel.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
---
hw/nvme/ctrl.c | 22 ++++++++++++++++++++++
1 file changed, 22 insertions(+)
diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c
index 1f62116af985..37681a975986 100644
--- a/hw/nvme/ctrl.c
+++ b/hw/nvme/ctrl.c
@@ -357,6 +357,24 @@ static inline void *nvme_addr_to_pmr(NvmeCtrl *n, hwaddr addr)
return memory_region_get_ram_ptr(&n->pmr.dev->mr) + (addr - n->pmr.cba);
}
+static inline bool nvme_addr_is_iomem(NvmeCtrl *n, hwaddr addr)
+{
+ hwaddr hi, lo;
+
+ /*
+ * The purpose of this check is to guard against invalid "local" access to
+ * the iomem (i.e. controller registers). Thus, we check against the range
+ * covered by the 'bar0' MemoryRegion since that is currently composed of
+ * two subregions (the NVMe "MBAR" and the MSI-X table/pba). Note, however,
+ * that if the device model is ever changed to allow the CMB to be located
+ * in BAR0 as well, then this must be changed.
+ */
+ lo = n->bar0.addr;
+ hi = lo + int128_get64(n->bar0.size);
+
+ return addr >= lo && addr < hi;
+}
+
static int nvme_addr_read(NvmeCtrl *n, hwaddr addr, void *buf, int size)
{
hwaddr hi = addr + size - 1;
@@ -614,6 +632,10 @@ static uint16_t nvme_map_addr(NvmeCtrl *n, NvmeSg *sg, hwaddr addr, size_t len)
trace_pci_nvme_map_addr(addr, len);
+ if (nvme_addr_is_iomem(n, addr)) {
+ return NVME_DATA_TRAS_ERROR;
+ }
+
if (nvme_addr_is_cmb(n, addr)) {
cmb = true;
} else if (nvme_addr_is_pmr(n, addr)) {
--
2.35.1
^ permalink raw reply related [flat|nested] 17+ messages in thread
* [PULL 2/6] hw/nvme/ctrl: Have nvme_addr_write() take const buffer
2022-02-14 8:07 [PULL 0/6] hw/nvme updates Klaus Jensen
2022-02-14 8:07 ` [PULL 1/6] hw/nvme: fix CVE-2021-3929 Klaus Jensen
@ 2022-02-14 8:07 ` Klaus Jensen
2022-02-14 8:07 ` [PULL 3/6] hw/nvme/ctrl: Pass buffers as 'void *' types Klaus Jensen
` (4 subsequent siblings)
6 siblings, 0 replies; 17+ messages in thread
From: Klaus Jensen @ 2022-02-14 8:07 UTC (permalink / raw)
To: Peter Maydell, qemu-devel
Cc: Fam Zheng, Kevin Wolf, qemu-block, Klaus Jensen,
Philippe Mathieu-Daudé, Klaus Jensen, Hanna Reitz,
Stefan Hajnoczi, Keith Busch, Philippe Mathieu-Daudé
From: Philippe Mathieu-Daudé <philmd@redhat.com>
The 'buf' argument is not modified, so better pass it as const type.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Klaus Jensen <k.jensen@samsung.com>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
---
hw/nvme/ctrl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c
index 37681a975986..12e1fcda7c85 100644
--- a/hw/nvme/ctrl.c
+++ b/hw/nvme/ctrl.c
@@ -395,7 +395,7 @@ static int nvme_addr_read(NvmeCtrl *n, hwaddr addr, void *buf, int size)
return pci_dma_read(&n->parent_obj, addr, buf, size);
}
-static int nvme_addr_write(NvmeCtrl *n, hwaddr addr, void *buf, int size)
+static int nvme_addr_write(NvmeCtrl *n, hwaddr addr, const void *buf, int size)
{
hwaddr hi = addr + size - 1;
if (hi < addr) {
--
2.35.1
^ permalink raw reply related [flat|nested] 17+ messages in thread
* [PULL 3/6] hw/nvme/ctrl: Pass buffers as 'void *' types
2022-02-14 8:07 [PULL 0/6] hw/nvme updates Klaus Jensen
2022-02-14 8:07 ` [PULL 1/6] hw/nvme: fix CVE-2021-3929 Klaus Jensen
2022-02-14 8:07 ` [PULL 2/6] hw/nvme/ctrl: Have nvme_addr_write() take const buffer Klaus Jensen
@ 2022-02-14 8:07 ` Klaus Jensen
2022-02-14 8:07 ` [PULL 4/6] hw/nvme: add struct for zone management send Klaus Jensen
` (3 subsequent siblings)
6 siblings, 0 replies; 17+ messages in thread
From: Klaus Jensen @ 2022-02-14 8:07 UTC (permalink / raw)
To: Peter Maydell, qemu-devel
Cc: Fam Zheng, Kevin Wolf, qemu-block, Klaus Jensen,
Philippe Mathieu-Daudé, Klaus Jensen, Hanna Reitz,
Stefan Hajnoczi, Keith Busch, Philippe Mathieu-Daudé
From: Philippe Mathieu-Daudé <philmd@redhat.com>
These buffers can be anything, not an array of chars,
so use the 'void *' type for them.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Klaus Jensen <k.jensen@samsung.com>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
---
hw/nvme/ctrl.c | 10 +++++-----
hw/nvme/nvme.h | 4 ++--
2 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c
index 12e1fcda7c85..4344405e5939 100644
--- a/hw/nvme/ctrl.c
+++ b/hw/nvme/ctrl.c
@@ -1162,7 +1162,7 @@ static uint16_t nvme_tx_interleaved(NvmeCtrl *n, NvmeSg *sg, uint8_t *ptr,
return NVME_SUCCESS;
}
-static uint16_t nvme_tx(NvmeCtrl *n, NvmeSg *sg, uint8_t *ptr, uint32_t len,
+static uint16_t nvme_tx(NvmeCtrl *n, NvmeSg *sg, void *ptr, uint32_t len,
NvmeTxDirection dir)
{
assert(sg->flags & NVME_SG_ALLOC);
@@ -1199,7 +1199,7 @@ static uint16_t nvme_tx(NvmeCtrl *n, NvmeSg *sg, uint8_t *ptr, uint32_t len,
return NVME_SUCCESS;
}
-static inline uint16_t nvme_c2h(NvmeCtrl *n, uint8_t *ptr, uint32_t len,
+static inline uint16_t nvme_c2h(NvmeCtrl *n, void *ptr, uint32_t len,
NvmeRequest *req)
{
uint16_t status;
@@ -1212,7 +1212,7 @@ static inline uint16_t nvme_c2h(NvmeCtrl *n, uint8_t *ptr, uint32_t len,
return nvme_tx(n, &req->sg, ptr, len, NVME_TX_DIRECTION_FROM_DEVICE);
}
-static inline uint16_t nvme_h2c(NvmeCtrl *n, uint8_t *ptr, uint32_t len,
+static inline uint16_t nvme_h2c(NvmeCtrl *n, void *ptr, uint32_t len,
NvmeRequest *req)
{
uint16_t status;
@@ -1225,7 +1225,7 @@ static inline uint16_t nvme_h2c(NvmeCtrl *n, uint8_t *ptr, uint32_t len,
return nvme_tx(n, &req->sg, ptr, len, NVME_TX_DIRECTION_TO_DEVICE);
}
-uint16_t nvme_bounce_data(NvmeCtrl *n, uint8_t *ptr, uint32_t len,
+uint16_t nvme_bounce_data(NvmeCtrl *n, void *ptr, uint32_t len,
NvmeTxDirection dir, NvmeRequest *req)
{
NvmeNamespace *ns = req->ns;
@@ -1241,7 +1241,7 @@ uint16_t nvme_bounce_data(NvmeCtrl *n, uint8_t *ptr, uint32_t len,
return nvme_tx(n, &req->sg, ptr, len, dir);
}
-uint16_t nvme_bounce_mdata(NvmeCtrl *n, uint8_t *ptr, uint32_t len,
+uint16_t nvme_bounce_mdata(NvmeCtrl *n, void *ptr, uint32_t len,
NvmeTxDirection dir, NvmeRequest *req)
{
NvmeNamespace *ns = req->ns;
diff --git a/hw/nvme/nvme.h b/hw/nvme/nvme.h
index 83ffabade4cf..38f3ebf7f6c0 100644
--- a/hw/nvme/nvme.h
+++ b/hw/nvme/nvme.h
@@ -495,9 +495,9 @@ static inline uint16_t nvme_cid(NvmeRequest *req)
}
void nvme_attach_ns(NvmeCtrl *n, NvmeNamespace *ns);
-uint16_t nvme_bounce_data(NvmeCtrl *n, uint8_t *ptr, uint32_t len,
+uint16_t nvme_bounce_data(NvmeCtrl *n, void *ptr, uint32_t len,
NvmeTxDirection dir, NvmeRequest *req);
-uint16_t nvme_bounce_mdata(NvmeCtrl *n, uint8_t *ptr, uint32_t len,
+uint16_t nvme_bounce_mdata(NvmeCtrl *n, void *ptr, uint32_t len,
NvmeTxDirection dir, NvmeRequest *req);
void nvme_rw_complete_cb(void *opaque, int ret);
uint16_t nvme_map_dptr(NvmeCtrl *n, NvmeSg *sg, size_t len,
--
2.35.1
^ permalink raw reply related [flat|nested] 17+ messages in thread
* [PULL 4/6] hw/nvme: add struct for zone management send
2022-02-14 8:07 [PULL 0/6] hw/nvme updates Klaus Jensen
` (2 preceding siblings ...)
2022-02-14 8:07 ` [PULL 3/6] hw/nvme/ctrl: Pass buffers as 'void *' types Klaus Jensen
@ 2022-02-14 8:07 ` Klaus Jensen
2022-02-14 8:08 ` [PULL 5/6] hw/nvme: add ozcs enum Klaus Jensen
` (2 subsequent siblings)
6 siblings, 0 replies; 17+ messages in thread
From: Klaus Jensen @ 2022-02-14 8:07 UTC (permalink / raw)
To: Peter Maydell, qemu-devel
Cc: Fam Zheng, Kevin Wolf, qemu-block, Klaus Jensen,
Philippe Mathieu-Daudé, Klaus Jensen, Hanna Reitz,
Stefan Hajnoczi, Keith Busch
From: Klaus Jensen <k.jensen@samsung.com>
Add struct for Zone Management Send in preparation for more zone send
flags.
Reviewed-by: Keith Busch <kbusch@kernel.org>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
---
hw/nvme/ctrl.c | 10 ++++------
include/block/nvme.h | 19 +++++++++++++++++++
2 files changed, 23 insertions(+), 6 deletions(-)
diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c
index 4344405e5939..7cb4974c5e83 100644
--- a/hw/nvme/ctrl.c
+++ b/hw/nvme/ctrl.c
@@ -3616,26 +3616,24 @@ done:
static uint16_t nvme_zone_mgmt_send(NvmeCtrl *n, NvmeRequest *req)
{
- NvmeCmd *cmd = (NvmeCmd *)&req->cmd;
+ NvmeZoneSendCmd *cmd = (NvmeZoneSendCmd *)&req->cmd;
NvmeNamespace *ns = req->ns;
NvmeZone *zone;
NvmeZoneResetAIOCB *iocb;
uint8_t *zd_ext;
- uint32_t dw13 = le32_to_cpu(cmd->cdw13);
uint64_t slba = 0;
uint32_t zone_idx = 0;
uint16_t status;
- uint8_t action;
+ uint8_t action = cmd->zsa;
bool all;
enum NvmeZoneProcessingMask proc_mask = NVME_PROC_CURRENT_ZONE;
- action = dw13 & 0xff;
- all = !!(dw13 & 0x100);
+ all = cmd->zsflags & NVME_ZSFLAG_SELECT_ALL;
req->status = NVME_SUCCESS;
if (!all) {
- status = nvme_get_mgmt_zone_slba_idx(ns, cmd, &slba, &zone_idx);
+ status = nvme_get_mgmt_zone_slba_idx(ns, &req->cmd, &slba, &zone_idx);
if (status) {
return status;
}
diff --git a/include/block/nvme.h b/include/block/nvme.h
index e3bd47bf76ab..709d491c70d8 100644
--- a/include/block/nvme.h
+++ b/include/block/nvme.h
@@ -1433,6 +1433,21 @@ enum NvmeZoneType {
NVME_ZONE_TYPE_SEQ_WRITE = 0x02,
};
+typedef struct QEMU_PACKED NvmeZoneSendCmd {
+ uint8_t opcode;
+ uint8_t flags;
+ uint16_t cid;
+ uint32_t nsid;
+ uint32_t rsvd8[4];
+ NvmeCmdDptr dptr;
+ uint64_t slba;
+ uint32_t rsvd48;
+ uint8_t zsa;
+ uint8_t zsflags;
+ uint8_t rsvd54[2];
+ uint32_t rsvd56[2];
+} NvmeZoneSendCmd;
+
enum NvmeZoneSendAction {
NVME_ZONE_ACTION_RSD = 0x00,
NVME_ZONE_ACTION_CLOSE = 0x01,
@@ -1443,6 +1458,10 @@ enum NvmeZoneSendAction {
NVME_ZONE_ACTION_SET_ZD_EXT = 0x10,
};
+enum {
+ NVME_ZSFLAG_SELECT_ALL = 1 << 0,
+};
+
typedef struct QEMU_PACKED NvmeZoneDescr {
uint8_t zt;
uint8_t zs;
--
2.35.1
^ permalink raw reply related [flat|nested] 17+ messages in thread
* [PULL 5/6] hw/nvme: add ozcs enum
2022-02-14 8:07 [PULL 0/6] hw/nvme updates Klaus Jensen
` (3 preceding siblings ...)
2022-02-14 8:07 ` [PULL 4/6] hw/nvme: add struct for zone management send Klaus Jensen
@ 2022-02-14 8:08 ` Klaus Jensen
2022-02-14 8:08 ` [PULL 6/6] hw/nvme: add support for zoned random write area Klaus Jensen
2022-02-15 19:30 ` [PULL 0/6] hw/nvme updates Peter Maydell
6 siblings, 0 replies; 17+ messages in thread
From: Klaus Jensen @ 2022-02-14 8:08 UTC (permalink / raw)
To: Peter Maydell, qemu-devel
Cc: Fam Zheng, Kevin Wolf, qemu-block, Klaus Jensen,
Philippe Mathieu-Daudé, Klaus Jensen, Hanna Reitz,
Stefan Hajnoczi, Keith Busch
From: Klaus Jensen <k.jensen@samsung.com>
Add enumeration for OZCS values.
Reviewed-by: Keith Busch <kbusch@kernel.org>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
---
hw/nvme/ns.c | 3 ++-
include/block/nvme.h | 4 ++++
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/hw/nvme/ns.c b/hw/nvme/ns.c
index 8b5f98c76180..356b6c1c2f14 100644
--- a/hw/nvme/ns.c
+++ b/hw/nvme/ns.c
@@ -266,7 +266,8 @@ static void nvme_ns_init_zoned(NvmeNamespace *ns)
id_ns_z->mar = cpu_to_le32(ns->params.max_active_zones - 1);
id_ns_z->mor = cpu_to_le32(ns->params.max_open_zones - 1);
id_ns_z->zoc = 0;
- id_ns_z->ozcs = ns->params.cross_zone_read ? 0x01 : 0x00;
+ id_ns_z->ozcs = ns->params.cross_zone_read ?
+ NVME_ID_NS_ZONED_OZCS_RAZB : 0x00;
for (i = 0; i <= ns->id_ns.nlbaf; i++) {
id_ns_z->lbafe[i].zsze = cpu_to_le64(ns->zone_size);
diff --git a/include/block/nvme.h b/include/block/nvme.h
index 709d491c70d8..e10ea6f0eb88 100644
--- a/include/block/nvme.h
+++ b/include/block/nvme.h
@@ -1351,6 +1351,10 @@ typedef struct QEMU_PACKED NvmeIdNsZoned {
uint8_t vs[256];
} NvmeIdNsZoned;
+enum NvmeIdNsZonedOzcs {
+ NVME_ID_NS_ZONED_OZCS_RAZB = 1 << 0,
+};
+
/*Deallocate Logical Block Features*/
#define NVME_ID_NS_DLFEAT_GUARD_CRC(dlfeat) ((dlfeat) & 0x10)
#define NVME_ID_NS_DLFEAT_WRITE_ZEROES(dlfeat) ((dlfeat) & 0x08)
--
2.35.1
^ permalink raw reply related [flat|nested] 17+ messages in thread
* [PULL 6/6] hw/nvme: add support for zoned random write area
2022-02-14 8:07 [PULL 0/6] hw/nvme updates Klaus Jensen
` (4 preceding siblings ...)
2022-02-14 8:08 ` [PULL 5/6] hw/nvme: add ozcs enum Klaus Jensen
@ 2022-02-14 8:08 ` Klaus Jensen
2022-02-15 19:30 ` [PULL 0/6] hw/nvme updates Peter Maydell
6 siblings, 0 replies; 17+ messages in thread
From: Klaus Jensen @ 2022-02-14 8:08 UTC (permalink / raw)
To: Peter Maydell, qemu-devel
Cc: Fam Zheng, Kevin Wolf, qemu-block, Klaus Jensen,
Philippe Mathieu-Daudé, Klaus Jensen, Hanna Reitz,
Stefan Hajnoczi, Keith Busch
From: Klaus Jensen <k.jensen@samsung.com>
Add support for TP 4076 ("Zoned Random Write Area"), v2021.08.23
("Ratified").
This adds three new namespace parameters: "zoned.numzrwa" (number of
zrwa resources, i.e. number of zones that can have a zrwa),
"zoned.zrwas" (zrwa size in LBAs), "zoned.zrwafg" (granularity in LBAs
for flushes).
Reviewed-by: Keith Busch <kbusch@kernel.org>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
---
hw/nvme/ctrl.c | 171 ++++++++++++++++++++++++++++++++++++++-----
hw/nvme/ns.c | 58 +++++++++++++++
hw/nvme/nvme.h | 10 +++
hw/nvme/trace-events | 1 +
include/block/nvme.h | 17 ++++-
5 files changed, 237 insertions(+), 20 deletions(-)
diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c
index 7cb4974c5e83..98aac98bef5f 100644
--- a/hw/nvme/ctrl.c
+++ b/hw/nvme/ctrl.c
@@ -299,26 +299,37 @@ static void nvme_assign_zone_state(NvmeNamespace *ns, NvmeZone *zone,
}
}
-/*
- * Check if we can open a zone without exceeding open/active limits.
- * AOR stands for "Active and Open Resources" (see TP 4053 section 2.5).
- */
-static int nvme_aor_check(NvmeNamespace *ns, uint32_t act, uint32_t opn)
+static uint16_t nvme_zns_check_resources(NvmeNamespace *ns, uint32_t act,
+ uint32_t opn, uint32_t zrwa)
{
if (ns->params.max_active_zones != 0 &&
ns->nr_active_zones + act > ns->params.max_active_zones) {
trace_pci_nvme_err_insuff_active_res(ns->params.max_active_zones);
return NVME_ZONE_TOO_MANY_ACTIVE | NVME_DNR;
}
+
if (ns->params.max_open_zones != 0 &&
ns->nr_open_zones + opn > ns->params.max_open_zones) {
trace_pci_nvme_err_insuff_open_res(ns->params.max_open_zones);
return NVME_ZONE_TOO_MANY_OPEN | NVME_DNR;
}
+ if (zrwa > ns->zns.numzrwa) {
+ return NVME_NOZRWA | NVME_DNR;
+ }
+
return NVME_SUCCESS;
}
+/*
+ * Check if we can open a zone without exceeding open/active limits.
+ * AOR stands for "Active and Open Resources" (see TP 4053 section 2.5).
+ */
+static uint16_t nvme_aor_check(NvmeNamespace *ns, uint32_t act, uint32_t opn)
+{
+ return nvme_zns_check_resources(ns, act, opn, 0);
+}
+
static bool nvme_addr_is_cmb(NvmeCtrl *n, hwaddr addr)
{
hwaddr hi, lo;
@@ -1628,9 +1639,19 @@ static uint16_t nvme_check_zone_write(NvmeNamespace *ns, NvmeZone *zone,
return status;
}
- if (unlikely(slba != zone->w_ptr)) {
- trace_pci_nvme_err_write_not_at_wp(slba, zone->d.zslba, zone->w_ptr);
- return NVME_ZONE_INVALID_WRITE;
+ if (zone->d.za & NVME_ZA_ZRWA_VALID) {
+ uint64_t ezrwa = zone->w_ptr + 2 * ns->zns.zrwas;
+
+ if (slba < zone->w_ptr || slba + nlb > ezrwa) {
+ trace_pci_nvme_err_zone_invalid_write(slba, zone->w_ptr);
+ return NVME_ZONE_INVALID_WRITE;
+ }
+ } else {
+ if (unlikely(slba != zone->w_ptr)) {
+ trace_pci_nvme_err_write_not_at_wp(slba, zone->d.zslba,
+ zone->w_ptr);
+ return NVME_ZONE_INVALID_WRITE;
+ }
}
if (unlikely((slba + nlb) > zcap)) {
@@ -1710,6 +1731,14 @@ static uint16_t nvme_zrm_finish(NvmeNamespace *ns, NvmeZone *zone)
/* fallthrough */
case NVME_ZONE_STATE_CLOSED:
nvme_aor_dec_active(ns);
+
+ if (zone->d.za & NVME_ZA_ZRWA_VALID) {
+ zone->d.za &= ~NVME_ZA_ZRWA_VALID;
+ if (ns->params.numzrwa) {
+ ns->zns.numzrwa++;
+ }
+ }
+
/* fallthrough */
case NVME_ZONE_STATE_EMPTY:
nvme_assign_zone_state(ns, zone, NVME_ZONE_STATE_FULL);
@@ -1745,6 +1774,13 @@ static uint16_t nvme_zrm_reset(NvmeNamespace *ns, NvmeZone *zone)
/* fallthrough */
case NVME_ZONE_STATE_CLOSED:
nvme_aor_dec_active(ns);
+
+ if (zone->d.za & NVME_ZA_ZRWA_VALID) {
+ if (ns->params.numzrwa) {
+ ns->zns.numzrwa++;
+ }
+ }
+
/* fallthrough */
case NVME_ZONE_STATE_FULL:
zone->w_ptr = zone->d.zslba;
@@ -1778,6 +1814,7 @@ static void nvme_zrm_auto_transition_zone(NvmeNamespace *ns)
enum {
NVME_ZRM_AUTO = 1 << 0,
+ NVME_ZRM_ZRWA = 1 << 1,
};
static uint16_t nvme_zrm_open_flags(NvmeCtrl *n, NvmeNamespace *ns,
@@ -1796,7 +1833,8 @@ static uint16_t nvme_zrm_open_flags(NvmeCtrl *n, NvmeNamespace *ns,
if (n->params.auto_transition_zones) {
nvme_zrm_auto_transition_zone(ns);
}
- status = nvme_aor_check(ns, act, 1);
+ status = nvme_zns_check_resources(ns, act, 1,
+ (flags & NVME_ZRM_ZRWA) ? 1 : 0);
if (status) {
return status;
}
@@ -1824,6 +1862,12 @@ static uint16_t nvme_zrm_open_flags(NvmeCtrl *n, NvmeNamespace *ns,
/* fallthrough */
case NVME_ZONE_STATE_EXPLICITLY_OPEN:
+ if (flags & NVME_ZRM_ZRWA) {
+ ns->zns.numzrwa--;
+
+ zone->d.za |= NVME_ZA_ZRWA_VALID;
+ }
+
return NVME_SUCCESS;
default:
@@ -1837,12 +1881,6 @@ static inline uint16_t nvme_zrm_auto(NvmeCtrl *n, NvmeNamespace *ns,
return nvme_zrm_open_flags(n, ns, zone, NVME_ZRM_AUTO);
}
-static inline uint16_t nvme_zrm_open(NvmeCtrl *n, NvmeNamespace *ns,
- NvmeZone *zone)
-{
- return nvme_zrm_open_flags(n, ns, zone, 0);
-}
-
static void nvme_advance_zone_wp(NvmeNamespace *ns, NvmeZone *zone,
uint32_t nlb)
{
@@ -1853,6 +1891,20 @@ static void nvme_advance_zone_wp(NvmeNamespace *ns, NvmeZone *zone,
}
}
+static void nvme_zoned_zrwa_implicit_flush(NvmeNamespace *ns, NvmeZone *zone,
+ uint32_t nlbc)
+{
+ uint16_t nzrwafgs = DIV_ROUND_UP(nlbc, ns->zns.zrwafg);
+
+ nlbc = nzrwafgs * ns->zns.zrwafg;
+
+ trace_pci_nvme_zoned_zrwa_implicit_flush(zone->d.zslba, nlbc);
+
+ zone->w_ptr += nlbc;
+
+ nvme_advance_zone_wp(ns, zone, nlbc);
+}
+
static void nvme_finalize_zoned_write(NvmeNamespace *ns, NvmeRequest *req)
{
NvmeRwCmd *rw = (NvmeRwCmd *)&req->cmd;
@@ -1865,6 +1917,17 @@ static void nvme_finalize_zoned_write(NvmeNamespace *ns, NvmeRequest *req)
zone = nvme_get_zone_by_slba(ns, slba);
assert(zone);
+ if (zone->d.za & NVME_ZA_ZRWA_VALID) {
+ uint64_t ezrwa = zone->w_ptr + ns->zns.zrwas - 1;
+ uint64_t elba = slba + nlb - 1;
+
+ if (elba > ezrwa) {
+ nvme_zoned_zrwa_implicit_flush(ns, zone, elba - ezrwa);
+ }
+
+ return;
+ }
+
nvme_advance_zone_wp(ns, zone, nlb);
}
@@ -2665,7 +2728,9 @@ static void nvme_copy_in_completed_cb(void *opaque, int ret)
goto invalid;
}
- iocb->zone->w_ptr += nlb;
+ if (!(iocb->zone->d.za & NVME_ZA_ZRWA_VALID)) {
+ iocb->zone->w_ptr += nlb;
+ }
}
qemu_iovec_reset(&iocb->iov);
@@ -3204,6 +3269,10 @@ static uint16_t nvme_do_write(NvmeCtrl *n, NvmeRequest *req, bool append,
if (append) {
bool piremap = !!(ctrl & NVME_RW_PIREMAP);
+ if (unlikely(zone->d.za & NVME_ZA_ZRWA_VALID)) {
+ return NVME_INVALID_ZONE_OP | NVME_DNR;
+ }
+
if (unlikely(slba != zone->d.zslba)) {
trace_pci_nvme_err_append_not_at_start(slba, zone->d.zslba);
status = NVME_INVALID_FIELD;
@@ -3255,7 +3324,9 @@ static uint16_t nvme_do_write(NvmeCtrl *n, NvmeRequest *req, bool append,
goto invalid;
}
- zone->w_ptr += nlb;
+ if (!(zone->d.za & NVME_ZA_ZRWA_VALID)) {
+ zone->w_ptr += nlb;
+ }
}
data_offset = nvme_l2b(ns, slba);
@@ -3339,7 +3410,24 @@ enum NvmeZoneProcessingMask {
static uint16_t nvme_open_zone(NvmeNamespace *ns, NvmeZone *zone,
NvmeZoneState state, NvmeRequest *req)
{
- return nvme_zrm_open(nvme_ctrl(req), ns, zone);
+ NvmeZoneSendCmd *cmd = (NvmeZoneSendCmd *)&req->cmd;
+ int flags = 0;
+
+ if (cmd->zsflags & NVME_ZSFLAG_ZRWA_ALLOC) {
+ uint16_t ozcs = le16_to_cpu(ns->id_ns_zoned->ozcs);
+
+ if (!(ozcs & NVME_ID_NS_ZONED_OZCS_ZRWASUP)) {
+ return NVME_INVALID_ZONE_OP | NVME_DNR;
+ }
+
+ if (zone->w_ptr % ns->zns.zrwafg) {
+ return NVME_NOZRWA | NVME_DNR;
+ }
+
+ flags = NVME_ZRM_ZRWA;
+ }
+
+ return nvme_zrm_open_flags(nvme_ctrl(req), ns, zone, flags);
}
static uint16_t nvme_close_zone(NvmeNamespace *ns, NvmeZone *zone,
@@ -3614,6 +3702,44 @@ done:
}
}
+static uint16_t nvme_zone_mgmt_send_zrwa_flush(NvmeCtrl *n, NvmeZone *zone,
+ uint64_t elba, NvmeRequest *req)
+{
+ NvmeNamespace *ns = req->ns;
+ uint16_t ozcs = le16_to_cpu(ns->id_ns_zoned->ozcs);
+ uint64_t wp = zone->d.wp;
+ uint32_t nlb = elba - wp + 1;
+ uint16_t status;
+
+
+ if (!(ozcs & NVME_ID_NS_ZONED_OZCS_ZRWASUP)) {
+ return NVME_INVALID_ZONE_OP | NVME_DNR;
+ }
+
+ if (!(zone->d.za & NVME_ZA_ZRWA_VALID)) {
+ return NVME_INVALID_FIELD | NVME_DNR;
+ }
+
+ if (elba < wp || elba > wp + ns->zns.zrwas) {
+ return NVME_ZONE_BOUNDARY_ERROR | NVME_DNR;
+ }
+
+ if (nlb % ns->zns.zrwafg) {
+ return NVME_INVALID_FIELD | NVME_DNR;
+ }
+
+ status = nvme_zrm_auto(n, ns, zone);
+ if (status) {
+ return status;
+ }
+
+ zone->w_ptr += nlb;
+
+ nvme_advance_zone_wp(ns, zone, nlb);
+
+ return NVME_SUCCESS;
+}
+
static uint16_t nvme_zone_mgmt_send(NvmeCtrl *n, NvmeRequest *req)
{
NvmeZoneSendCmd *cmd = (NvmeZoneSendCmd *)&req->cmd;
@@ -3640,7 +3766,7 @@ static uint16_t nvme_zone_mgmt_send(NvmeCtrl *n, NvmeRequest *req)
}
zone = &ns->zone_array[zone_idx];
- if (slba != zone->d.zslba) {
+ if (slba != zone->d.zslba && action != NVME_ZONE_ACTION_ZRWA_FLUSH) {
trace_pci_nvme_err_unaligned_zone_cmd(action, slba, zone->d.zslba);
return NVME_INVALID_FIELD | NVME_DNR;
}
@@ -3716,6 +3842,13 @@ static uint16_t nvme_zone_mgmt_send(NvmeCtrl *n, NvmeRequest *req)
}
break;
+ case NVME_ZONE_ACTION_ZRWA_FLUSH:
+ if (all) {
+ return NVME_INVALID_FIELD | NVME_DNR;
+ }
+
+ return nvme_zone_mgmt_send_zrwa_flush(n, zone, slba, req);
+
default:
trace_pci_nvme_err_invalid_mgmt_action(action);
status = NVME_INVALID_FIELD;
diff --git a/hw/nvme/ns.c b/hw/nvme/ns.c
index 356b6c1c2f14..ee673f1a5bef 100644
--- a/hw/nvme/ns.c
+++ b/hw/nvme/ns.c
@@ -275,6 +275,23 @@ static void nvme_ns_init_zoned(NvmeNamespace *ns)
ns->params.zd_extension_size >> 6; /* Units of 64B */
}
+ if (ns->params.zrwas) {
+ ns->zns.numzrwa = ns->params.numzrwa ?
+ ns->params.numzrwa : ns->num_zones;
+
+ ns->zns.zrwas = ns->params.zrwas >> ns->lbaf.ds;
+ ns->zns.zrwafg = ns->params.zrwafg >> ns->lbaf.ds;
+
+ id_ns_z->ozcs |= NVME_ID_NS_ZONED_OZCS_ZRWASUP;
+ id_ns_z->zrwacap = NVME_ID_NS_ZONED_ZRWACAP_EXPFLUSHSUP;
+
+ id_ns_z->numzrwa = cpu_to_le32(ns->params.numzrwa);
+ id_ns_z->zrwas = cpu_to_le16(ns->zns.zrwas);
+ id_ns_z->zrwafg = cpu_to_le16(ns->zns.zrwafg);
+ }
+
+ id_ns_z->ozcs = cpu_to_le16(id_ns_z->ozcs);
+
ns->csi = NVME_CSI_ZONED;
ns->id_ns.nsze = cpu_to_le64(ns->num_zones * ns->zone_size);
ns->id_ns.ncap = ns->id_ns.nsze;
@@ -315,6 +332,10 @@ static void nvme_clear_zone(NvmeNamespace *ns, NvmeZone *zone)
QTAILQ_INSERT_HEAD(&ns->closed_zones, zone, entry);
} else {
trace_pci_nvme_clear_ns_reset(state, zone->d.zslba);
+ if (zone->d.za & NVME_ZA_ZRWA_VALID) {
+ zone->d.za &= ~NVME_ZA_ZRWA_VALID;
+ ns->zns.numzrwa++;
+ }
nvme_set_zone_state(zone, NVME_ZONE_STATE_EMPTY);
}
}
@@ -392,6 +413,40 @@ static int nvme_ns_check_constraints(NvmeNamespace *ns, Error **errp)
return -1;
}
}
+
+ if (ns->params.zrwas) {
+ if (ns->params.zrwas % ns->blkconf.logical_block_size) {
+ error_setg(errp, "zone random write area size (zoned.zrwas "
+ "%"PRIu64") must be a multiple of the logical "
+ "block size (logical_block_size %"PRIu32")",
+ ns->params.zrwas, ns->blkconf.logical_block_size);
+ return -1;
+ }
+
+ if (ns->params.zrwafg == -1) {
+ ns->params.zrwafg = ns->blkconf.logical_block_size;
+ }
+
+ if (ns->params.zrwas % ns->params.zrwafg) {
+ error_setg(errp, "zone random write area size (zoned.zrwas "
+ "%"PRIu64") must be a multiple of the zone random "
+ "write area flush granularity (zoned.zrwafg, "
+ "%"PRIu64")", ns->params.zrwas, ns->params.zrwafg);
+ return -1;
+ }
+
+ if (ns->params.max_active_zones) {
+ if (ns->params.numzrwa > ns->params.max_active_zones) {
+ error_setg(errp, "number of zone random write area "
+ "resources (zoned.numzrwa, %d) must be less "
+ "than or equal to maximum active resources "
+ "(zoned.max_active_zones, %d)",
+ ns->params.numzrwa,
+ ns->params.max_active_zones);
+ return -1;
+ }
+ }
+ }
}
return 0;
@@ -551,6 +606,9 @@ static Property nvme_ns_props[] = {
params.max_open_zones, 0),
DEFINE_PROP_UINT32("zoned.descr_ext_size", NvmeNamespace,
params.zd_extension_size, 0),
+ DEFINE_PROP_UINT32("zoned.numzrwa", NvmeNamespace, params.numzrwa, 0),
+ DEFINE_PROP_SIZE("zoned.zrwas", NvmeNamespace, params.zrwas, 0),
+ DEFINE_PROP_SIZE("zoned.zrwafg", NvmeNamespace, params.zrwafg, -1),
DEFINE_PROP_BOOL("eui64-default", NvmeNamespace, params.eui64_default,
true),
DEFINE_PROP_END_OF_LIST(),
diff --git a/hw/nvme/nvme.h b/hw/nvme/nvme.h
index 38f3ebf7f6c0..90c0bb7ce236 100644
--- a/hw/nvme/nvme.h
+++ b/hw/nvme/nvme.h
@@ -114,6 +114,10 @@ typedef struct NvmeNamespaceParams {
uint32_t max_active_zones;
uint32_t max_open_zones;
uint32_t zd_extension_size;
+
+ uint32_t numzrwa;
+ uint64_t zrwas;
+ uint64_t zrwafg;
} NvmeNamespaceParams;
typedef struct NvmeNamespace {
@@ -130,6 +134,12 @@ typedef struct NvmeNamespace {
uint16_t status;
int attached;
+ struct {
+ uint16_t zrwas;
+ uint16_t zrwafg;
+ uint32_t numzrwa;
+ } zns;
+
QTAILQ_ENTRY(NvmeNamespace) entry;
NvmeIdNsZoned *id_ns_zoned;
diff --git a/hw/nvme/trace-events b/hw/nvme/trace-events
index ff6cafd520df..90730d802fe3 100644
--- a/hw/nvme/trace-events
+++ b/hw/nvme/trace-events
@@ -103,6 +103,7 @@ pci_nvme_set_descriptor_extension(uint64_t slba, uint32_t zone_idx) "set zone de
pci_nvme_zd_extension_set(uint32_t zone_idx) "set descriptor extension for zone_idx=%"PRIu32""
pci_nvme_clear_ns_close(uint32_t state, uint64_t slba) "zone state=%"PRIu32", slba=%"PRIu64" transitioned to Closed state"
pci_nvme_clear_ns_reset(uint32_t state, uint64_t slba) "zone state=%"PRIu32", slba=%"PRIu64" transitioned to Empty state"
+pci_nvme_zoned_zrwa_implicit_flush(uint64_t zslba, uint32_t nlb) "zslba 0x%"PRIx64" nlb %"PRIu32""
# error conditions
pci_nvme_err_mdts(size_t len) "len %zu"
diff --git a/include/block/nvme.h b/include/block/nvme.h
index e10ea6f0eb88..cd068ac89142 100644
--- a/include/block/nvme.h
+++ b/include/block/nvme.h
@@ -890,6 +890,8 @@ enum NvmeStatusCodes {
NVME_INVALID_PROT_INFO = 0x0181,
NVME_WRITE_TO_RO = 0x0182,
NVME_CMD_SIZE_LIMIT = 0x0183,
+ NVME_INVALID_ZONE_OP = 0x01b6,
+ NVME_NOZRWA = 0x01b7,
NVME_ZONE_BOUNDARY_ERROR = 0x01b8,
NVME_ZONE_FULL = 0x01b9,
NVME_ZONE_READ_ONLY = 0x01ba,
@@ -1345,7 +1347,12 @@ typedef struct QEMU_PACKED NvmeIdNsZoned {
uint32_t mor;
uint32_t rrl;
uint32_t frl;
- uint8_t rsvd20[2796];
+ uint8_t rsvd12[24];
+ uint32_t numzrwa;
+ uint16_t zrwafg;
+ uint16_t zrwas;
+ uint8_t zrwacap;
+ uint8_t rsvd53[2763];
NvmeLBAFE lbafe[16];
uint8_t rsvd3072[768];
uint8_t vs[256];
@@ -1353,6 +1360,11 @@ typedef struct QEMU_PACKED NvmeIdNsZoned {
enum NvmeIdNsZonedOzcs {
NVME_ID_NS_ZONED_OZCS_RAZB = 1 << 0,
+ NVME_ID_NS_ZONED_OZCS_ZRWASUP = 1 << 1,
+};
+
+enum NvmeIdNsZonedZrwacap {
+ NVME_ID_NS_ZONED_ZRWACAP_EXPFLUSHSUP = 1 << 0,
};
/*Deallocate Logical Block Features*/
@@ -1408,6 +1420,7 @@ enum NvmeZoneAttr {
NVME_ZA_FINISHED_BY_CTLR = 1 << 0,
NVME_ZA_FINISH_RECOMMENDED = 1 << 1,
NVME_ZA_RESET_RECOMMENDED = 1 << 2,
+ NVME_ZA_ZRWA_VALID = 1 << 3,
NVME_ZA_ZD_EXT_VALID = 1 << 7,
};
@@ -1460,10 +1473,12 @@ enum NvmeZoneSendAction {
NVME_ZONE_ACTION_RESET = 0x04,
NVME_ZONE_ACTION_OFFLINE = 0x05,
NVME_ZONE_ACTION_SET_ZD_EXT = 0x10,
+ NVME_ZONE_ACTION_ZRWA_FLUSH = 0x11,
};
enum {
NVME_ZSFLAG_SELECT_ALL = 1 << 0,
+ NVME_ZSFLAG_ZRWA_ALLOC = 1 << 1,
};
typedef struct QEMU_PACKED NvmeZoneDescr {
--
2.35.1
^ permalink raw reply related [flat|nested] 17+ messages in thread
* Re: [PULL 0/6] hw/nvme updates
2022-02-14 8:07 [PULL 0/6] hw/nvme updates Klaus Jensen
` (5 preceding siblings ...)
2022-02-14 8:08 ` [PULL 6/6] hw/nvme: add support for zoned random write area Klaus Jensen
@ 2022-02-15 19:30 ` Peter Maydell
6 siblings, 0 replies; 17+ messages in thread
From: Peter Maydell @ 2022-02-15 19:30 UTC (permalink / raw)
To: Klaus Jensen
Cc: Fam Zheng, Kevin Wolf, qemu-block, Klaus Jensen, qemu-devel,
Philippe Mathieu-Daudé, Hanna Reitz, Stefan Hajnoczi,
Keith Busch
On Mon, 14 Feb 2022 at 08:08, Klaus Jensen <its@irrelevant.dk> wrote:
>
> From: Klaus Jensen <k.jensen@samsung.com>
>
> Hi Peter,
>
> The following changes since commit 48033ad678ae2def43bf0d543a2c4c3d2a93feaf:
>
> Merge remote-tracking branch 'remotes/vsementsov/tags/pull-nbd-2022-02-09-v2' into staging (2022-02-12 22:04:07 +0000)
>
> are available in the Git repository at:
>
> git://git.infradead.org/qemu-nvme.git tags/nvme-next-pull-request
>
> for you to fetch changes up to e321b4cdc2dd0b5e806ecf759138be7f83774142:
>
> hw/nvme: add support for zoned random write area (2022-02-14 08:58:29 +0100)
>
> ----------------------------------------------------------------
> hw/nvme updates
>
> - fix CVE-2021-3929
> - add zone random write area support
> - misc cleanups from Philippe
>
Applied, thanks.
Please update the changelog at https://wiki.qemu.org/ChangeLog/7.0
for any user-visible changes.
-- PMM
^ permalink raw reply [flat|nested] 17+ messages in thread
* [PULL 0/6] hw/nvme updates
@ 2022-03-04 6:24 Klaus Jensen
2022-03-04 16:47 ` Peter Maydell
0 siblings, 1 reply; 17+ messages in thread
From: Klaus Jensen @ 2022-03-04 6:24 UTC (permalink / raw)
To: qemu-devel, Peter Maydell
Cc: Kevin Wolf, Fam Zheng, qemu-block, Klaus Jensen,
Philippe Mathieu-Daudé, Klaus Jensen, Hanna Reitz,
Stefan Hajnoczi, Keith Busch
From: Klaus Jensen <k.jensen@samsung.com>
Hi Peter,
Last round of hw/nvme updates for v7.0.
The following changes since commit 64ada298b98a51eb2512607f6e6180cb330c47b1:
Merge remote-tracking branch 'remotes/legoater/tags/pull-ppc-20220302' into staging (2022-03-02 12:38:46 +0000)
are available in the Git repository at:
git://git.infradead.org/qemu-nvme.git tags/nvme-next-pull-request
for you to fetch changes up to 44219b6029fc52d5e967a963be91a9cf33f9f185:
hw/nvme: 64-bit pi support (2022-03-03 09:30:21 +0100)
----------------------------------------------------------------
hw/nvme updates
- add enhanced protection information (64-bit guard)
----------------------------------------------------------------
Klaus Jensen (3):
hw/nvme: move dif/pi prototypes into dif.h
hw/nvme: move format parameter parsing
hw/nvme: add pi tuple size helper
Naveen Nagar (3):
hw/nvme: add host behavior support feature
hw/nvme: add support for the lbafee hbs feature
hw/nvme: 64-bit pi support
hw/nvme/ctrl.c | 235 +++++++++++++++++++++------
hw/nvme/dif.c | 378 +++++++++++++++++++++++++++++++++----------
hw/nvme/dif.h | 191 ++++++++++++++++++++++
hw/nvme/ns.c | 50 ++++--
hw/nvme/nvme.h | 58 +------
hw/nvme/trace-events | 12 +-
include/block/nvme.h | 81 ++++++++--
7 files changed, 793 insertions(+), 212 deletions(-)
create mode 100644 hw/nvme/dif.h
--
2.35.1
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PULL 0/6] hw/nvme updates
2022-03-04 6:24 Klaus Jensen
@ 2022-03-04 16:47 ` Peter Maydell
0 siblings, 0 replies; 17+ messages in thread
From: Peter Maydell @ 2022-03-04 16:47 UTC (permalink / raw)
To: Klaus Jensen
Cc: Kevin Wolf, Fam Zheng, qemu-block, Klaus Jensen, qemu-devel,
Philippe Mathieu-Daudé, Hanna Reitz, Stefan Hajnoczi,
Keith Busch
On Fri, 4 Mar 2022 at 06:24, Klaus Jensen <its@irrelevant.dk> wrote:
>
> From: Klaus Jensen <k.jensen@samsung.com>
>
> Hi Peter,
>
> Last round of hw/nvme updates for v7.0.
>
> The following changes since commit 64ada298b98a51eb2512607f6e6180cb330c47b1:
>
> Merge remote-tracking branch 'remotes/legoater/tags/pull-ppc-20220302' into staging (2022-03-02 12:38:46 +0000)
>
> are available in the Git repository at:
>
> git://git.infradead.org/qemu-nvme.git tags/nvme-next-pull-request
>
> for you to fetch changes up to 44219b6029fc52d5e967a963be91a9cf33f9f185:
>
> hw/nvme: 64-bit pi support (2022-03-03 09:30:21 +0100)
>
> ----------------------------------------------------------------
> hw/nvme updates
>
> - add enhanced protection information (64-bit guard)
>
> ----------------------------------------------------------------
Applied, thanks.
Please update the changelog at https://wiki.qemu.org/ChangeLog/7.0
for any user-visible changes.
-- PMM
^ permalink raw reply [flat|nested] 17+ messages in thread
* [PULL 0/6] hw/nvme updates
@ 2022-07-15 8:43 Klaus Jensen
2022-07-15 19:09 ` Peter Maydell
0 siblings, 1 reply; 17+ messages in thread
From: Klaus Jensen @ 2022-07-15 8:43 UTC (permalink / raw)
To: Peter Maydell, qemu-devel
Cc: Hanna Reitz, Fam Zheng, Klaus Jensen, Kevin Wolf, Keith Busch,
Philippe Mathieu-Daudé, qemu-block, Stefan Hajnoczi,
Klaus Jensen
From: Klaus Jensen <k.jensen@samsung.com>
Hi,
The following changes since commit 8482ab545e52f50facacfe1118b22b97462724ab:
Merge tag 'qga-win32-pull-2022-07-13' of github.com:kostyanf14/qemu into staging (2022-07-14 14:52:16 +0100)
are available in the Git repository at:
git://git.infradead.org/qemu-nvme.git tags/nvme-next-pull-request
for you to fetch changes up to 2e53b0b450246044efd27418c5d05ad6919deb87:
hw/nvme: Use ioeventfd to handle doorbell updates (2022-07-15 10:40:33 +0200)
----------------------------------------------------------------
hw/nvme updates
performance improvements by Jinhao
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* shadow doorbells
* ioeventfd
plus some misc fixes (Darren, Niklas).
----------------------------------------------------------------
Darren Kenny (1):
nvme: Fix misleading macro when mixed with ternary operator
Jinhao Fan (3):
hw/nvme: Implement shadow doorbell buffer support
hw/nvme: Add trace events for shadow doorbell buffer
hw/nvme: Use ioeventfd to handle doorbell updates
Niklas Cassel (2):
hw/nvme: fix example serial in documentation
hw/nvme: force nvme-ns param 'shared' to false if no nvme-subsys node
docs/system/devices/nvme.rst | 4 +-
hw/nvme/ctrl.c | 233 ++++++++++++++++++++++++++++++++++-
hw/nvme/ns.c | 2 +
hw/nvme/nvme.h | 13 ++
hw/nvme/trace-events | 5 +
include/block/nvme.h | 46 +++----
6 files changed, 277 insertions(+), 26 deletions(-)
--
2.36.1
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PULL 0/6] hw/nvme updates
2022-07-15 8:43 Klaus Jensen
@ 2022-07-15 19:09 ` Peter Maydell
0 siblings, 0 replies; 17+ messages in thread
From: Peter Maydell @ 2022-07-15 19:09 UTC (permalink / raw)
To: Klaus Jensen
Cc: qemu-devel, Hanna Reitz, Fam Zheng, Kevin Wolf, Keith Busch,
Philippe Mathieu-Daudé, qemu-block, Stefan Hajnoczi,
Klaus Jensen
On Fri, 15 Jul 2022 at 09:43, Klaus Jensen <its@irrelevant.dk> wrote:
>
> From: Klaus Jensen <k.jensen@samsung.com>
>
> Hi,
>
> The following changes since commit 8482ab545e52f50facacfe1118b22b97462724ab:
>
> Merge tag 'qga-win32-pull-2022-07-13' of github.com:kostyanf14/qemu into staging (2022-07-14 14:52:16 +0100)
>
> are available in the Git repository at:
>
> git://git.infradead.org/qemu-nvme.git tags/nvme-next-pull-request
>
> for you to fetch changes up to 2e53b0b450246044efd27418c5d05ad6919deb87:
>
> hw/nvme: Use ioeventfd to handle doorbell updates (2022-07-15 10:40:33 +0200)
>
> ----------------------------------------------------------------
> hw/nvme updates
>
> performance improvements by Jinhao
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> * shadow doorbells
> * ioeventfd
>
> plus some misc fixes (Darren, Niklas).
>
Applied, thanks.
Please update the changelog at https://wiki.qemu.org/ChangeLog/7.1
for any user-visible changes.
-- PMM
^ permalink raw reply [flat|nested] 17+ messages in thread
* [PULL 0/6] hw/nvme updates
@ 2023-01-11 7:52 Klaus Jensen
2023-01-12 13:51 ` Peter Maydell
0 siblings, 1 reply; 17+ messages in thread
From: Klaus Jensen @ 2023-01-11 7:52 UTC (permalink / raw)
To: qemu-devel, Peter Maydell
Cc: Klaus Jensen, qemu-block, Keith Busch, Klaus Jensen
From: Klaus Jensen <k.jensen@samsung.com>
Hi Peter,
The following changes since commit 528d9f33cad5245c1099d77084c78bb2244d5143:
Merge tag 'pull-tcg-20230106' of https://gitlab.com/rth7680/qemu into staging (2023-01-08 11:23:17 +0000)
are available in the Git repository at:
https://gitlab.com/birkelund/qemu.git tags/nvme-next-pull-request
for you to fetch changes up to 973f76cf7743545a5d8a0a8bfdfe2cd02aa3e238:
hw/nvme: cleanup error reporting in nvme_init_pci() (2023-01-11 08:41:19 +0100)
----------------------------------------------------------------
hw/nvme updates
----------------------------------------------------------------
Klaus Jensen (6):
hw/nvme: use QOM accessors
hw/nvme: rename shadow doorbell related trace events
hw/nvme: fix missing endian conversions for doorbell buffers
hw/nvme: fix missing cq eventidx update
hw/nvme: clean up confusing use of errp/local_err
hw/nvme: cleanup error reporting in nvme_init_pci()
hw/nvme/ctrl.c | 194 ++++++++++++++++++++++++-------------------
hw/nvme/trace-events | 8 +-
2 files changed, 113 insertions(+), 89 deletions(-)
--
2.39.0
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PULL 0/6] hw/nvme updates
2023-01-11 7:52 Klaus Jensen
@ 2023-01-12 13:51 ` Peter Maydell
0 siblings, 0 replies; 17+ messages in thread
From: Peter Maydell @ 2023-01-12 13:51 UTC (permalink / raw)
To: Klaus Jensen; +Cc: qemu-devel, qemu-block, Keith Busch, Klaus Jensen
On Wed, 11 Jan 2023 at 07:52, Klaus Jensen <its@irrelevant.dk> wrote:
>
> From: Klaus Jensen <k.jensen@samsung.com>
>
> Hi Peter,
>
> The following changes since commit 528d9f33cad5245c1099d77084c78bb2244d5143:
>
> Merge tag 'pull-tcg-20230106' of https://gitlab.com/rth7680/qemu into staging (2023-01-08 11:23:17 +0000)
>
> are available in the Git repository at:
>
> https://gitlab.com/birkelund/qemu.git tags/nvme-next-pull-request
>
> for you to fetch changes up to 973f76cf7743545a5d8a0a8bfdfe2cd02aa3e238:
>
> hw/nvme: cleanup error reporting in nvme_init_pci() (2023-01-11 08:41:19 +0100)
>
> ----------------------------------------------------------------
> hw/nvme updates
>
> ----------------------------------------------------------------
Applied, thanks.
Please update the changelog at https://wiki.qemu.org/ChangeLog/8.0
for any user-visible changes.
-- PMM
^ permalink raw reply [flat|nested] 17+ messages in thread
* [PULL 0/6] hw/nvme updates
@ 2024-03-11 19:11 Klaus Jensen
2024-03-12 11:34 ` Peter Maydell
0 siblings, 1 reply; 17+ messages in thread
From: Klaus Jensen @ 2024-03-11 19:11 UTC (permalink / raw)
To: Peter Maydell, qemu-devel
Cc: Philippe Mathieu-Daudé, qemu-block, Klaus Jensen,
Jesper Devantier, Yanan Wang, Marcel Apfelbaum, Eduardo Habkost,
Keith Busch, Klaus Jensen
From: Klaus Jensen <k.jensen@samsung.com>
Hi,
The following changes since commit 7489f7f3f81dcb776df8c1b9a9db281fc21bf05f:
Merge tag 'hw-misc-20240309' of https://github.com/philmd/qemu into staging (2024-03-09 20:12:21 +0000)
are available in the Git repository at:
https://gitlab.com/birkelund/qemu.git tags/nvme-next-pull-request
for you to fetch changes up to a1505d799232939bf90c1b3e1fc20e81cd398404:
hw/nvme: add machine compatibility parameter to enable msix exclusive bar (2024-03-11 20:07:41 +0100)
----------------------------------------------------------------
hw/nvme updates
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEUigzqnXi3OaiR2bATeGvMW1PDekFAmXvVsYACgkQTeGvMW1P
DemWtwf9HU3cjtvCp8AeHGoPFTwp8/Vx3cQlQ6ilADKSDm44up2+M504xE/Mdviv
6y3PTPe1yiEpg/MbjWTX/df5lo+VdNoCuCyjph9mea0s1QAjCfVpl+KLMUVF/Oj5
y1Iz9PQqOVDJ3O4xlgmPTfd8NXE/frNJaiXAjFuBxF2+4lilD5kMxpyu7DXbLiy2
Szd1I3DhFAEOLEbrSSRDI3Fpy0KBdRzdKuUfmRdrHzbmhzHJefW7wnZ3aAiDboaD
Ny7y/aovmjGymMp9GrBKWhUFPfSUtJ8l8j4Z7acQs+VDxg8lcAHCJKOyqCBTspUL
PSnDe6E/CRyjrG2fUVXTLb6YW1eibQ==
=Ld7a
-----END PGP SIGNATURE-----
----------------------------------------------------------------
Klaus Jensen (4):
hw/nvme: fix invalid check on mcl
MAINTAINERS: add Jesper as reviewer on hw/nvme
hw/nvme: generalize the mbar size helper
hw/nvme: add machine compatibility parameter to enable msix exclusive
bar
Minwoo Im (1):
hw/nvme: separate 'serial' property for VFs
Roque Arcudia Hernandez (1):
hw/nvme: Add NVMe NGUID property
MAINTAINERS | 1 +
docs/system/devices/nvme.rst | 7 ++
hw/core/machine.c | 1 +
hw/nvme/ctrl.c | 95 +++++++++++++-----
hw/nvme/meson.build | 2 +-
hw/nvme/nguid.c | 187 +++++++++++++++++++++++++++++++++++
hw/nvme/ns.c | 2 +
hw/nvme/nvme.h | 27 +++--
8 files changed, 288 insertions(+), 34 deletions(-)
create mode 100644 hw/nvme/nguid.c
--
2.44.0
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PULL 0/6] hw/nvme updates
2024-03-11 19:11 Klaus Jensen
@ 2024-03-12 11:34 ` Peter Maydell
2024-03-12 11:59 ` Klaus Jensen
0 siblings, 1 reply; 17+ messages in thread
From: Peter Maydell @ 2024-03-12 11:34 UTC (permalink / raw)
To: Klaus Jensen
Cc: qemu-devel, Philippe Mathieu-Daudé, qemu-block,
Jesper Devantier, Yanan Wang, Marcel Apfelbaum, Eduardo Habkost,
Keith Busch, Klaus Jensen
On Mon, 11 Mar 2024 at 19:11, Klaus Jensen <its@irrelevant.dk> wrote:
>
> From: Klaus Jensen <k.jensen@samsung.com>
>
> Hi,
>
> The following changes since commit 7489f7f3f81dcb776df8c1b9a9db281fc21bf05f:
>
> Merge tag 'hw-misc-20240309' of https://github.com/philmd/qemu into staging (2024-03-09 20:12:21 +0000)
>
> are available in the Git repository at:
>
> https://gitlab.com/birkelund/qemu.git tags/nvme-next-pull-request
>
> for you to fetch changes up to a1505d799232939bf90c1b3e1fc20e81cd398404:
>
> hw/nvme: add machine compatibility parameter to enable msix exclusive bar (2024-03-11 20:07:41 +0100)
>
> ----------------------------------------------------------------
> hw/nvme updates
> -----BEGIN PGP SIGNATURE-----
>
> iQEzBAABCgAdFiEEUigzqnXi3OaiR2bATeGvMW1PDekFAmXvVsYACgkQTeGvMW1P
> DemWtwf9HU3cjtvCp8AeHGoPFTwp8/Vx3cQlQ6ilADKSDm44up2+M504xE/Mdviv
> 6y3PTPe1yiEpg/MbjWTX/df5lo+VdNoCuCyjph9mea0s1QAjCfVpl+KLMUVF/Oj5
> y1Iz9PQqOVDJ3O4xlgmPTfd8NXE/frNJaiXAjFuBxF2+4lilD5kMxpyu7DXbLiy2
> Szd1I3DhFAEOLEbrSSRDI3Fpy0KBdRzdKuUfmRdrHzbmhzHJefW7wnZ3aAiDboaD
> Ny7y/aovmjGymMp9GrBKWhUFPfSUtJ8l8j4Z7acQs+VDxg8lcAHCJKOyqCBTspUL
> PSnDe6E/CRyjrG2fUVXTLb6YW1eibQ==
> =Ld7a
> -----END PGP SIGNATURE-----
Hi; I'm afraid this fails to build for some jobs, eg
https://gitlab.com/qemu-project/qemu/-/jobs/6373091994
https://gitlab.com/qemu-project/qemu/-/jobs/6373091978
https://gitlab.com/qemu-project/qemu/-/jobs/6373091975
../hw/nvme/ctrl.c: In function ‘nvme_realize’:
../hw/nvme/ctrl.c:8146:15: error: ‘msix_pba_offset’ may be used
uninitialized in this function [-Werror=maybe-uninitialized]
8146 | ret = msix_init(pci_dev, n->params.msix_qsize,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
8147 | &n->bar0, 0, msix_table_offset,
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
8148 | &n->bar0, 0, msix_pba_offset, 0, errp);
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../hw/nvme/ctrl.c:8099:33: note: ‘msix_pba_offset’ was declared here
8099 | unsigned msix_table_offset, msix_pba_offset;
| ^~~~~~~~~~~~~~~
../hw/nvme/ctrl.c:8135:9: error: ‘msix_table_offset’ may be used
uninitialized in this function [-Werror=maybe-uninitialized]
8135 | memory_region_init_io(&n->iomem, OBJECT(n), &nvme_mmio_ops, n, "nvme",
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
8136 | msix_table_offset);
| ~~~~~~~~~~~~~~~~~~
../hw/nvme/ctrl.c:8099:14: note: ‘msix_table_offset’ was declared here
8099 | unsigned msix_table_offset, msix_pba_offset;
| ^~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
I think this is because the compiler notices that nvme_mbar_size() has
an early-exit code path which never initializes *msix_table_offset
and *msix-pba_offset.
thanks
-- PMM
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PULL 0/6] hw/nvme updates
2024-03-12 11:34 ` Peter Maydell
@ 2024-03-12 11:59 ` Klaus Jensen
0 siblings, 0 replies; 17+ messages in thread
From: Klaus Jensen @ 2024-03-12 11:59 UTC (permalink / raw)
To: Peter Maydell
Cc: qemu-devel, Philippe Mathieu-Daudé, qemu-block,
Jesper Devantier, Yanan Wang, Marcel Apfelbaum, Eduardo Habkost,
Keith Busch, Klaus Jensen
[-- Attachment #1: Type: text/plain, Size: 3002 bytes --]
On Mar 12 11:34, Peter Maydell wrote:
> On Mon, 11 Mar 2024 at 19:11, Klaus Jensen <its@irrelevant.dk> wrote:
> >
> > From: Klaus Jensen <k.jensen@samsung.com>
> >
> > Hi,
> >
> > The following changes since commit 7489f7f3f81dcb776df8c1b9a9db281fc21bf05f:
> >
> > Merge tag 'hw-misc-20240309' of https://github.com/philmd/qemu into staging (2024-03-09 20:12:21 +0000)
> >
> > are available in the Git repository at:
> >
> > https://gitlab.com/birkelund/qemu.git tags/nvme-next-pull-request
> >
> > for you to fetch changes up to a1505d799232939bf90c1b3e1fc20e81cd398404:
> >
> > hw/nvme: add machine compatibility parameter to enable msix exclusive bar (2024-03-11 20:07:41 +0100)
> >
> > ----------------------------------------------------------------
> > hw/nvme updates
> > -----BEGIN PGP SIGNATURE-----
> >
> > iQEzBAABCgAdFiEEUigzqnXi3OaiR2bATeGvMW1PDekFAmXvVsYACgkQTeGvMW1P
> > DemWtwf9HU3cjtvCp8AeHGoPFTwp8/Vx3cQlQ6ilADKSDm44up2+M504xE/Mdviv
> > 6y3PTPe1yiEpg/MbjWTX/df5lo+VdNoCuCyjph9mea0s1QAjCfVpl+KLMUVF/Oj5
> > y1Iz9PQqOVDJ3O4xlgmPTfd8NXE/frNJaiXAjFuBxF2+4lilD5kMxpyu7DXbLiy2
> > Szd1I3DhFAEOLEbrSSRDI3Fpy0KBdRzdKuUfmRdrHzbmhzHJefW7wnZ3aAiDboaD
> > Ny7y/aovmjGymMp9GrBKWhUFPfSUtJ8l8j4Z7acQs+VDxg8lcAHCJKOyqCBTspUL
> > PSnDe6E/CRyjrG2fUVXTLb6YW1eibQ==
> > =Ld7a
> > -----END PGP SIGNATURE-----
>
> Hi; I'm afraid this fails to build for some jobs, eg
> https://gitlab.com/qemu-project/qemu/-/jobs/6373091994
> https://gitlab.com/qemu-project/qemu/-/jobs/6373091978
> https://gitlab.com/qemu-project/qemu/-/jobs/6373091975
>
> ../hw/nvme/ctrl.c: In function ‘nvme_realize’:
> ../hw/nvme/ctrl.c:8146:15: error: ‘msix_pba_offset’ may be used
> uninitialized in this function [-Werror=maybe-uninitialized]
> 8146 | ret = msix_init(pci_dev, n->params.msix_qsize,
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 8147 | &n->bar0, 0, msix_table_offset,
> | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 8148 | &n->bar0, 0, msix_pba_offset, 0, errp);
> | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> ../hw/nvme/ctrl.c:8099:33: note: ‘msix_pba_offset’ was declared here
> 8099 | unsigned msix_table_offset, msix_pba_offset;
> | ^~~~~~~~~~~~~~~
> ../hw/nvme/ctrl.c:8135:9: error: ‘msix_table_offset’ may be used
> uninitialized in this function [-Werror=maybe-uninitialized]
> 8135 | memory_region_init_io(&n->iomem, OBJECT(n), &nvme_mmio_ops, n, "nvme",
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 8136 | msix_table_offset);
> | ~~~~~~~~~~~~~~~~~~
> ../hw/nvme/ctrl.c:8099:14: note: ‘msix_table_offset’ was declared here
> 8099 | unsigned msix_table_offset, msix_pba_offset;
> | ^~~~~~~~~~~~~~~~~
> cc1: all warnings being treated as errors
>
>
> I think this is because the compiler notices that nvme_mbar_size() has
> an early-exit code path which never initializes *msix_table_offset
> and *msix-pba_offset.
>
Crap, yeah. I'll fix it up. Thanks!
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
^ permalink raw reply [flat|nested] 17+ messages in thread
end of thread, other threads:[~2024-03-12 12:00 UTC | newest]
Thread overview: 17+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-02-14 8:07 [PULL 0/6] hw/nvme updates Klaus Jensen
2022-02-14 8:07 ` [PULL 1/6] hw/nvme: fix CVE-2021-3929 Klaus Jensen
2022-02-14 8:07 ` [PULL 2/6] hw/nvme/ctrl: Have nvme_addr_write() take const buffer Klaus Jensen
2022-02-14 8:07 ` [PULL 3/6] hw/nvme/ctrl: Pass buffers as 'void *' types Klaus Jensen
2022-02-14 8:07 ` [PULL 4/6] hw/nvme: add struct for zone management send Klaus Jensen
2022-02-14 8:08 ` [PULL 5/6] hw/nvme: add ozcs enum Klaus Jensen
2022-02-14 8:08 ` [PULL 6/6] hw/nvme: add support for zoned random write area Klaus Jensen
2022-02-15 19:30 ` [PULL 0/6] hw/nvme updates Peter Maydell
-- strict thread matches above, loose matches on Subject: below --
2022-03-04 6:24 Klaus Jensen
2022-03-04 16:47 ` Peter Maydell
2022-07-15 8:43 Klaus Jensen
2022-07-15 19:09 ` Peter Maydell
2023-01-11 7:52 Klaus Jensen
2023-01-12 13:51 ` Peter Maydell
2024-03-11 19:11 Klaus Jensen
2024-03-12 11:34 ` Peter Maydell
2024-03-12 11:59 ` Klaus Jensen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).