| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 23 Sep 2022 13:11:29 -0700
From: Si-Wei Liu <si-wei.liu@...cle.com>
To: Jason Wang <jasowang@...hat.com>, mst@...hat.com
Cc: elic@...dia.com, parav@...dia.com, wuzongyong@...ux.alibaba.com,
virtualization@...ts.linux-foundation.org,
linux-kernel@...r.kernel.org, eperezma@...hat.com,
lingshan.zhu@...el.com, gdawar@...inx.com, lulu@...hat.com,
xieyongji@...edance.com
Subject: Re: [PATCH V2 3/3] vp_vdpa: support feature provisioning
On 9/21/2022 7:43 PM, Jason Wang wrote:
> This patch allows the device features to be provisioned via
> netlink. This is done by:
>
> 1) validating the provisioned features to be a subset of the parent
> features.
> 2) clearing the features that is not wanted by the userspace
>
> For example:
>
> # vdpa mgmtdev show
> pci/0000:02:00.0:
> supported_classes net
> max_supported_vqs 3
> dev_features CSUM GUEST_CSUM CTRL_GUEST_OFFLOADS MAC GUEST_TSO4
> GUEST_TSO6 GUEST_ECN GUEST_UFO HOST_TSO4 HOST_TSO6 HOST_ECN HOST_UFO
> MRG_RXBUF STATUS CTRL_VQ CTRL_RX CTRL_VLAN CTRL_RX_EXTRA
> GUEST_ANNOUNCE CTRL_MAC_ADDR RING_INDIRECT_DESC RING_EVENT_IDX
> VERSION_1 ACCESS_PLATFORM
>
> 1) provision vDPA device with all features that are supported by the virtio-pci
>
> # vdpa dev add name dev1 mgmtdev pci/0000:02:00.0
> # vdpa dev config show
> dev1: mac 52:54:00:12:34:56 link up link_announce false mtu 65535
> negotiated_features CSUM GUEST_CSUM CTRL_GUEST_OFFLOADS MAC
> GUEST_TSO4 GUEST_TSO6 GUEST_ECN GUEST_UFO HOST_TSO4 HOST_TSO6
> HOST_ECN HOST_UFO MRG_RXBUF STATUS CTRL_VQ CTRL_RX CTRL_VLAN
> GUEST_ANNOUNCE CTRL_MAC_ADDR RING_INDIRECT_DESC RING_EVENT_IDX
> VERSION_1 ACCESS_PLATFORM
>
> 2) provision vDPA device with a subset of the features
>
> # vdpa dev add name dev1 mgmtdev pci/0000:02:00.0 device_features 0x300020000
> # dev1: mac 52:54:00:12:34:56 link up link_announce false mtu 65535
> negotiated_features CTRL_VQ VERSION_1 ACCESS_PLATFORM
>
> Reviewed-by: Eli Cohen <elic@...dia.com>
> Signed-off-by: Jason Wang <jasowang@...hat.com>
> ---
> drivers/vdpa/virtio_pci/vp_vdpa.c | 16 ++++++++++++++--
> 1 file changed, 14 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/vdpa/virtio_pci/vp_vdpa.c b/drivers/vdpa/virtio_pci/vp_vdpa.c
> index 04522077735b..4b28e0c95ba2 100644
> --- a/drivers/vdpa/virtio_pci/vp_vdpa.c
> +++ b/drivers/vdpa/virtio_pci/vp_vdpa.c
> @@ -17,6 +17,7 @@
> #include <linux/virtio_ring.h>
> #include <linux/virtio_pci.h>
> #include <linux/virtio_pci_modern.h>
> +#include <uapi/linux/vdpa.h>
>
> #define VP_VDPA_QUEUE_MAX 256
> #define VP_VDPA_DRIVER_NAME "vp_vdpa"
> @@ -35,6 +36,7 @@ struct vp_vdpa {
> struct virtio_pci_modern_device *mdev;
> struct vp_vring *vring;
> struct vdpa_callback config_cb;
> + u64 device_features;
> char msix_name[VP_VDPA_NAME_SIZE];
> int config_irq;
> int queues;
> @@ -66,9 +68,9 @@ static struct virtio_pci_modern_device *vp_vdpa_to_mdev(struct vp_vdpa *vp_vdpa)
>
> static u64 vp_vdpa_get_device_features(struct vdpa_device *vdpa)
> {
> - struct virtio_pci_modern_device *mdev = vdpa_to_mdev(vdpa);
> + struct vp_vdpa *vp_vdpa = vdpa_to_vp(vdpa);
>
> - return vp_modern_get_features(mdev);
> + return vp_vdpa->device_features;
> }
>
> static int vp_vdpa_set_driver_features(struct vdpa_device *vdpa, u64 features)
> @@ -475,6 +477,7 @@ static int vp_vdpa_dev_add(struct vdpa_mgmt_dev *v_mdev, const char *name,
> struct pci_dev *pdev = mdev->pci_dev;
> struct device *dev = &pdev->dev;
> struct vp_vdpa *vp_vdpa = NULL;
> + u64 device_features;
> int ret, i;
>
> vp_vdpa = vdpa_alloc_device(struct vp_vdpa, vdpa,
> @@ -491,6 +494,14 @@ static int vp_vdpa_dev_add(struct vdpa_mgmt_dev *v_mdev, const char *name,
> vp_vdpa->queues = vp_modern_get_num_queues(mdev);
> vp_vdpa->mdev = mdev;
>
> + device_features = vp_modern_get_features(mdev);
> + if (add_config->mask & BIT_ULL(VDPA_ATTR_DEV_FEATURES)) {
> + if (add_config->device_features & ~device_features)
> + return -EINVAL;
Should use "goto err" rather than direct return. Also, would be the best
to tell user the reason why device creation is failing. In the other
places of the same function, dev_err() or dev_warn() is used.
-Siwei
> + device_features &= add_config->device_features;
> + }
> + vp_vdpa->device_features = device_features;
> +
> ret = devm_add_action_or_reset(dev, vp_vdpa_free_irq_vectors, pdev);
> if (ret) {
> dev_err(&pdev->dev,
> @@ -599,6 +610,7 @@ static int vp_vdpa_probe(struct pci_dev *pdev, const struct pci_device_id *id)
> mgtdev->id_table = mdev_id;
> mgtdev->max_supported_vqs = vp_modern_get_num_queues(mdev);
> mgtdev->supported_features = vp_modern_get_features(mdev);
> + mgtdev->config_attr_mask = (1 << VDPA_ATTR_DEV_FEATURES);
> pci_set_master(pdev);
> pci_set_drvdata(pdev, vp_vdpa_mgtdev);
>
Powered by blists - more mailing lists