| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 8 Feb 2022 11:22:26 -0400
From: Jason Gunthorpe <jgg@...dia.com>
To: Shameer Kolothum <shameerali.kolothum.thodi@...wei.com>
Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-crypto@...r.kernel.org, alex.williamson@...hat.com,
cohuck@...hat.com, mgurtovoy@...dia.com, yishaih@...dia.com,
linuxarm@...wei.com, liulongfang@...wei.com,
prime.zeng@...ilicon.com, jonathan.cameron@...wei.com,
wangzhou1@...ilicon.com
Subject: Re: [RFC v4 7/8] hisi_acc_vfio_pci: Add support for VFIO live
migration
On Tue, Feb 08, 2022 at 01:34:24PM +0000, Shameer Kolothum wrote:
Overall this looks like a fine implementation, as far as I can tell it
meets the uAPI design perfectly.
Why did you decide not to do the P2P support?
> +static struct file *
> +hisi_acc_vf_set_device_state(struct hisi_acc_vf_core_device *hisi_acc_vdev,
> + u32 new)
> +{
> + u32 cur = hisi_acc_vdev->mig_state;
> + int ret;
> +
> + if (cur == VFIO_DEVICE_STATE_RUNNING && new == VFIO_DEVICE_STATE_STOP) {
> + ret = hisi_acc_vf_stop_device(hisi_acc_vdev);
> + if (ret)
> + return ERR_PTR(ret);
Be mindful that qemu doesn't handle a failure here very well, I'm not
sure we will be able to fix this in the short term.
> +static int hisi_acc_vfio_pci_init(struct hisi_acc_vf_core_device *hisi_acc_vdev)
> +{
> + struct vfio_pci_core_device *vdev = &hisi_acc_vdev->core_device;
> + struct pci_dev *vf_dev = vdev->pdev;
> + struct hisi_qm *vf_qm = &hisi_acc_vdev->vf_qm;
> +
> + /*
> + * ACC VF dev BAR2 region consists of both functional register space
> + * and migration control register space. For migration to work, we
> + * need access to both. Hence, we map the entire BAR2 region here.
> + * But from a security point of view, we restrict access to the
> + * migration control space from Guest(Please see mmap/ioctl/read/write
> + * override functions).
> + *
> + * Also the HiSilicon ACC VF devices supported by this driver on
> + * HiSilicon hardware platforms are integrated end point devices
> + * and has no capability to perform PCIe P2P.
> + */
> + vf_qm->io_base =
> + ioremap(pci_resource_start(vf_dev, VFIO_PCI_BAR2_REGION_INDEX),
> + pci_resource_len(vf_dev, VFIO_PCI_BAR2_REGION_INDEX));
> + if (!vf_qm->io_base)
> + return -EIO;
> +
> + vf_qm->fun_type = QM_HW_VF;
> + vf_qm->pdev = vf_dev;
> + mutex_init(&vf_qm->mailbox_lock);
mailbox_lock seems unused
> + hisi_acc_vdev->vf_id = PCI_FUNC(vf_dev->devfn);
Does this need to use the pci_iov_vf_id() function? funcs don't need
to be tightly packed, necessarily.
This should be set when the structure is allocated, not at open time.
> + hisi_acc_vdev->vf_dev = vf_dev;
> + vf_qm->dev_name = hisi_acc_vdev->pf_qm->dev_name;
Also unused
> + hisi_acc_vdev->mig_state = VFIO_DEVICE_STATE_RUNNING;
> +
> + return 0;
> +}
>
> static int hisi_acc_pci_rw_access_check(struct vfio_device *core_vdev,
> size_t count, loff_t *ppos,
> @@ -129,63 +1067,96 @@ static long hisi_acc_vfio_pci_ioctl(struct vfio_device *core_vdev, unsigned int
>
> static int hisi_acc_vfio_pci_open_device(struct vfio_device *core_vdev)
> {
> - struct vfio_pci_core_device *vdev =
> - container_of(core_vdev, struct vfio_pci_core_device, vdev);
> + struct hisi_acc_vf_core_device *hisi_acc_vdev = container_of(core_vdev,
> + struct hisi_acc_vf_core_device, core_device.vdev);
> + struct vfio_pci_core_device *vdev = &hisi_acc_vdev->core_device;
> int ret;
>
> ret = vfio_pci_core_enable(vdev);
> if (ret)
> return ret;
>
> - vfio_pci_core_finish_enable(vdev);
> + if (!hisi_acc_vdev->migration_support) {
This should just test the core flag and get rid of migration_support:
hisi_acc_vdev->core_device.vdev.migration_flags =
VFIO_MIGRATION_STOP_COPY;
> +++ b/drivers/vfio/pci/hisi_acc_vfio_pci.h
> @@ -0,0 +1,119 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +/* Copyright (c) 2021 HiSilicon Ltd. */
> +
> +#ifndef HISI_ACC_VFIO_PCI_H
> +#define HISI_ACC_VFIO_PCI_H
> +
> +#include <linux/hisi_acc_qm.h>
> +
> +#define VDM_OFFSET(x) offsetof(struct vfio_device_migration_info, x)
> +
> +#define HISI_ACC_MIG_REGION_DATA_OFFSET \
> + (sizeof(struct vfio_device_migration_info))
> +
> +#define HISI_ACC_MIG_REGION_DATA_SIZE (sizeof(struct acc_vf_data))
These three are not used any more
> +struct acc_vf_data {
> +#define QM_MATCH_SIZE 32L
> + /* QM match information */
> + u32 qp_num;
> + u32 dev_id;
> + u32 que_iso_cfg;
> + u32 qp_base;
> + /* QM reserved 4 match information */
> + u32 qm_rsv_state[4];
> +
> + /* QM RW regs */
> + u32 aeq_int_mask;
> + u32 eq_int_mask;
> + u32 ifc_int_source;
> + u32 ifc_int_mask;
> + u32 ifc_int_set;
> + u32 page_size;
> +
> + /* QM_EQC_DW has 7 regs */
> + u32 qm_eqc_dw[7];
> +
> + /* QM_AEQC_DW has 7 regs */
> + u32 qm_aeqc_dw[7];
> +
> + /* QM reserved 5 regs */
> + u32 qm_rsv_regs[5];
> +
> + /* qm memory init information */
> + dma_addr_t eqe_dma;
> + dma_addr_t aeqe_dma;
> + dma_addr_t sqc_dma;
> + dma_addr_t cqc_dma;
You can't put dma_addr_t in a structure that needs to go
on-the-wire. This should be u64
> +};
> +
> +struct hisi_acc_vf_migration_file {
> + struct file *filp;
> + struct mutex lock;
> + bool disabled;
> +
> + struct acc_vf_data vf_data;
> + size_t total_length;
> +};
> +
> +struct hisi_acc_vf_core_device {
> + struct vfio_pci_core_device core_device;
> + u8 migration_support:1;
> + /* for migration state */
> + struct mutex state_mutex;
> + enum vfio_device_mig_state mig_state;
> + struct pci_dev *pf_dev;
> + struct pci_dev *vf_dev;
> + struct hisi_qm *pf_qm;
> + struct hisi_qm vf_qm;
> + int vf_id;
> +
> + struct hisi_acc_vf_migration_file *resuming_migf;
> + struct hisi_acc_vf_migration_file *saving_migf;
> +};
> +#endif /* HISI_ACC_VFIO_PCI_H */
Powered by blists - more mailing lists