From: "Philippe Mathieu-Daudé" <philmd@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Kevin Wolf" <kwolf@redhat.com>,
"Daniel P. Berrangé" <berrange@redhat.com>,
"Eduardo Habkost" <ehabkost@redhat.com>,
"Ben Warren" <ben@skyportsystems.com>,
"Michael S. Tsirkin" <mst@redhat.com>,
"Ronnie Sahlberg" <ronniesahlberg@gmail.com>,
"Peter Lieven" <pl@kamp.de>,
"Dr. David Alan Gilbert" <dgilbert@redhat.com>,
"Max Reitz" <mreitz@redhat.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Igor Mammedov" <imammedo@redhat.com>,
qemu-block@nongnu.org, "Markus Armbruster" <armbru@redhat.com>,
"Richard Henderson" <rth@twiddle.net>
Subject: Re: [PATCH v2 7/8] qapi/misc: Restrict PCI commands to machine code
Date: Mon, 25 May 2020 16:12:14 +0200 [thread overview]
Message-ID: <2b9b397c-024e-45b5-f8b6-d78064a96f26@redhat.com> (raw)
In-Reply-To: <20200316000348.29692-8-philmd@redhat.com>
ping?
On 3/16/20 1:03 AM, Philippe Mathieu-Daudé wrote:
> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
> ---
> qapi/machine.json | 304 ++++++++++++++++++++++++++++++++++++++++++++++
> qapi/misc.json | 304 ----------------------------------------------
> hw/pci/pci-stub.c | 2 +-
> hw/pci/pci.c | 2 +-
> 4 files changed, 306 insertions(+), 306 deletions(-)
>
> diff --git a/qapi/machine.json b/qapi/machine.json
> index f77ee63730..33b259dbd0 100644
> --- a/qapi/machine.json
> +++ b/qapi/machine.json
> @@ -1172,3 +1172,307 @@
> ##
> { 'event': 'ACPI_DEVICE_OST',
> 'data': { 'info': 'ACPIOSTInfo' } }
> +
> +##
> +# @PciMemoryRange:
> +#
> +# A PCI device memory region
> +#
> +# @base: the starting address (guest physical)
> +#
> +# @limit: the ending address (guest physical)
> +#
> +# Since: 0.14.0
> +##
> +{ 'struct': 'PciMemoryRange', 'data': {'base': 'int', 'limit': 'int'} }
> +
> +##
> +# @PciMemoryRegion:
> +#
> +# Information about a PCI device I/O region.
> +#
> +# @bar: the index of the Base Address Register for this region
> +#
> +# @type: - 'io' if the region is a PIO region
> +# - 'memory' if the region is a MMIO region
> +#
> +# @size: memory size
> +#
> +# @prefetch: if @type is 'memory', true if the memory is prefetchable
> +#
> +# @mem_type_64: if @type is 'memory', true if the BAR is 64-bit
> +#
> +# Since: 0.14.0
> +##
> +{ 'struct': 'PciMemoryRegion',
> + 'data': {'bar': 'int', 'type': 'str', 'address': 'int', 'size': 'int',
> + '*prefetch': 'bool', '*mem_type_64': 'bool' } }
> +
> +##
> +# @PciBusInfo:
> +#
> +# Information about a bus of a PCI Bridge device
> +#
> +# @number: primary bus interface number. This should be the number of the
> +# bus the device resides on.
> +#
> +# @secondary: secondary bus interface number. This is the number of the
> +# main bus for the bridge
> +#
> +# @subordinate: This is the highest number bus that resides below the
> +# bridge.
> +#
> +# @io_range: The PIO range for all devices on this bridge
> +#
> +# @memory_range: The MMIO range for all devices on this bridge
> +#
> +# @prefetchable_range: The range of prefetchable MMIO for all devices on
> +# this bridge
> +#
> +# Since: 2.4
> +##
> +{ 'struct': 'PciBusInfo',
> + 'data': {'number': 'int', 'secondary': 'int', 'subordinate': 'int',
> + 'io_range': 'PciMemoryRange',
> + 'memory_range': 'PciMemoryRange',
> + 'prefetchable_range': 'PciMemoryRange' } }
> +
> +##
> +# @PciBridgeInfo:
> +#
> +# Information about a PCI Bridge device
> +#
> +# @bus: information about the bus the device resides on
> +#
> +# @devices: a list of @PciDeviceInfo for each device on this bridge
> +#
> +# Since: 0.14.0
> +##
> +{ 'struct': 'PciBridgeInfo',
> + 'data': {'bus': 'PciBusInfo', '*devices': ['PciDeviceInfo']} }
> +
> +##
> +# @PciDeviceClass:
> +#
> +# Information about the Class of a PCI device
> +#
> +# @desc: a string description of the device's class
> +#
> +# @class: the class code of the device
> +#
> +# Since: 2.4
> +##
> +{ 'struct': 'PciDeviceClass',
> + 'data': {'*desc': 'str', 'class': 'int'} }
> +
> +##
> +# @PciDeviceId:
> +#
> +# Information about the Id of a PCI device
> +#
> +# @device: the PCI device id
> +#
> +# @vendor: the PCI vendor id
> +#
> +# @subsystem: the PCI subsystem id (since 3.1)
> +#
> +# @subsystem-vendor: the PCI subsystem vendor id (since 3.1)
> +#
> +# Since: 2.4
> +##
> +{ 'struct': 'PciDeviceId',
> + 'data': {'device': 'int', 'vendor': 'int', '*subsystem': 'int',
> + '*subsystem-vendor': 'int'} }
> +
> +##
> +# @PciDeviceInfo:
> +#
> +# Information about a PCI device
> +#
> +# @bus: the bus number of the device
> +#
> +# @slot: the slot the device is located in
> +#
> +# @function: the function of the slot used by the device
> +#
> +# @class_info: the class of the device
> +#
> +# @id: the PCI device id
> +#
> +# @irq: if an IRQ is assigned to the device, the IRQ number
> +#
> +# @qdev_id: the device name of the PCI device
> +#
> +# @pci_bridge: if the device is a PCI bridge, the bridge information
> +#
> +# @regions: a list of the PCI I/O regions associated with the device
> +#
> +# Notes: the contents of @class_info.desc are not stable and should only be
> +# treated as informational.
> +#
> +# Since: 0.14.0
> +##
> +{ 'struct': 'PciDeviceInfo',
> + 'data': {'bus': 'int', 'slot': 'int', 'function': 'int',
> + 'class_info': 'PciDeviceClass', 'id': 'PciDeviceId',
> + '*irq': 'int', 'qdev_id': 'str', '*pci_bridge': 'PciBridgeInfo',
> + 'regions': ['PciMemoryRegion']} }
> +
> +##
> +# @PciInfo:
> +#
> +# Information about a PCI bus
> +#
> +# @bus: the bus index
> +#
> +# @devices: a list of devices on this bus
> +#
> +# Since: 0.14.0
> +##
> +{ 'struct': 'PciInfo', 'data': {'bus': 'int', 'devices': ['PciDeviceInfo']} }
> +
> +##
> +# @query-pci:
> +#
> +# Return information about the PCI bus topology of the guest.
> +#
> +# Returns: a list of @PciInfo for each PCI bus. Each bus is
> +# represented by a json-object, which has a key with a json-array of
> +# all PCI devices attached to it. Each device is represented by a
> +# json-object.
> +#
> +# Since: 0.14.0
> +#
> +# Example:
> +#
> +# -> { "execute": "query-pci" }
> +# <- { "return": [
> +# {
> +# "bus": 0,
> +# "devices": [
> +# {
> +# "bus": 0,
> +# "qdev_id": "",
> +# "slot": 0,
> +# "class_info": {
> +# "class": 1536,
> +# "desc": "Host bridge"
> +# },
> +# "id": {
> +# "device": 32902,
> +# "vendor": 4663
> +# },
> +# "function": 0,
> +# "regions": [
> +# ]
> +# },
> +# {
> +# "bus": 0,
> +# "qdev_id": "",
> +# "slot": 1,
> +# "class_info": {
> +# "class": 1537,
> +# "desc": "ISA bridge"
> +# },
> +# "id": {
> +# "device": 32902,
> +# "vendor": 28672
> +# },
> +# "function": 0,
> +# "regions": [
> +# ]
> +# },
> +# {
> +# "bus": 0,
> +# "qdev_id": "",
> +# "slot": 1,
> +# "class_info": {
> +# "class": 257,
> +# "desc": "IDE controller"
> +# },
> +# "id": {
> +# "device": 32902,
> +# "vendor": 28688
> +# },
> +# "function": 1,
> +# "regions": [
> +# {
> +# "bar": 4,
> +# "size": 16,
> +# "address": 49152,
> +# "type": "io"
> +# }
> +# ]
> +# },
> +# {
> +# "bus": 0,
> +# "qdev_id": "",
> +# "slot": 2,
> +# "class_info": {
> +# "class": 768,
> +# "desc": "VGA controller"
> +# },
> +# "id": {
> +# "device": 4115,
> +# "vendor": 184
> +# },
> +# "function": 0,
> +# "regions": [
> +# {
> +# "prefetch": true,
> +# "mem_type_64": false,
> +# "bar": 0,
> +# "size": 33554432,
> +# "address": 4026531840,
> +# "type": "memory"
> +# },
> +# {
> +# "prefetch": false,
> +# "mem_type_64": false,
> +# "bar": 1,
> +# "size": 4096,
> +# "address": 4060086272,
> +# "type": "memory"
> +# },
> +# {
> +# "prefetch": false,
> +# "mem_type_64": false,
> +# "bar": 6,
> +# "size": 65536,
> +# "address": -1,
> +# "type": "memory"
> +# }
> +# ]
> +# },
> +# {
> +# "bus": 0,
> +# "qdev_id": "",
> +# "irq": 11,
> +# "slot": 4,
> +# "class_info": {
> +# "class": 1280,
> +# "desc": "RAM controller"
> +# },
> +# "id": {
> +# "device": 6900,
> +# "vendor": 4098
> +# },
> +# "function": 0,
> +# "regions": [
> +# {
> +# "bar": 0,
> +# "size": 32,
> +# "address": 49280,
> +# "type": "io"
> +# }
> +# ]
> +# }
> +# ]
> +# }
> +# ]
> +# }
> +#
> +# Note: This example has been shortened as the real response is too long.
> +#
> +##
> +{ 'command': 'query-pci', 'returns': ['PciInfo'] }
> diff --git a/qapi/misc.json b/qapi/misc.json
> index 3d9d7327fe..92b3926c6b 100644
> --- a/qapi/misc.json
> +++ b/qapi/misc.json
> @@ -156,310 +156,6 @@
> { 'command': 'query-iothreads', 'returns': ['IOThreadInfo'],
> 'allow-preconfig': true }
>
> -##
> -# @PciMemoryRange:
> -#
> -# A PCI device memory region
> -#
> -# @base: the starting address (guest physical)
> -#
> -# @limit: the ending address (guest physical)
> -#
> -# Since: 0.14.0
> -##
> -{ 'struct': 'PciMemoryRange', 'data': {'base': 'int', 'limit': 'int'} }
> -
> -##
> -# @PciMemoryRegion:
> -#
> -# Information about a PCI device I/O region.
> -#
> -# @bar: the index of the Base Address Register for this region
> -#
> -# @type: - 'io' if the region is a PIO region
> -# - 'memory' if the region is a MMIO region
> -#
> -# @size: memory size
> -#
> -# @prefetch: if @type is 'memory', true if the memory is prefetchable
> -#
> -# @mem_type_64: if @type is 'memory', true if the BAR is 64-bit
> -#
> -# Since: 0.14.0
> -##
> -{ 'struct': 'PciMemoryRegion',
> - 'data': {'bar': 'int', 'type': 'str', 'address': 'int', 'size': 'int',
> - '*prefetch': 'bool', '*mem_type_64': 'bool' } }
> -
> -##
> -# @PciBusInfo:
> -#
> -# Information about a bus of a PCI Bridge device
> -#
> -# @number: primary bus interface number. This should be the number of the
> -# bus the device resides on.
> -#
> -# @secondary: secondary bus interface number. This is the number of the
> -# main bus for the bridge
> -#
> -# @subordinate: This is the highest number bus that resides below the
> -# bridge.
> -#
> -# @io_range: The PIO range for all devices on this bridge
> -#
> -# @memory_range: The MMIO range for all devices on this bridge
> -#
> -# @prefetchable_range: The range of prefetchable MMIO for all devices on
> -# this bridge
> -#
> -# Since: 2.4
> -##
> -{ 'struct': 'PciBusInfo',
> - 'data': {'number': 'int', 'secondary': 'int', 'subordinate': 'int',
> - 'io_range': 'PciMemoryRange',
> - 'memory_range': 'PciMemoryRange',
> - 'prefetchable_range': 'PciMemoryRange' } }
> -
> -##
> -# @PciBridgeInfo:
> -#
> -# Information about a PCI Bridge device
> -#
> -# @bus: information about the bus the device resides on
> -#
> -# @devices: a list of @PciDeviceInfo for each device on this bridge
> -#
> -# Since: 0.14.0
> -##
> -{ 'struct': 'PciBridgeInfo',
> - 'data': {'bus': 'PciBusInfo', '*devices': ['PciDeviceInfo']} }
> -
> -##
> -# @PciDeviceClass:
> -#
> -# Information about the Class of a PCI device
> -#
> -# @desc: a string description of the device's class
> -#
> -# @class: the class code of the device
> -#
> -# Since: 2.4
> -##
> -{ 'struct': 'PciDeviceClass',
> - 'data': {'*desc': 'str', 'class': 'int'} }
> -
> -##
> -# @PciDeviceId:
> -#
> -# Information about the Id of a PCI device
> -#
> -# @device: the PCI device id
> -#
> -# @vendor: the PCI vendor id
> -#
> -# @subsystem: the PCI subsystem id (since 3.1)
> -#
> -# @subsystem-vendor: the PCI subsystem vendor id (since 3.1)
> -#
> -# Since: 2.4
> -##
> -{ 'struct': 'PciDeviceId',
> - 'data': {'device': 'int', 'vendor': 'int', '*subsystem': 'int',
> - '*subsystem-vendor': 'int'} }
> -
> -##
> -# @PciDeviceInfo:
> -#
> -# Information about a PCI device
> -#
> -# @bus: the bus number of the device
> -#
> -# @slot: the slot the device is located in
> -#
> -# @function: the function of the slot used by the device
> -#
> -# @class_info: the class of the device
> -#
> -# @id: the PCI device id
> -#
> -# @irq: if an IRQ is assigned to the device, the IRQ number
> -#
> -# @qdev_id: the device name of the PCI device
> -#
> -# @pci_bridge: if the device is a PCI bridge, the bridge information
> -#
> -# @regions: a list of the PCI I/O regions associated with the device
> -#
> -# Notes: the contents of @class_info.desc are not stable and should only be
> -# treated as informational.
> -#
> -# Since: 0.14.0
> -##
> -{ 'struct': 'PciDeviceInfo',
> - 'data': {'bus': 'int', 'slot': 'int', 'function': 'int',
> - 'class_info': 'PciDeviceClass', 'id': 'PciDeviceId',
> - '*irq': 'int', 'qdev_id': 'str', '*pci_bridge': 'PciBridgeInfo',
> - 'regions': ['PciMemoryRegion']} }
> -
> -##
> -# @PciInfo:
> -#
> -# Information about a PCI bus
> -#
> -# @bus: the bus index
> -#
> -# @devices: a list of devices on this bus
> -#
> -# Since: 0.14.0
> -##
> -{ 'struct': 'PciInfo', 'data': {'bus': 'int', 'devices': ['PciDeviceInfo']} }
> -
> -##
> -# @query-pci:
> -#
> -# Return information about the PCI bus topology of the guest.
> -#
> -# Returns: a list of @PciInfo for each PCI bus. Each bus is
> -# represented by a json-object, which has a key with a json-array of
> -# all PCI devices attached to it. Each device is represented by a
> -# json-object.
> -#
> -# Since: 0.14.0
> -#
> -# Example:
> -#
> -# -> { "execute": "query-pci" }
> -# <- { "return": [
> -# {
> -# "bus": 0,
> -# "devices": [
> -# {
> -# "bus": 0,
> -# "qdev_id": "",
> -# "slot": 0,
> -# "class_info": {
> -# "class": 1536,
> -# "desc": "Host bridge"
> -# },
> -# "id": {
> -# "device": 32902,
> -# "vendor": 4663
> -# },
> -# "function": 0,
> -# "regions": [
> -# ]
> -# },
> -# {
> -# "bus": 0,
> -# "qdev_id": "",
> -# "slot": 1,
> -# "class_info": {
> -# "class": 1537,
> -# "desc": "ISA bridge"
> -# },
> -# "id": {
> -# "device": 32902,
> -# "vendor": 28672
> -# },
> -# "function": 0,
> -# "regions": [
> -# ]
> -# },
> -# {
> -# "bus": 0,
> -# "qdev_id": "",
> -# "slot": 1,
> -# "class_info": {
> -# "class": 257,
> -# "desc": "IDE controller"
> -# },
> -# "id": {
> -# "device": 32902,
> -# "vendor": 28688
> -# },
> -# "function": 1,
> -# "regions": [
> -# {
> -# "bar": 4,
> -# "size": 16,
> -# "address": 49152,
> -# "type": "io"
> -# }
> -# ]
> -# },
> -# {
> -# "bus": 0,
> -# "qdev_id": "",
> -# "slot": 2,
> -# "class_info": {
> -# "class": 768,
> -# "desc": "VGA controller"
> -# },
> -# "id": {
> -# "device": 4115,
> -# "vendor": 184
> -# },
> -# "function": 0,
> -# "regions": [
> -# {
> -# "prefetch": true,
> -# "mem_type_64": false,
> -# "bar": 0,
> -# "size": 33554432,
> -# "address": 4026531840,
> -# "type": "memory"
> -# },
> -# {
> -# "prefetch": false,
> -# "mem_type_64": false,
> -# "bar": 1,
> -# "size": 4096,
> -# "address": 4060086272,
> -# "type": "memory"
> -# },
> -# {
> -# "prefetch": false,
> -# "mem_type_64": false,
> -# "bar": 6,
> -# "size": 65536,
> -# "address": -1,
> -# "type": "memory"
> -# }
> -# ]
> -# },
> -# {
> -# "bus": 0,
> -# "qdev_id": "",
> -# "irq": 11,
> -# "slot": 4,
> -# "class_info": {
> -# "class": 1280,
> -# "desc": "RAM controller"
> -# },
> -# "id": {
> -# "device": 6900,
> -# "vendor": 4098
> -# },
> -# "function": 0,
> -# "regions": [
> -# {
> -# "bar": 0,
> -# "size": 32,
> -# "address": 49280,
> -# "type": "io"
> -# }
> -# ]
> -# }
> -# ]
> -# }
> -# ]
> -# }
> -#
> -# Note: This example has been shortened as the real response is too long.
> -#
> -##
> -{ 'command': 'query-pci', 'returns': ['PciInfo'] }
> -
> ##
> # @stop:
> #
> diff --git a/hw/pci/pci-stub.c b/hw/pci/pci-stub.c
> index cc2a2e1f73..b50c7ca590 100644
> --- a/hw/pci/pci-stub.c
> +++ b/hw/pci/pci-stub.c
> @@ -22,7 +22,7 @@
> #include "sysemu/sysemu.h"
> #include "monitor/monitor.h"
> #include "qapi/error.h"
> -#include "qapi/qapi-commands-misc.h"
> +#include "qapi/qapi-commands-machine.h"
> #include "qapi/qmp/qerror.h"
> #include "hw/pci/pci.h"
> #include "hw/pci/msi.h"
> diff --git a/hw/pci/pci.c b/hw/pci/pci.c
> index e1ed6677e1..5ebc783d57 100644
> --- a/hw/pci/pci.c
> +++ b/hw/pci/pci.c
> @@ -46,7 +46,7 @@
> #include "hw/hotplug.h"
> #include "hw/boards.h"
> #include "qapi/error.h"
> -#include "qapi/qapi-commands-misc.h"
> +#include "qapi/qapi-commands-machine.h"
> #include "qemu/cutils.h"
>
> //#define DEBUG_PCI
>
next prev parent reply other threads:[~2020-05-25 14:13 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-16 0:03 [PATCH v2 0/8] user-mode: Prune build dependencies (part 2) Philippe Mathieu-Daudé
2020-03-16 0:03 ` [PATCH v2 1/8] target/i386: Restrict X86CPUFeatureWord to X86 targets Philippe Mathieu-Daudé
2020-03-16 0:29 ` Aleksandar Markovic
2020-03-16 0:31 ` Aleksandar Markovic
2020-03-16 7:30 ` Philippe Mathieu-Daudé
2020-03-18 8:25 ` Philippe Mathieu-Daudé
2020-03-16 0:03 ` [PATCH v2 2/8] qapi/misc: Restrict LostTickPolicy enum to machine code Philippe Mathieu-Daudé
2020-05-25 14:12 ` Philippe Mathieu-Daudé
2020-05-26 15:00 ` Igor Mammedov
2020-03-16 0:03 ` [PATCH v2 3/8] qapi/misc: Restrict balloon-related commands " Philippe Mathieu-Daudé
2020-03-16 9:05 ` David Hildenbrand
2020-03-17 11:03 ` Philippe Mathieu-Daudé
2020-03-17 11:04 ` David Hildenbrand
2020-03-16 0:03 ` [PATCH v2 4/8] qapi/misc: Move query-uuid command with block code Philippe Mathieu-Daudé
2020-03-16 13:09 ` Igor Mammedov
2020-03-16 13:57 ` Philippe Mathieu-Daudé
2020-03-16 0:03 ` [PATCH v2 5/8] qapi/misc: Restrict query-vm-generation-id command to machine code Philippe Mathieu-Daudé
2020-03-16 12:45 ` Igor Mammedov
2020-03-17 9:44 ` Philippe Mathieu-Daudé
2020-03-17 11:07 ` Igor Mammedov
2020-03-16 0:03 ` [PATCH v2 6/8] qapi/misc: Restrict ACPI commands " Philippe Mathieu-Daudé
2020-03-16 12:47 ` Igor Mammedov
2020-03-16 0:03 ` [PATCH v2 7/8] qapi/misc: Restrict PCI " Philippe Mathieu-Daudé
2020-05-25 14:12 ` Philippe Mathieu-Daudé [this message]
2020-03-16 0:03 ` [PATCH v2 8/8] qapi/misc: Restrict device memory " Philippe Mathieu-Daudé
2020-03-16 12:49 ` Igor Mammedov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2b9b397c-024e-45b5-f8b6-d78064a96f26@redhat.com \
--to=philmd@redhat.com \
--cc=armbru@redhat.com \
--cc=ben@skyportsystems.com \
--cc=berrange@redhat.com \
--cc=dgilbert@redhat.com \
--cc=ehabkost@redhat.com \
--cc=imammedo@redhat.com \
--cc=kwolf@redhat.com \
--cc=mreitz@redhat.com \
--cc=mst@redhat.com \
--cc=pbonzini@redhat.com \
--cc=pl@kamp.de \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=ronniesahlberg@gmail.com \
--cc=rth@twiddle.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).