[PULL 0/7] Net patches
[PULL V2 00/15] Net patches
1
The following changes since commit 673205379fb499d2b72f2985b47ec7114282f5fe:
1
The following changes since commit d9ccf33f9479201e5add8db0af68ca9ca8da358b:
2
2
3
Merge remote-tracking branch 'remotes/philmd-gitlab/tags/python-next-20200714' into staging (2020-07-15 13:04:27 +0100)
3
Merge remote-tracking branch 'remotes/lvivier-gitlab/tags/linux-user-for-7.0-pull-request' into staging (2022-03-09 20:01:17 +0000)
4
4
5
are available in the git repository at:
5
are available in the git repository at:
6
6
7
https://github.com/jasowang/qemu.git tags/net-pull-request
7
https://github.com/jasowang/qemu.git tags/net-pull-request
8
8
9
for you to fetch changes up to a134321ef676723768973537bb9b49365ae2062e:
9
for you to fetch changes up to eea40402ecf895ed345f8e8eb07dbb484f4542c5:
10
10
11
ftgmac100: fix dblac write test (2020-07-15 21:00:13 +0800)
11
vdpa: Expose VHOST_F_LOG_ALL on SVQ (2022-03-10 10:26:32 +0800)
12
12
13
----------------------------------------------------------------
13
----------------------------------------------------------------
14
14
15
----------------------------------------------------------------
15
----------------------------------------------------------------
16
Andrew (1):
16
Eugenio Pérez (14):
17
hw/net: Added CSO for IPv6
17
vhost: Add VhostShadowVirtqueue
18
vhost: Add Shadow VirtQueue kick forwarding capabilities
19
vhost: Add Shadow VirtQueue call forwarding capabilities
20
vhost: Add vhost_svq_valid_features to shadow vq
21
virtio: Add vhost_svq_get_vring_addr
22
vdpa: adapt vhost_ops callbacks to svq
23
vhost: Shadow virtqueue buffers forwarding
24
util: Add iova_tree_alloc_map
25
util: add iova_tree_find_iova
26
vhost: Add VhostIOVATree
27
vdpa: Add custom IOTLB translations to SVQ
28
vdpa: Adapt vhost_vdpa_get_vring_base to SVQ
29
vdpa: Never set log_base addr if SVQ is enabled
30
vdpa: Expose VHOST_F_LOG_ALL on SVQ
18
31
19
Daniel P. Berrangé (1):
32
Jason Wang (1):
20
net: detect errors from probing vnet hdr flag for TAP devices
33
virtio-net: fix map leaking on error during receive
21
34
22
Juan Quintela (1):
35
hw/net/virtio-net.c | 1 +
23
virtio-net: fix removal of failover device
36
hw/virtio/meson.build | 2 +-
24
37
hw/virtio/vhost-iova-tree.c | 110 +++++++
25
Laurent Vivier (1):
38
hw/virtio/vhost-iova-tree.h | 27 ++
26
net: check if the file descriptor is valid before using it
39
hw/virtio/vhost-shadow-virtqueue.c | 638 +++++++++++++++++++++++++++++++++++++
27
40
hw/virtio/vhost-shadow-virtqueue.h | 87 +++++
28
Zhang Chen (2):
41
hw/virtio/vhost-vdpa.c | 525 +++++++++++++++++++++++++++++-
29
net/colo-compare.c: Expose compare "max_queue_size" to users
42
include/hw/virtio/vhost-vdpa.h | 8 +
30
qemu-options.hx: Clean up and fix typo for colo-compare
43
include/qemu/iova-tree.h | 38 ++-
31
44
util/iova-tree.c | 169 ++++++++++
32
erik-smit (1):
45
10 files changed, 1588 insertions(+), 17 deletions(-)
33
ftgmac100: fix dblac write test
46
create mode 100644 hw/virtio/vhost-iova-tree.c
34
47
create mode 100644 hw/virtio/vhost-iova-tree.h
35
hw/net/ftgmac100.c | 14 +++++++------
48
create mode 100644 hw/virtio/vhost-shadow-virtqueue.c
36
hw/net/net_tx_pkt.c | 15 ++++++++++---
49
create mode 100644 hw/virtio/vhost-shadow-virtqueue.h
37
hw/net/virtio-net.c | 1 +
38
include/qemu/sockets.h | 1 +
39
net/colo-compare.c | 43 ++++++++++++++++++++++++++++++++++++-
40
net/socket.c | 9 ++++++--
41
net/tap-bsd.c | 2 +-
42
net/tap-linux.c | 8 ++++---
43
net/tap-solaris.c | 2 +-
44
net/tap-stub.c | 2 +-
45
net/tap.c | 50 +++++++++++++++++++++++++++++++++++--------
46
net/tap_int.h | 2 +-
47
qemu-options.hx | 33 +++++++++++++++--------------
48
util/oslib-posix.c | 26 ++++++++++++++++-------
49
util/oslib-win32.c | 57 ++++++++++++++++++++++++++++----------------------
50
15 files changed, 188 insertions(+), 77 deletions(-)
51
50
52
51
diff view generated by jsdifflib
[PULL 1/7] virtio-net: fix removal of failover device
[PULL V2 01/15] virtio-net: fix map leaking on error during receive
1
From: Juan Quintela <quintela@redhat.com>
1
Commit bedd7e93d0196 ("virtio-net: fix use after unmap/free for sg")
2
tries to fix the use after free of the sg by caching the virtqueue
3
elements in an array and unmap them at once after receiving the
4
packets, But it forgot to unmap the cached elements on error which
5
will lead to leaking of mapping and other unexpected results.
2
6
3
If you have a networking device and its virtio failover device, and
7
Fixing this by detaching the cached elements on error. This addresses
4
you remove them in this order:
8
CVE-2022-26353.
5
- virtio device
6
- the real device
7
9
8
You get qemu crash.
10
Reported-by: Victor Tom <vv474172261@gmail.com>
9
See bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1820120
11
Cc: qemu-stable@nongnu.org
10
12
Fixes: CVE-2022-26353
11
Bug exist on qemu 4.2 and 5.0.
13
Fixes: bedd7e93d0196 ("virtio-net: fix use after unmap/free for sg")
12
But in 5.0 don't shows because commit
13
77b06bba62034a87cc61a9c8de1309ae3e527d97
14
15
somehow papers over it.
16
17
CC: Jason Wang <jasowang@redhat.com>
18
CC: Michael S. Tsirkin <mst@redhat.com>
19
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
14
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
20
Acked-by: Laurent Vivier <lvivier@redhat.com>
21
Signed-off-by: Juan Quintela <quintela@redhat.com>
22
Signed-off-by: Jason Wang <jasowang@redhat.com>
15
Signed-off-by: Jason Wang <jasowang@redhat.com>
23
---
16
---
24
hw/net/virtio-net.c | 1 +
17
hw/net/virtio-net.c | 1 +
25
1 file changed, 1 insertion(+)
18
1 file changed, 1 insertion(+)
26
19
27
diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
20
diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
28
index XXXXXXX..XXXXXXX 100644
21
index XXXXXXX..XXXXXXX 100644
29
--- a/hw/net/virtio-net.c
22
--- a/hw/net/virtio-net.c
30
+++ b/hw/net/virtio-net.c
23
+++ b/hw/net/virtio-net.c
31
@@ -XXX,XX +XXX,XX @@ static void virtio_net_device_unrealize(DeviceState *dev)
24
@@ -XXX,XX +XXX,XX @@ static ssize_t virtio_net_receive_rcu(NetClientState *nc, const uint8_t *buf,
32
g_free(n->vlans);
25
33
26
err:
34
if (n->failover) {
27
for (j = 0; j < i; j++) {
35
+ device_listener_unregister(&n->primary_listener);
28
+ virtqueue_detach_element(q->rx_vq, elems[j], lens[j]);
36
g_free(n->primary_device_id);
29
g_free(elems[j]);
37
g_free(n->standby_id);
30
}
38
qobject_unref(n->primary_device_dict);
31
39
--
32
--
40
2.5.0
33
2.7.4
41
42
diff view generated by jsdifflib
New patch
[PULL V2 02/15] vhost: Add VhostShadowVirtqueue
1
From: Eugenio Pérez <eperezma@redhat.com>
1
2
3
Vhost shadow virtqueue (SVQ) is an intermediate jump for virtqueue
4
notifications and buffers, allowing qemu to track them. While qemu is
5
forwarding the buffers and virtqueue changes, it is able to commit the
6
memory it's being dirtied, the same way regular qemu's VirtIO devices
7
do.
8
9
This commit only exposes basic SVQ allocation and free. Next patches of
10
the series add functionality like notifications and buffers forwarding.
11
12
Acked-by: Michael S. Tsirkin <mst@redhat.com>
13
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
14
Signed-off-by: Jason Wang <jasowang@redhat.com>
15
---
16
hw/virtio/meson.build | 2 +-
17
hw/virtio/vhost-shadow-virtqueue.c | 62 ++++++++++++++++++++++++++++++++++++++
18
hw/virtio/vhost-shadow-virtqueue.h | 28 +++++++++++++++++
19
3 files changed, 91 insertions(+), 1 deletion(-)
20
create mode 100644 hw/virtio/vhost-shadow-virtqueue.c
21
create mode 100644 hw/virtio/vhost-shadow-virtqueue.h
22
23
diff --git a/hw/virtio/meson.build b/hw/virtio/meson.build
24
index XXXXXXX..XXXXXXX 100644
25
--- a/hw/virtio/meson.build
26
+++ b/hw/virtio/meson.build
27
@@ -XXX,XX +XXX,XX @@ softmmu_ss.add(when: 'CONFIG_ALL', if_true: files('vhost-stub.c'))
28
29
virtio_ss = ss.source_set()
30
virtio_ss.add(files('virtio.c'))
31
-virtio_ss.add(when: 'CONFIG_VHOST', if_true: files('vhost.c', 'vhost-backend.c'))
32
+virtio_ss.add(when: 'CONFIG_VHOST', if_true: files('vhost.c', 'vhost-backend.c', 'vhost-shadow-virtqueue.c'))
33
virtio_ss.add(when: 'CONFIG_VHOST_USER', if_true: files('vhost-user.c'))
34
virtio_ss.add(when: 'CONFIG_VHOST_VDPA', if_true: files('vhost-vdpa.c'))
35
virtio_ss.add(when: 'CONFIG_VIRTIO_BALLOON', if_true: files('virtio-balloon.c'))
36
diff --git a/hw/virtio/vhost-shadow-virtqueue.c b/hw/virtio/vhost-shadow-virtqueue.c
37
new file mode 100644
38
index XXXXXXX..XXXXXXX
39
--- /dev/null
40
+++ b/hw/virtio/vhost-shadow-virtqueue.c
41
@@ -XXX,XX +XXX,XX @@
42
+/*
43
+ * vhost shadow virtqueue
44
+ *
45
+ * SPDX-FileCopyrightText: Red Hat, Inc. 2021
46
+ * SPDX-FileContributor: Author: Eugenio Pérez <eperezma@redhat.com>
47
+ *
48
+ * SPDX-License-Identifier: GPL-2.0-or-later
49
+ */
50
+
51
+#include "qemu/osdep.h"
52
+#include "hw/virtio/vhost-shadow-virtqueue.h"
53
+
54
+#include "qemu/error-report.h"
55
+
56
+/**
57
+ * Creates vhost shadow virtqueue, and instructs the vhost device to use the
58
+ * shadow methods and file descriptors.
59
+ *
60
+ * Returns the new virtqueue or NULL.
61
+ *
62
+ * In case of error, reason is reported through error_report.
63
+ */
64
+VhostShadowVirtqueue *vhost_svq_new(void)
65
+{
66
+ g_autofree VhostShadowVirtqueue *svq = g_new0(VhostShadowVirtqueue, 1);
67
+ int r;
68
+
69
+ r = event_notifier_init(&svq->hdev_kick, 0);
70
+ if (r != 0) {
71
+ error_report("Couldn't create kick event notifier: %s (%d)",
72
+ g_strerror(errno), errno);
73
+ goto err_init_hdev_kick;
74
+ }
75
+
76
+ r = event_notifier_init(&svq->hdev_call, 0);
77
+ if (r != 0) {
78
+ error_report("Couldn't create call event notifier: %s (%d)",
79
+ g_strerror(errno), errno);
80
+ goto err_init_hdev_call;
81
+ }
82
+
83
+ return g_steal_pointer(&svq);
84
+
85
+err_init_hdev_call:
86
+ event_notifier_cleanup(&svq->hdev_kick);
87
+
88
+err_init_hdev_kick:
89
+ return NULL;
90
+}
91
+
92
+/**
93
+ * Free the resources of the shadow virtqueue.
94
+ *
95
+ * @pvq: gpointer to SVQ so it can be used by autofree functions.
96
+ */
97
+void vhost_svq_free(gpointer pvq)
98
+{
99
+ VhostShadowVirtqueue *vq = pvq;
100
+ event_notifier_cleanup(&vq->hdev_kick);
101
+ event_notifier_cleanup(&vq->hdev_call);
102
+ g_free(vq);
103
+}
104
diff --git a/hw/virtio/vhost-shadow-virtqueue.h b/hw/virtio/vhost-shadow-virtqueue.h
105
new file mode 100644
106
index XXXXXXX..XXXXXXX
107
--- /dev/null
108
+++ b/hw/virtio/vhost-shadow-virtqueue.h
109
@@ -XXX,XX +XXX,XX @@
110
+/*
111
+ * vhost shadow virtqueue
112
+ *
113
+ * SPDX-FileCopyrightText: Red Hat, Inc. 2021
114
+ * SPDX-FileContributor: Author: Eugenio Pérez <eperezma@redhat.com>
115
+ *
116
+ * SPDX-License-Identifier: GPL-2.0-or-later
117
+ */
118
+
119
+#ifndef VHOST_SHADOW_VIRTQUEUE_H
120
+#define VHOST_SHADOW_VIRTQUEUE_H
121
+
122
+#include "qemu/event_notifier.h"
123
+
124
+/* Shadow virtqueue to relay notifications */
125
+typedef struct VhostShadowVirtqueue {
126
+ /* Shadow kick notifier, sent to vhost */
127
+ EventNotifier hdev_kick;
128
+ /* Shadow call notifier, sent to vhost */
129
+ EventNotifier hdev_call;
130
+} VhostShadowVirtqueue;
131
+
132
+VhostShadowVirtqueue *vhost_svq_new(void);
133
+
134
+void vhost_svq_free(gpointer vq);
135
+G_DEFINE_AUTOPTR_CLEANUP_FUNC(VhostShadowVirtqueue, vhost_svq_free);
136
+
137
+#endif
138
--
139
2.7.4
140
141
diff view generated by jsdifflib
New patch
[PULL V2 03/15] vhost: Add Shadow VirtQueue kick forwarding capabilities
1
1
From: Eugenio Pérez <eperezma@redhat.com>
2
3
At this mode no buffer forwarding will be performed in SVQ mode: Qemu
4
will just forward the guest's kicks to the device.
5
6
Host memory notifiers regions are left out for simplicity, and they will
7
not be addressed in this series.
8
9
Acked-by: Michael S. Tsirkin <mst@redhat.com>
10
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
11
Signed-off-by: Jason Wang <jasowang@redhat.com>
12
---
13
hw/virtio/vhost-shadow-virtqueue.c | 56 ++++++++++++++
14
hw/virtio/vhost-shadow-virtqueue.h | 14 ++++
15
hw/virtio/vhost-vdpa.c | 145 ++++++++++++++++++++++++++++++++++++-
16
include/hw/virtio/vhost-vdpa.h | 4 +
17
4 files changed, 217 insertions(+), 2 deletions(-)
18
19
diff --git a/hw/virtio/vhost-shadow-virtqueue.c b/hw/virtio/vhost-shadow-virtqueue.c
20
index XXXXXXX..XXXXXXX 100644
21
--- a/hw/virtio/vhost-shadow-virtqueue.c
22
+++ b/hw/virtio/vhost-shadow-virtqueue.c
23
@@ -XXX,XX +XXX,XX @@
24
#include "hw/virtio/vhost-shadow-virtqueue.h"
25
26
#include "qemu/error-report.h"
27
+#include "qemu/main-loop.h"
28
+#include "linux-headers/linux/vhost.h"
29
+
30
+/**
31
+ * Forward guest notifications.
32
+ *
33
+ * @n: guest kick event notifier, the one that guest set to notify svq.
34
+ */
35
+static void vhost_handle_guest_kick(EventNotifier *n)
36
+{
37
+ VhostShadowVirtqueue *svq = container_of(n, VhostShadowVirtqueue,
38
+ svq_kick);
39
+ event_notifier_test_and_clear(n);
40
+ event_notifier_set(&svq->hdev_kick);
41
+}
42
+
43
+/**
44
+ * Set a new file descriptor for the guest to kick the SVQ and notify for avail
45
+ *
46
+ * @svq: The svq
47
+ * @svq_kick_fd: The svq kick fd
48
+ *
49
+ * Note that the SVQ will never close the old file descriptor.
50
+ */
51
+void vhost_svq_set_svq_kick_fd(VhostShadowVirtqueue *svq, int svq_kick_fd)
52
+{
53
+ EventNotifier *svq_kick = &svq->svq_kick;
54
+ bool poll_stop = VHOST_FILE_UNBIND != event_notifier_get_fd(svq_kick);
55
+ bool poll_start = svq_kick_fd != VHOST_FILE_UNBIND;
56
+
57
+ if (poll_stop) {
58
+ event_notifier_set_handler(svq_kick, NULL);
59
+ }
60
+
61
+ /*
62
+ * event_notifier_set_handler already checks for guest's notifications if
63
+ * they arrive at the new file descriptor in the switch, so there is no
64
+ * need to explicitly check for them.
65
+ */
66
+ if (poll_start) {
67
+ event_notifier_init_fd(svq_kick, svq_kick_fd);
68
+ event_notifier_set(svq_kick);
69
+ event_notifier_set_handler(svq_kick, vhost_handle_guest_kick);
70
+ }
71
+}
72
+
73
+/**
74
+ * Stop the shadow virtqueue operation.
75
+ * @svq: Shadow Virtqueue
76
+ */
77
+void vhost_svq_stop(VhostShadowVirtqueue *svq)
78
+{
79
+ event_notifier_set_handler(&svq->svq_kick, NULL);
80
+}
81
82
/**
83
* Creates vhost shadow virtqueue, and instructs the vhost device to use the
84
@@ -XXX,XX +XXX,XX @@ VhostShadowVirtqueue *vhost_svq_new(void)
85
goto err_init_hdev_call;
86
}
87
88
+ event_notifier_init_fd(&svq->svq_kick, VHOST_FILE_UNBIND);
89
return g_steal_pointer(&svq);
90
91
err_init_hdev_call:
92
@@ -XXX,XX +XXX,XX @@ err_init_hdev_kick:
93
void vhost_svq_free(gpointer pvq)
94
{
95
VhostShadowVirtqueue *vq = pvq;
96
+ vhost_svq_stop(vq);
97
event_notifier_cleanup(&vq->hdev_kick);
98
event_notifier_cleanup(&vq->hdev_call);
99
g_free(vq);
100
diff --git a/hw/virtio/vhost-shadow-virtqueue.h b/hw/virtio/vhost-shadow-virtqueue.h
101
index XXXXXXX..XXXXXXX 100644
102
--- a/hw/virtio/vhost-shadow-virtqueue.h
103
+++ b/hw/virtio/vhost-shadow-virtqueue.h
104
@@ -XXX,XX +XXX,XX @@ typedef struct VhostShadowVirtqueue {
105
EventNotifier hdev_kick;
106
/* Shadow call notifier, sent to vhost */
107
EventNotifier hdev_call;
108
+
109
+ /*
110
+ * Borrowed virtqueue's guest to host notifier. To borrow it in this event
111
+ * notifier allows to recover the VhostShadowVirtqueue from the event loop
112
+ * easily. If we use the VirtQueue's one, we don't have an easy way to
113
+ * retrieve VhostShadowVirtqueue.
114
+ *
115
+ * So shadow virtqueue must not clean it, or we would lose VirtQueue one.
116
+ */
117
+ EventNotifier svq_kick;
118
} VhostShadowVirtqueue;
119
120
+void vhost_svq_set_svq_kick_fd(VhostShadowVirtqueue *svq, int svq_kick_fd);
121
+
122
+void vhost_svq_stop(VhostShadowVirtqueue *svq);
123
+
124
VhostShadowVirtqueue *vhost_svq_new(void);
125
126
void vhost_svq_free(gpointer vq);
127
diff --git a/hw/virtio/vhost-vdpa.c b/hw/virtio/vhost-vdpa.c
128
index XXXXXXX..XXXXXXX 100644
129
--- a/hw/virtio/vhost-vdpa.c
130
+++ b/hw/virtio/vhost-vdpa.c
131
@@ -XXX,XX +XXX,XX @@
132
#include "hw/virtio/vhost.h"
133
#include "hw/virtio/vhost-backend.h"
134
#include "hw/virtio/virtio-net.h"
135
+#include "hw/virtio/vhost-shadow-virtqueue.h"
136
#include "hw/virtio/vhost-vdpa.h"
137
#include "exec/address-spaces.h"
138
#include "qemu/main-loop.h"
139
#include "cpu.h"
140
#include "trace.h"
141
#include "qemu-common.h"
142
+#include "qapi/error.h"
143
144
/*
145
* Return one past the end of the end of section. Be careful with uint64_t
146
@@ -XXX,XX +XXX,XX @@ static bool vhost_vdpa_one_time_request(struct vhost_dev *dev)
147
return v->index != 0;
148
}
149
150
+static int vhost_vdpa_init_svq(struct vhost_dev *hdev, struct vhost_vdpa *v,
151
+ Error **errp)
152
+{
153
+ g_autoptr(GPtrArray) shadow_vqs = NULL;
154
+
155
+ if (!v->shadow_vqs_enabled) {
156
+ return 0;
157
+ }
158
+
159
+ shadow_vqs = g_ptr_array_new_full(hdev->nvqs, vhost_svq_free);
160
+ for (unsigned n = 0; n < hdev->nvqs; ++n) {
161
+ g_autoptr(VhostShadowVirtqueue) svq = vhost_svq_new();
162
+
163
+ if (unlikely(!svq)) {
164
+ error_setg(errp, "Cannot create svq %u", n);
165
+ return -1;
166
+ }
167
+ g_ptr_array_add(shadow_vqs, g_steal_pointer(&svq));
168
+ }
169
+
170
+ v->shadow_vqs = g_steal_pointer(&shadow_vqs);
171
+ return 0;
172
+}
173
+
174
static int vhost_vdpa_init(struct vhost_dev *dev, void *opaque, Error **errp)
175
{
176
struct vhost_vdpa *v;
177
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_init(struct vhost_dev *dev, void *opaque, Error **errp)
178
dev->opaque = opaque ;
179
v->listener = vhost_vdpa_memory_listener;
180
v->msg_type = VHOST_IOTLB_MSG_V2;
181
+ ret = vhost_vdpa_init_svq(dev, v, errp);
182
+ if (ret) {
183
+ goto err;
184
+ }
185
186
vhost_vdpa_get_iova_range(v);
187
188
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_init(struct vhost_dev *dev, void *opaque, Error **errp)
189
VIRTIO_CONFIG_S_DRIVER);
190
191
return 0;
192
+
193
+err:
194
+ ram_block_discard_disable(false);
195
+ return ret;
196
}
197
198
static void vhost_vdpa_host_notifier_uninit(struct vhost_dev *dev,
199
@@ -XXX,XX +XXX,XX @@ static void vhost_vdpa_host_notifiers_uninit(struct vhost_dev *dev, int n)
200
201
static void vhost_vdpa_host_notifiers_init(struct vhost_dev *dev)
202
{
203
+ struct vhost_vdpa *v = dev->opaque;
204
int i;
205
206
+ if (v->shadow_vqs_enabled) {
207
+ /* FIXME SVQ is not compatible with host notifiers mr */
208
+ return;
209
+ }
210
+
211
for (i = dev->vq_index; i < dev->vq_index + dev->nvqs; i++) {
212
if (vhost_vdpa_host_notifier_init(dev, i)) {
213
goto err;
214
@@ -XXX,XX +XXX,XX @@ err:
215
return;
216
}
217
218
+static void vhost_vdpa_svq_cleanup(struct vhost_dev *dev)
219
+{
220
+ struct vhost_vdpa *v = dev->opaque;
221
+ size_t idx;
222
+
223
+ if (!v->shadow_vqs) {
224
+ return;
225
+ }
226
+
227
+ for (idx = 0; idx < v->shadow_vqs->len; ++idx) {
228
+ vhost_svq_stop(g_ptr_array_index(v->shadow_vqs, idx));
229
+ }
230
+ g_ptr_array_free(v->shadow_vqs, true);
231
+}
232
+
233
static int vhost_vdpa_cleanup(struct vhost_dev *dev)
234
{
235
struct vhost_vdpa *v;
236
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_cleanup(struct vhost_dev *dev)
237
trace_vhost_vdpa_cleanup(dev, v);
238
vhost_vdpa_host_notifiers_uninit(dev, dev->nvqs);
239
memory_listener_unregister(&v->listener);
240
+ vhost_vdpa_svq_cleanup(dev);
241
242
dev->opaque = NULL;
243
ram_block_discard_disable(false);
244
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_get_device_id(struct vhost_dev *dev,
245
return ret;
246
}
247
248
+static void vhost_vdpa_reset_svq(struct vhost_vdpa *v)
249
+{
250
+ if (!v->shadow_vqs_enabled) {
251
+ return;
252
+ }
253
+
254
+ for (unsigned i = 0; i < v->shadow_vqs->len; ++i) {
255
+ VhostShadowVirtqueue *svq = g_ptr_array_index(v->shadow_vqs, i);
256
+ vhost_svq_stop(svq);
257
+ }
258
+}
259
+
260
static int vhost_vdpa_reset_device(struct vhost_dev *dev)
261
{
262
+ struct vhost_vdpa *v = dev->opaque;
263
int ret;
264
uint8_t status = 0;
265
266
+ vhost_vdpa_reset_svq(v);
267
+
268
ret = vhost_vdpa_call(dev, VHOST_VDPA_SET_STATUS, &status);
269
trace_vhost_vdpa_reset_device(dev, status);
270
return ret;
271
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_get_config(struct vhost_dev *dev, uint8_t *config,
272
return ret;
273
}
274
275
+static int vhost_vdpa_set_vring_dev_kick(struct vhost_dev *dev,
276
+ struct vhost_vring_file *file)
277
+{
278
+ trace_vhost_vdpa_set_vring_kick(dev, file->index, file->fd);
279
+ return vhost_vdpa_call(dev, VHOST_SET_VRING_KICK, file);
280
+}
281
+
282
+/**
283
+ * Set the shadow virtqueue descriptors to the device
284
+ *
285
+ * @dev: The vhost device model
286
+ * @svq: The shadow virtqueue
287
+ * @idx: The index of the virtqueue in the vhost device
288
+ * @errp: Error
289
+ */
290
+static bool vhost_vdpa_svq_setup(struct vhost_dev *dev,
291
+ VhostShadowVirtqueue *svq,
292
+ unsigned idx,
293
+ Error **errp)
294
+{
295
+ struct vhost_vring_file file = {
296
+ .index = dev->vq_index + idx,
297
+ };
298
+ const EventNotifier *event_notifier = &svq->hdev_kick;
299
+ int r;
300
+
301
+ file.fd = event_notifier_get_fd(event_notifier);
302
+ r = vhost_vdpa_set_vring_dev_kick(dev, &file);
303
+ if (unlikely(r != 0)) {
304
+ error_setg_errno(errp, -r, "Can't set device kick fd");
305
+ }
306
+
307
+ return r == 0;
308
+}
309
+
310
+static bool vhost_vdpa_svqs_start(struct vhost_dev *dev)
311
+{
312
+ struct vhost_vdpa *v = dev->opaque;
313
+ Error *err = NULL;
314
+ unsigned i;
315
+
316
+ if (!v->shadow_vqs) {
317
+ return true;
318
+ }
319
+
320
+ for (i = 0; i < v->shadow_vqs->len; ++i) {
321
+ VhostShadowVirtqueue *svq = g_ptr_array_index(v->shadow_vqs, i);
322
+ bool ok = vhost_vdpa_svq_setup(dev, svq, i, &err);
323
+ if (unlikely(!ok)) {
324
+ error_reportf_err(err, "Cannot setup SVQ %u: ", i);
325
+ return false;
326
+ }
327
+ }
328
+
329
+ return true;
330
+}
331
+
332
static int vhost_vdpa_dev_start(struct vhost_dev *dev, bool started)
333
{
334
struct vhost_vdpa *v = dev->opaque;
335
+ bool ok;
336
trace_vhost_vdpa_dev_start(dev, started);
337
338
if (started) {
339
vhost_vdpa_host_notifiers_init(dev);
340
+ ok = vhost_vdpa_svqs_start(dev);
341
+ if (unlikely(!ok)) {
342
+ return -1;
343
+ }
344
vhost_vdpa_set_vring_ready(dev);
345
} else {
346
vhost_vdpa_host_notifiers_uninit(dev, dev->nvqs);
347
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_get_vring_base(struct vhost_dev *dev,
348
static int vhost_vdpa_set_vring_kick(struct vhost_dev *dev,
349
struct vhost_vring_file *file)
350
{
351
- trace_vhost_vdpa_set_vring_kick(dev, file->index, file->fd);
352
- return vhost_vdpa_call(dev, VHOST_SET_VRING_KICK, file);
353
+ struct vhost_vdpa *v = dev->opaque;
354
+ int vdpa_idx = file->index - dev->vq_index;
355
+
356
+ if (v->shadow_vqs_enabled) {
357
+ VhostShadowVirtqueue *svq = g_ptr_array_index(v->shadow_vqs, vdpa_idx);
358
+ vhost_svq_set_svq_kick_fd(svq, file->fd);
359
+ return 0;
360
+ } else {
361
+ return vhost_vdpa_set_vring_dev_kick(dev, file);
362
+ }
363
}
364
365
static int vhost_vdpa_set_vring_call(struct vhost_dev *dev,
366
diff --git a/include/hw/virtio/vhost-vdpa.h b/include/hw/virtio/vhost-vdpa.h
367
index XXXXXXX..XXXXXXX 100644
368
--- a/include/hw/virtio/vhost-vdpa.h
369
+++ b/include/hw/virtio/vhost-vdpa.h
370
@@ -XXX,XX +XXX,XX @@
371
#ifndef HW_VIRTIO_VHOST_VDPA_H
372
#define HW_VIRTIO_VHOST_VDPA_H
373
374
+#include <gmodule.h>
375
+
376
#include "hw/virtio/virtio.h"
377
#include "standard-headers/linux/vhost_types.h"
378
379
@@ -XXX,XX +XXX,XX @@ typedef struct vhost_vdpa {
380
bool iotlb_batch_begin_sent;
381
MemoryListener listener;
382
struct vhost_vdpa_iova_range iova_range;
383
+ bool shadow_vqs_enabled;
384
+ GPtrArray *shadow_vqs;
385
struct vhost_dev *dev;
386
VhostVDPAHostNotifier notifier[VIRTIO_QUEUE_MAX];
387
} VhostVDPA;
388
--
389
2.7.4
390
391
diff view generated by jsdifflib
[PULL 3/7] net/colo-compare.c: Expose compare "max_queue_size" to users
[PULL V2 04/15] vhost: Add Shadow VirtQueue call forwarding capabilities
1
From: Zhang Chen <chen.zhang@intel.com>
1
From: Eugenio Pérez <eperezma@redhat.com>
2
2
3
This patch allow users to set the "max_queue_size" according
3
This will make qemu aware of the device used buffers, allowing it to
4
to their environment.
4
write the guest memory with its contents if needed.
5
5
6
Signed-off-by: Zhang Chen <chen.zhang@intel.com>
6
Acked-by: Michael S. Tsirkin <mst@redhat.com>
7
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
7
Signed-off-by: Jason Wang <jasowang@redhat.com>
8
Signed-off-by: Jason Wang <jasowang@redhat.com>
8
---
9
---
9
net/colo-compare.c | 43 ++++++++++++++++++++++++++++++++++++++++++-
10
hw/virtio/vhost-shadow-virtqueue.c | 38 ++++++++++++++++++++++++++++++++++++++
10
qemu-options.hx | 5 +++--
11
hw/virtio/vhost-shadow-virtqueue.h | 4 ++++
11
2 files changed, 45 insertions(+), 3 deletions(-)
12
hw/virtio/vhost-vdpa.c | 31 +++++++++++++++++++++++++++++--
13
3 files changed, 71 insertions(+), 2 deletions(-)
12
14
13
diff --git a/net/colo-compare.c b/net/colo-compare.c
15
diff --git a/hw/virtio/vhost-shadow-virtqueue.c b/hw/virtio/vhost-shadow-virtqueue.c
14
index XXXXXXX..XXXXXXX 100644
16
index XXXXXXX..XXXXXXX 100644
15
--- a/net/colo-compare.c
17
--- a/hw/virtio/vhost-shadow-virtqueue.c
16
+++ b/net/colo-compare.c
18
+++ b/hw/virtio/vhost-shadow-virtqueue.c
17
@@ -XXX,XX +XXX,XX @@ static bool colo_compare_active;
19
@@ -XXX,XX +XXX,XX @@ static void vhost_handle_guest_kick(EventNotifier *n)
18
static QemuMutex event_mtx;
19
static QemuCond event_complete_cond;
20
static int event_unhandled_count;
21
+static uint32_t max_queue_size;
22
23
/*
24
* + CompareState ++
25
@@ -XXX,XX +XXX,XX @@ static void fill_pkt_tcp_info(void *data, uint32_t *max_ack)
26
*/
27
static int colo_insert_packet(GQueue *queue, Packet *pkt, uint32_t *max_ack)
28
{
29
- if (g_queue_get_length(queue) <= MAX_QUEUE_SIZE) {
30
+ if (g_queue_get_length(queue) <= max_queue_size) {
31
if (pkt->ip->ip_p == IPPROTO_TCP) {
32
fill_pkt_tcp_info(pkt, max_ack);
33
g_queue_insert_sorted(queue,
34
@@ -XXX,XX +XXX,XX @@ static void compare_set_expired_scan_cycle(Object *obj, Visitor *v,
35
s->expired_scan_cycle = value;
36
}
20
}
37
21
38
+static void get_max_queue_size(Object *obj, Visitor *v,
22
/**
39
+ const char *name, void *opaque,
23
+ * Forward vhost notifications
40
+ Error **errp)
24
+ *
25
+ * @n: hdev call event notifier, the one that device set to notify svq.
26
+ */
27
+static void vhost_svq_handle_call(EventNotifier *n)
41
+{
28
+{
42
+ uint32_t value = max_queue_size;
29
+ VhostShadowVirtqueue *svq = container_of(n, VhostShadowVirtqueue,
43
+
30
+ hdev_call);
44
+ visit_type_uint32(v, name, &value, errp);
31
+ event_notifier_test_and_clear(n);
32
+ event_notifier_set(&svq->svq_call);
45
+}
33
+}
46
+
34
+
47
+static void set_max_queue_size(Object *obj, Visitor *v,
35
+/**
48
+ const char *name, void *opaque,
36
+ * Set the call notifier for the SVQ to call the guest
49
+ Error **errp)
37
+ *
38
+ * @svq: Shadow virtqueue
39
+ * @call_fd: call notifier
40
+ *
41
+ * Called on BQL context.
42
+ */
43
+void vhost_svq_set_svq_call_fd(VhostShadowVirtqueue *svq, int call_fd)
50
+{
44
+{
51
+ Error *local_err = NULL;
45
+ if (call_fd == VHOST_FILE_UNBIND) {
52
+ uint32_t value;
46
+ /*
53
+
47
+ * Fail event_notifier_set if called handling device call.
54
+ visit_type_uint32(v, name, &value, &local_err);
48
+ *
55
+ if (local_err) {
49
+ * SVQ still needs device notifications, since it needs to keep
56
+ goto out;
50
+ * forwarding used buffers even with the unbind.
51
+ */
52
+ memset(&svq->svq_call, 0, sizeof(svq->svq_call));
53
+ } else {
54
+ event_notifier_init_fd(&svq->svq_call, call_fd);
57
+ }
55
+ }
58
+ if (!value) {
59
+ error_setg(&local_err, "Property '%s.%s' requires a positive value",
60
+ object_get_typename(obj), name);
61
+ goto out;
62
+ }
63
+ max_queue_size = value;
64
+
65
+out:
66
+ error_propagate(errp, local_err);
67
+}
56
+}
68
+
57
+
69
static void compare_pri_rs_finalize(SocketReadState *pri_rs)
58
+/**
70
{
59
* Set a new file descriptor for the guest to kick the SVQ and notify for avail
71
CompareState *s = container_of(pri_rs, CompareState, pri_rs);
60
*
72
@@ -XXX,XX +XXX,XX @@ static void colo_compare_complete(UserCreatable *uc, Error **errp)
61
* @svq: The svq
73
s->expired_scan_cycle = REGULAR_PACKET_CHECK_MS;
62
@@ -XXX,XX +XXX,XX @@ VhostShadowVirtqueue *vhost_svq_new(void)
74
}
63
}
75
64
76
+ if (!max_queue_size) {
65
event_notifier_init_fd(&svq->svq_kick, VHOST_FILE_UNBIND);
77
+ /* Set default queue size to 1024 */
66
+ event_notifier_set_handler(&svq->hdev_call, vhost_svq_handle_call);
78
+ max_queue_size = MAX_QUEUE_SIZE;
67
return g_steal_pointer(&svq);
68
69
err_init_hdev_call:
70
@@ -XXX,XX +XXX,XX @@ void vhost_svq_free(gpointer pvq)
71
VhostShadowVirtqueue *vq = pvq;
72
vhost_svq_stop(vq);
73
event_notifier_cleanup(&vq->hdev_kick);
74
+ event_notifier_set_handler(&vq->hdev_call, NULL);
75
event_notifier_cleanup(&vq->hdev_call);
76
g_free(vq);
77
}
78
diff --git a/hw/virtio/vhost-shadow-virtqueue.h b/hw/virtio/vhost-shadow-virtqueue.h
79
index XXXXXXX..XXXXXXX 100644
80
--- a/hw/virtio/vhost-shadow-virtqueue.h
81
+++ b/hw/virtio/vhost-shadow-virtqueue.h
82
@@ -XXX,XX +XXX,XX @@ typedef struct VhostShadowVirtqueue {
83
* So shadow virtqueue must not clean it, or we would lose VirtQueue one.
84
*/
85
EventNotifier svq_kick;
86
+
87
+ /* Guest's call notifier, where the SVQ calls guest. */
88
+ EventNotifier svq_call;
89
} VhostShadowVirtqueue;
90
91
void vhost_svq_set_svq_kick_fd(VhostShadowVirtqueue *svq, int svq_kick_fd);
92
+void vhost_svq_set_svq_call_fd(VhostShadowVirtqueue *svq, int call_fd);
93
94
void vhost_svq_stop(VhostShadowVirtqueue *svq);
95
96
diff --git a/hw/virtio/vhost-vdpa.c b/hw/virtio/vhost-vdpa.c
97
index XXXXXXX..XXXXXXX 100644
98
--- a/hw/virtio/vhost-vdpa.c
99
+++ b/hw/virtio/vhost-vdpa.c
100
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_set_vring_dev_kick(struct vhost_dev *dev,
101
return vhost_vdpa_call(dev, VHOST_SET_VRING_KICK, file);
102
}
103
104
+static int vhost_vdpa_set_vring_dev_call(struct vhost_dev *dev,
105
+ struct vhost_vring_file *file)
106
+{
107
+ trace_vhost_vdpa_set_vring_call(dev, file->index, file->fd);
108
+ return vhost_vdpa_call(dev, VHOST_SET_VRING_CALL, file);
109
+}
110
+
111
/**
112
* Set the shadow virtqueue descriptors to the device
113
*
114
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_set_vring_dev_kick(struct vhost_dev *dev,
115
* @svq: The shadow virtqueue
116
* @idx: The index of the virtqueue in the vhost device
117
* @errp: Error
118
+ *
119
+ * Note that this function does not rewind kick file descriptor if cannot set
120
+ * call one.
121
*/
122
static bool vhost_vdpa_svq_setup(struct vhost_dev *dev,
123
VhostShadowVirtqueue *svq,
124
@@ -XXX,XX +XXX,XX @@ static bool vhost_vdpa_svq_setup(struct vhost_dev *dev,
125
r = vhost_vdpa_set_vring_dev_kick(dev, &file);
126
if (unlikely(r != 0)) {
127
error_setg_errno(errp, -r, "Can't set device kick fd");
128
+ return false;
79
+ }
129
+ }
80
+
130
+
81
if (find_and_check_chardev(&chr, s->pri_indev, errp) ||
131
+ event_notifier = &svq->hdev_call;
82
!qemu_chr_fe_init(&s->chr_pri_in, chr, errp)) {
132
+ file.fd = event_notifier_get_fd(event_notifier);
83
return;
133
+ r = vhost_vdpa_set_vring_dev_call(dev, &file);
84
@@ -XXX,XX +XXX,XX @@ static void colo_compare_init(Object *obj)
134
+ if (unlikely(r != 0)) {
85
compare_get_expired_scan_cycle,
135
+ error_setg_errno(errp, -r, "Can't set device call fd");
86
compare_set_expired_scan_cycle, NULL, NULL);
136
}
87
137
88
+ object_property_add(obj, "max_queue_size", "uint32",
138
return r == 0;
89
+ get_max_queue_size,
139
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_set_vring_kick(struct vhost_dev *dev,
90
+ set_max_queue_size, NULL, NULL);
140
static int vhost_vdpa_set_vring_call(struct vhost_dev *dev,
141
struct vhost_vring_file *file)
142
{
143
- trace_vhost_vdpa_set_vring_call(dev, file->index, file->fd);
144
- return vhost_vdpa_call(dev, VHOST_SET_VRING_CALL, file);
145
+ struct vhost_vdpa *v = dev->opaque;
91
+
146
+
92
s->vnet_hdr = false;
147
+ if (v->shadow_vqs_enabled) {
93
object_property_add_bool(obj, "vnet_hdr_support", compare_get_vnet_hdr,
148
+ int vdpa_idx = file->index - dev->vq_index;
94
compare_set_vnet_hdr);
149
+ VhostShadowVirtqueue *svq = g_ptr_array_index(v->shadow_vqs, vdpa_idx);
95
diff --git a/qemu-options.hx b/qemu-options.hx
150
+
96
index XXXXXXX..XXXXXXX 100644
151
+ vhost_svq_set_svq_call_fd(svq, file->fd);
97
--- a/qemu-options.hx
152
+ return 0;
98
+++ b/qemu-options.hx
153
+ } else {
99
@@ -XXX,XX +XXX,XX @@ SRST
154
+ return vhost_vdpa_set_vring_dev_call(dev, file);
100
stored. The file format is libpcap, so it can be analyzed with
155
+ }
101
tools such as tcpdump or Wireshark.
156
}
102
157
103
- ``-object colo-compare,id=id,primary_in=chardevid,secondary_in=chardevid,outdev=chardevid,iothread=id[,vnet_hdr_support][,notify_dev=id][,compare_timeout=@var{ms}][,expired_scan_cycle=@var{ms}``
158
static int vhost_vdpa_get_features(struct vhost_dev *dev,
104
+ ``-object colo-compare,id=id,primary_in=chardevid,secondary_in=chardevid,outdev=chardevid,iothread=id[,vnet_hdr_support][,notify_dev=id][,compare_timeout=@var{ms}][,expired_scan_cycle=@var{ms}][,max_queue_size=@var{size}]``
105
Colo-compare gets packet from primary\_inchardevid and
106
secondary\_inchardevid, than compare primary packet with
107
secondary packet. If the packets are same, we will output
108
@@ -XXX,XX +XXX,XX @@ SRST
109
vnet\_hdr\_len. Then compare\_timeout=@var{ms} determines the
110
maximum delay colo-compare wait for the packet.
111
The expired\_scan\_cycle=@var{ms} to set the period of scanning
112
- expired primary node network packets.
113
+ expired primary node network packets. The max\_queue\_size=@var{size}
114
+ is to set the max compare queue size depend on user environment.
115
If you want to use Xen COLO, will need the notify\_dev to
116
notify Xen colo-frame to do checkpoint.
117
118
--
159
--
119
2.5.0
160
2.7.4
120
161
121
162
diff view generated by jsdifflib
New patch
[PULL V2 05/15] vhost: Add vhost_svq_valid_features to shadow vq
1
From: Eugenio Pérez <eperezma@redhat.com>
1
2
3
This allows SVQ to negotiate features with the guest and the device. For
4
the device, SVQ is a driver. While this function bypasses all
5
non-transport features, it needs to disable the features that SVQ does
6
not support when forwarding buffers. This includes packed vq layout,
7
indirect descriptors or event idx.
8
9
Future changes can add support to offer more features to the guest,
10
since the use of VirtQueue gives this for free. This is left out at the
11
moment for simplicity.
12
13
Acked-by: Michael S. Tsirkin <mst@redhat.com>
14
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
15
Signed-off-by: Jason Wang <jasowang@redhat.com>
16
---
17
hw/virtio/vhost-shadow-virtqueue.c | 44 ++++++++++++++++++++++++++++++++++++++
18
hw/virtio/vhost-shadow-virtqueue.h | 2 ++
19
hw/virtio/vhost-vdpa.c | 15 +++++++++++++
20
3 files changed, 61 insertions(+)
21
22
diff --git a/hw/virtio/vhost-shadow-virtqueue.c b/hw/virtio/vhost-shadow-virtqueue.c
23
index XXXXXXX..XXXXXXX 100644
24
--- a/hw/virtio/vhost-shadow-virtqueue.c
25
+++ b/hw/virtio/vhost-shadow-virtqueue.c
26
@@ -XXX,XX +XXX,XX @@
27
#include "hw/virtio/vhost-shadow-virtqueue.h"
28
29
#include "qemu/error-report.h"
30
+#include "qapi/error.h"
31
#include "qemu/main-loop.h"
32
#include "linux-headers/linux/vhost.h"
33
34
/**
35
+ * Validate the transport device features that both guests can use with the SVQ
36
+ * and SVQs can use with the device.
37
+ *
38
+ * @dev_features: The features
39
+ * @errp: Error pointer
40
+ */
41
+bool vhost_svq_valid_features(uint64_t features, Error **errp)
42
+{
43
+ bool ok = true;
44
+ uint64_t svq_features = features;
45
+
46
+ for (uint64_t b = VIRTIO_TRANSPORT_F_START; b <= VIRTIO_TRANSPORT_F_END;
47
+ ++b) {
48
+ switch (b) {
49
+ case VIRTIO_F_ANY_LAYOUT:
50
+ continue;
51
+
52
+ case VIRTIO_F_ACCESS_PLATFORM:
53
+ /* SVQ trust in the host's IOMMU to translate addresses */
54
+ case VIRTIO_F_VERSION_1:
55
+ /* SVQ trust that the guest vring is little endian */
56
+ if (!(svq_features & BIT_ULL(b))) {
57
+ set_bit(b, &svq_features);
58
+ ok = false;
59
+ }
60
+ continue;
61
+
62
+ default:
63
+ if (svq_features & BIT_ULL(b)) {
64
+ clear_bit(b, &svq_features);
65
+ ok = false;
66
+ }
67
+ }
68
+ }
69
+
70
+ if (!ok) {
71
+ error_setg(errp, "SVQ Invalid device feature flags, offer: 0x%"PRIx64
72
+ ", ok: 0x%"PRIx64, features, svq_features);
73
+ }
74
+ return ok;
75
+}
76
+
77
+/**
78
* Forward guest notifications.
79
*
80
* @n: guest kick event notifier, the one that guest set to notify svq.
81
diff --git a/hw/virtio/vhost-shadow-virtqueue.h b/hw/virtio/vhost-shadow-virtqueue.h
82
index XXXXXXX..XXXXXXX 100644
83
--- a/hw/virtio/vhost-shadow-virtqueue.h
84
+++ b/hw/virtio/vhost-shadow-virtqueue.h
85
@@ -XXX,XX +XXX,XX @@ typedef struct VhostShadowVirtqueue {
86
EventNotifier svq_call;
87
} VhostShadowVirtqueue;
88
89
+bool vhost_svq_valid_features(uint64_t features, Error **errp);
90
+
91
void vhost_svq_set_svq_kick_fd(VhostShadowVirtqueue *svq, int svq_kick_fd);
92
void vhost_svq_set_svq_call_fd(VhostShadowVirtqueue *svq, int call_fd);
93
94
diff --git a/hw/virtio/vhost-vdpa.c b/hw/virtio/vhost-vdpa.c
95
index XXXXXXX..XXXXXXX 100644
96
--- a/hw/virtio/vhost-vdpa.c
97
+++ b/hw/virtio/vhost-vdpa.c
98
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_init_svq(struct vhost_dev *hdev, struct vhost_vdpa *v,
99
Error **errp)
100
{
101
g_autoptr(GPtrArray) shadow_vqs = NULL;
102
+ uint64_t dev_features, svq_features;
103
+ int r;
104
+ bool ok;
105
106
if (!v->shadow_vqs_enabled) {
107
return 0;
108
}
109
110
+ r = hdev->vhost_ops->vhost_get_features(hdev, &dev_features);
111
+ if (r != 0) {
112
+ error_setg_errno(errp, -r, "Can't get vdpa device features");
113
+ return r;
114
+ }
115
+
116
+ svq_features = dev_features;
117
+ ok = vhost_svq_valid_features(svq_features, errp);
118
+ if (unlikely(!ok)) {
119
+ return -1;
120
+ }
121
+
122
shadow_vqs = g_ptr_array_new_full(hdev->nvqs, vhost_svq_free);
123
for (unsigned n = 0; n < hdev->nvqs; ++n) {
124
g_autoptr(VhostShadowVirtqueue) svq = vhost_svq_new();
125
--
126
2.7.4
127
128
diff view generated by jsdifflib
New patch
[PULL V2 06/15] virtio: Add vhost_svq_get_vring_addr
1
From: Eugenio Pérez <eperezma@redhat.com>
1
2
3
It reports the shadow virtqueue address from qemu virtual address space.
4
5
Since this will be different from the guest's vaddr, but the device can
6
access it, SVQ takes special care about its alignment & lack of garbage
7
data. It assumes that IOMMU will work in host_page_size ranges for that.
8
9
Acked-by: Michael S. Tsirkin <mst@redhat.com>
10
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
11
Signed-off-by: Jason Wang <jasowang@redhat.com>
12
---
13
hw/virtio/vhost-shadow-virtqueue.c | 29 +++++++++++++++++++++++++++++
14
hw/virtio/vhost-shadow-virtqueue.h | 9 +++++++++
15
2 files changed, 38 insertions(+)
16
17
diff --git a/hw/virtio/vhost-shadow-virtqueue.c b/hw/virtio/vhost-shadow-virtqueue.c
18
index XXXXXXX..XXXXXXX 100644
19
--- a/hw/virtio/vhost-shadow-virtqueue.c
20
+++ b/hw/virtio/vhost-shadow-virtqueue.c
21
@@ -XXX,XX +XXX,XX @@ void vhost_svq_set_svq_call_fd(VhostShadowVirtqueue *svq, int call_fd)
22
}
23
24
/**
25
+ * Get the shadow vq vring address.
26
+ * @svq: Shadow virtqueue
27
+ * @addr: Destination to store address
28
+ */
29
+void vhost_svq_get_vring_addr(const VhostShadowVirtqueue *svq,
30
+ struct vhost_vring_addr *addr)
31
+{
32
+ addr->desc_user_addr = (uint64_t)svq->vring.desc;
33
+ addr->avail_user_addr = (uint64_t)svq->vring.avail;
34
+ addr->used_user_addr = (uint64_t)svq->vring.used;
35
+}
36
+
37
+size_t vhost_svq_driver_area_size(const VhostShadowVirtqueue *svq)
38
+{
39
+ size_t desc_size = sizeof(vring_desc_t) * svq->vring.num;
40
+ size_t avail_size = offsetof(vring_avail_t, ring) +
41
+ sizeof(uint16_t) * svq->vring.num;
42
+
43
+ return ROUND_UP(desc_size + avail_size, qemu_real_host_page_size);
44
+}
45
+
46
+size_t vhost_svq_device_area_size(const VhostShadowVirtqueue *svq)
47
+{
48
+ size_t used_size = offsetof(vring_used_t, ring) +
49
+ sizeof(vring_used_elem_t) * svq->vring.num;
50
+ return ROUND_UP(used_size, qemu_real_host_page_size);
51
+}
52
+
53
+/**
54
* Set a new file descriptor for the guest to kick the SVQ and notify for avail
55
*
56
* @svq: The svq
57
diff --git a/hw/virtio/vhost-shadow-virtqueue.h b/hw/virtio/vhost-shadow-virtqueue.h
58
index XXXXXXX..XXXXXXX 100644
59
--- a/hw/virtio/vhost-shadow-virtqueue.h
60
+++ b/hw/virtio/vhost-shadow-virtqueue.h
61
@@ -XXX,XX +XXX,XX @@
62
#define VHOST_SHADOW_VIRTQUEUE_H
63
64
#include "qemu/event_notifier.h"
65
+#include "hw/virtio/virtio.h"
66
+#include "standard-headers/linux/vhost_types.h"
67
68
/* Shadow virtqueue to relay notifications */
69
typedef struct VhostShadowVirtqueue {
70
+ /* Shadow vring */
71
+ struct vring vring;
72
+
73
/* Shadow kick notifier, sent to vhost */
74
EventNotifier hdev_kick;
75
/* Shadow call notifier, sent to vhost */
76
@@ -XXX,XX +XXX,XX @@ bool vhost_svq_valid_features(uint64_t features, Error **errp);
77
78
void vhost_svq_set_svq_kick_fd(VhostShadowVirtqueue *svq, int svq_kick_fd);
79
void vhost_svq_set_svq_call_fd(VhostShadowVirtqueue *svq, int call_fd);
80
+void vhost_svq_get_vring_addr(const VhostShadowVirtqueue *svq,
81
+ struct vhost_vring_addr *addr);
82
+size_t vhost_svq_driver_area_size(const VhostShadowVirtqueue *svq);
83
+size_t vhost_svq_device_area_size(const VhostShadowVirtqueue *svq);
84
85
void vhost_svq_stop(VhostShadowVirtqueue *svq);
86
87
--
88
2.7.4
89
90
diff view generated by jsdifflib
New patch
[PULL V2 07/15] vdpa: adapt vhost_ops callbacks to svq
1
From: Eugenio Pérez <eperezma@redhat.com>
1
2
3
First half of the buffers forwarding part, preparing vhost-vdpa
4
callbacks to SVQ to offer it. QEMU cannot enable it at this moment, so
5
this is effectively dead code at the moment, but it helps to reduce
6
patch size.
7
8
Acked-by: Michael S. Tsirkin <mst@redhat.com>
9
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
10
Signed-off-by: Jason Wang <jasowang@redhat.com>
11
---
12
hw/virtio/vhost-vdpa.c | 48 +++++++++++++++++++++++++++++++++++++++++-------
13
1 file changed, 41 insertions(+), 7 deletions(-)
14
15
diff --git a/hw/virtio/vhost-vdpa.c b/hw/virtio/vhost-vdpa.c
16
index XXXXXXX..XXXXXXX 100644
17
--- a/hw/virtio/vhost-vdpa.c
18
+++ b/hw/virtio/vhost-vdpa.c
19
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_get_config(struct vhost_dev *dev, uint8_t *config,
20
return ret;
21
}
22
23
+static int vhost_vdpa_set_dev_vring_base(struct vhost_dev *dev,
24
+ struct vhost_vring_state *ring)
25
+{
26
+ trace_vhost_vdpa_set_vring_base(dev, ring->index, ring->num);
27
+ return vhost_vdpa_call(dev, VHOST_SET_VRING_BASE, ring);
28
+}
29
+
30
static int vhost_vdpa_set_vring_dev_kick(struct vhost_dev *dev,
31
struct vhost_vring_file *file)
32
{
33
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_set_vring_dev_call(struct vhost_dev *dev,
34
return vhost_vdpa_call(dev, VHOST_SET_VRING_CALL, file);
35
}
36
37
+static int vhost_vdpa_set_vring_dev_addr(struct vhost_dev *dev,
38
+ struct vhost_vring_addr *addr)
39
+{
40
+ trace_vhost_vdpa_set_vring_addr(dev, addr->index, addr->flags,
41
+ addr->desc_user_addr, addr->used_user_addr,
42
+ addr->avail_user_addr,
43
+ addr->log_guest_addr);
44
+
45
+ return vhost_vdpa_call(dev, VHOST_SET_VRING_ADDR, addr);
46
+
47
+}
48
+
49
/**
50
* Set the shadow virtqueue descriptors to the device
51
*
52
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_set_log_base(struct vhost_dev *dev, uint64_t base,
53
static int vhost_vdpa_set_vring_addr(struct vhost_dev *dev,
54
struct vhost_vring_addr *addr)
55
{
56
- trace_vhost_vdpa_set_vring_addr(dev, addr->index, addr->flags,
57
- addr->desc_user_addr, addr->used_user_addr,
58
- addr->avail_user_addr,
59
- addr->log_guest_addr);
60
- return vhost_vdpa_call(dev, VHOST_SET_VRING_ADDR, addr);
61
+ struct vhost_vdpa *v = dev->opaque;
62
+
63
+ if (v->shadow_vqs_enabled) {
64
+ /*
65
+ * Device vring addr was set at device start. SVQ base is handled by
66
+ * VirtQueue code.
67
+ */
68
+ return 0;
69
+ }
70
+
71
+ return vhost_vdpa_set_vring_dev_addr(dev, addr);
72
}
73
74
static int vhost_vdpa_set_vring_num(struct vhost_dev *dev,
75
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_set_vring_num(struct vhost_dev *dev,
76
static int vhost_vdpa_set_vring_base(struct vhost_dev *dev,
77
struct vhost_vring_state *ring)
78
{
79
- trace_vhost_vdpa_set_vring_base(dev, ring->index, ring->num);
80
- return vhost_vdpa_call(dev, VHOST_SET_VRING_BASE, ring);
81
+ struct vhost_vdpa *v = dev->opaque;
82
+
83
+ if (v->shadow_vqs_enabled) {
84
+ /*
85
+ * Device vring base was set at device start. SVQ base is handled by
86
+ * VirtQueue code.
87
+ */
88
+ return 0;
89
+ }
90
+
91
+ return vhost_vdpa_set_dev_vring_base(dev, ring);
92
}
93
94
static int vhost_vdpa_get_vring_base(struct vhost_dev *dev,
95
--
96
2.7.4
97
98
diff view generated by jsdifflib
[PULL 6/7] net: detect errors from probing vnet hdr flag for TAP devices
[PULL V2 08/15] vhost: Shadow virtqueue buffers forwarding
1
From: "Daniel P. Berrange" <berrange@redhat.com>
1
From: Eugenio Pérez <eperezma@redhat.com>
2
2
3
When QEMU sets up a tap based network device backend, it mostly ignores errors
3
Initial version of shadow virtqueue that actually forward buffers. There
4
reported from various ioctl() calls it makes, assuming the TAP file descriptor
4
is no iommu support at the moment, and that will be addressed in future
5
is valid. This assumption can easily be violated when the user is passing in a
5
patches of this series. Since all vhost-vdpa devices use forced IOMMU,
6
pre-opened file descriptor. At best, the ioctls may fail with a -EBADF, but if
6
this means that SVQ is not usable at this point of the series on any
7
the user passes in a bogus FD number that happens to clash with a FD number that
7
device.
8
QEMU has opened internally for another reason, a wide variety of errnos may
8
9
result, as the TUNGETIFF ioctl number may map to a completely different command
9
For simplicity it only supports modern devices, that expects vring
10
on a different type of file.
10
in little endian, with split ring and no event idx or indirect
11
11
descriptors. Support for them will not be added in this series.
12
By ignoring all these errors, QEMU sets up a zombie network backend that will
12
13
never pass any data. Even worse, when QEMU shuts down, or that network backend
13
It reuses the VirtQueue code for the device part. The driver part is
14
is hot-removed, it will close this bogus file descriptor, which could belong to
14
based on Linux's virtio_ring driver, but with stripped functionality
15
another QEMU device backend.
15
and optimizations so it's easier to review.
16
16
17
There's no obvious guaranteed reliable way to detect that a FD genuinely is a
17
However, forwarding buffers have some particular pieces: One of the most
18
TAP device, as opposed to a UNIX socket, or pipe, or something else. Checking
18
unexpected ones is that a guest's buffer can expand through more than
19
the errno from probing vnet hdr flag though, does catch the big common cases.
19
one descriptor in SVQ. While this is handled gracefully by qemu's
20
ie calling TUNGETIFF will return EBADF for an invalid FD, and ENOTTY when FD is
20
emulated virtio devices, it may cause unexpected SVQ queue full. This
21
a UNIX socket, or pipe which catches accidental collisions with FDs used for
21
patch also solves it by checking for this condition at both guest's
22
stdio, or monitor socket.
22
kicks and device's calls. The code may be more elegant in the future if
23
23
SVQ code runs in its own iocontext.
24
Previously the example below where bogus fd 9 collides with the FD used for the
24
25
chardev saw:
25
Acked-by: Michael S. Tsirkin <mst@redhat.com>
26
26
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
27
$ ./x86_64-softmmu/qemu-system-x86_64 -netdev tap,id=hostnet0,fd=9 \
28
-chardev socket,id=charchannel0,path=/tmp/qga,server,nowait \
29
-monitor stdio -vnc :0
30
qemu-system-x86_64: -netdev tap,id=hostnet0,fd=9: TUNGETIFF ioctl() failed: Inappropriate ioctl for device
31
TUNSETOFFLOAD ioctl() failed: Bad address
32
QEMU 2.9.1 monitor - type 'help' for more information
33
(qemu) Warning: netdev hostnet0 has no peer
34
35
which gives a running QEMU with a zombie network backend.
36
37
With this change applied we get an error message and QEMU immediately exits
38
before carrying on and making a bigger disaster:
39
40
$ ./x86_64-softmmu/qemu-system-x86_64 -netdev tap,id=hostnet0,fd=9 \
41
-chardev socket,id=charchannel0,path=/tmp/qga,server,nowait \
42
-monitor stdio -vnc :0
43
qemu-system-x86_64: -netdev tap,id=hostnet0,vhost=on,fd=9: Unable to query TUNGETIFF on FD 9: Inappropriate ioctl for device
44
45
Reported-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
46
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
47
Tested-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
48
Message-id: 20171027085548.3472-1-berrange@redhat.com
49
[lv: to simplify, don't check on EINVAL with TUNGETIFF as it exists since v2.6.27]
50
Signed-off-by: Laurent Vivier <lvivier@redhat.com>
51
Signed-off-by: Jason Wang <jasowang@redhat.com>
27
Signed-off-by: Jason Wang <jasowang@redhat.com>
52
---
28
---
53
net/tap-bsd.c | 2 +-
29
hw/virtio/vhost-shadow-virtqueue.c | 354 ++++++++++++++++++++++++++++++++++++-
54
net/tap-linux.c | 8 +++++---
30
hw/virtio/vhost-shadow-virtqueue.h | 26 +++
55
net/tap-solaris.c | 2 +-
31
hw/virtio/vhost-vdpa.c | 159 ++++++++++++++++-
56
net/tap-stub.c | 2 +-
32
3 files changed, 527 insertions(+), 12 deletions(-)
57
net/tap.c | 25 ++++++++++++++++++++-----
33
58
net/tap_int.h | 2 +-
34
diff --git a/hw/virtio/vhost-shadow-virtqueue.c b/hw/virtio/vhost-shadow-virtqueue.c
59
6 files changed, 29 insertions(+), 12 deletions(-)
60
61
diff --git a/net/tap-bsd.c b/net/tap-bsd.c
62
index XXXXXXX..XXXXXXX 100644
35
index XXXXXXX..XXXXXXX 100644
63
--- a/net/tap-bsd.c
36
--- a/hw/virtio/vhost-shadow-virtqueue.c
64
+++ b/net/tap-bsd.c
37
+++ b/hw/virtio/vhost-shadow-virtqueue.c
65
@@ -XXX,XX +XXX,XX @@ void tap_set_sndbuf(int fd, const NetdevTapOptions *tap, Error **errp)
38
@@ -XXX,XX +XXX,XX @@
39
#include "qemu/error-report.h"
40
#include "qapi/error.h"
41
#include "qemu/main-loop.h"
42
+#include "qemu/log.h"
43
+#include "qemu/memalign.h"
44
#include "linux-headers/linux/vhost.h"
45
46
/**
47
@@ -XXX,XX +XXX,XX @@ bool vhost_svq_valid_features(uint64_t features, Error **errp)
48
}
49
50
/**
51
- * Forward guest notifications.
52
+ * Number of descriptors that the SVQ can make available from the guest.
53
+ *
54
+ * @svq: The svq
55
+ */
56
+static uint16_t vhost_svq_available_slots(const VhostShadowVirtqueue *svq)
57
+{
58
+ return svq->vring.num - (svq->shadow_avail_idx - svq->shadow_used_idx);
59
+}
60
+
61
+static void vhost_vring_write_descs(VhostShadowVirtqueue *svq,
62
+ const struct iovec *iovec,
63
+ size_t num, bool more_descs, bool write)
64
+{
65
+ uint16_t i = svq->free_head, last = svq->free_head;
66
+ unsigned n;
67
+ uint16_t flags = write ? cpu_to_le16(VRING_DESC_F_WRITE) : 0;
68
+ vring_desc_t *descs = svq->vring.desc;
69
+
70
+ if (num == 0) {
71
+ return;
72
+ }
73
+
74
+ for (n = 0; n < num; n++) {
75
+ if (more_descs || (n + 1 < num)) {
76
+ descs[i].flags = flags | cpu_to_le16(VRING_DESC_F_NEXT);
77
+ } else {
78
+ descs[i].flags = flags;
79
+ }
80
+ descs[i].addr = cpu_to_le64((hwaddr)iovec[n].iov_base);
81
+ descs[i].len = cpu_to_le32(iovec[n].iov_len);
82
+
83
+ last = i;
84
+ i = cpu_to_le16(descs[i].next);
85
+ }
86
+
87
+ svq->free_head = le16_to_cpu(descs[last].next);
88
+}
89
+
90
+static bool vhost_svq_add_split(VhostShadowVirtqueue *svq,
91
+ VirtQueueElement *elem,
92
+ unsigned *head)
93
+{
94
+ unsigned avail_idx;
95
+ vring_avail_t *avail = svq->vring.avail;
96
+
97
+ *head = svq->free_head;
98
+
99
+ /* We need some descriptors here */
100
+ if (unlikely(!elem->out_num && !elem->in_num)) {
101
+ qemu_log_mask(LOG_GUEST_ERROR,
102
+ "Guest provided element with no descriptors");
103
+ return false;
104
+ }
105
+
106
+ vhost_vring_write_descs(svq, elem->out_sg, elem->out_num,
107
+ elem->in_num > 0, false);
108
+ vhost_vring_write_descs(svq, elem->in_sg, elem->in_num, false, true);
109
+
110
+ /*
111
+ * Put the entry in the available array (but don't update avail->idx until
112
+ * they do sync).
113
+ */
114
+ avail_idx = svq->shadow_avail_idx & (svq->vring.num - 1);
115
+ avail->ring[avail_idx] = cpu_to_le16(*head);
116
+ svq->shadow_avail_idx++;
117
+
118
+ /* Update the avail index after write the descriptor */
119
+ smp_wmb();
120
+ avail->idx = cpu_to_le16(svq->shadow_avail_idx);
121
+
122
+ return true;
123
+}
124
+
125
+static bool vhost_svq_add(VhostShadowVirtqueue *svq, VirtQueueElement *elem)
126
+{
127
+ unsigned qemu_head;
128
+ bool ok = vhost_svq_add_split(svq, elem, &qemu_head);
129
+ if (unlikely(!ok)) {
130
+ return false;
131
+ }
132
+
133
+ svq->ring_id_maps[qemu_head] = elem;
134
+ return true;
135
+}
136
+
137
+static void vhost_svq_kick(VhostShadowVirtqueue *svq)
138
+{
139
+ /*
140
+ * We need to expose the available array entries before checking the used
141
+ * flags
142
+ */
143
+ smp_mb();
144
+ if (svq->vring.used->flags & VRING_USED_F_NO_NOTIFY) {
145
+ return;
146
+ }
147
+
148
+ event_notifier_set(&svq->hdev_kick);
149
+}
150
+
151
+/**
152
+ * Forward available buffers.
153
+ *
154
+ * @svq: Shadow VirtQueue
155
+ *
156
+ * Note that this function does not guarantee that all guest's available
157
+ * buffers are available to the device in SVQ avail ring. The guest may have
158
+ * exposed a GPA / GIOVA contiguous buffer, but it may not be contiguous in
159
+ * qemu vaddr.
160
+ *
161
+ * If that happens, guest's kick notifications will be disabled until the
162
+ * device uses some buffers.
163
+ */
164
+static void vhost_handle_guest_kick(VhostShadowVirtqueue *svq)
165
+{
166
+ /* Clear event notifier */
167
+ event_notifier_test_and_clear(&svq->svq_kick);
168
+
169
+ /* Forward to the device as many available buffers as possible */
170
+ do {
171
+ virtio_queue_set_notification(svq->vq, false);
172
+
173
+ while (true) {
174
+ VirtQueueElement *elem;
175
+ bool ok;
176
+
177
+ if (svq->next_guest_avail_elem) {
178
+ elem = g_steal_pointer(&svq->next_guest_avail_elem);
179
+ } else {
180
+ elem = virtqueue_pop(svq->vq, sizeof(*elem));
181
+ }
182
+
183
+ if (!elem) {
184
+ break;
185
+ }
186
+
187
+ if (elem->out_num + elem->in_num >
188
+ vhost_svq_available_slots(svq)) {
189
+ /*
190
+ * This condition is possible since a contiguous buffer in GPA
191
+ * does not imply a contiguous buffer in qemu's VA
192
+ * scatter-gather segments. If that happens, the buffer exposed
193
+ * to the device needs to be a chain of descriptors at this
194
+ * moment.
195
+ *
196
+ * SVQ cannot hold more available buffers if we are here:
197
+ * queue the current guest descriptor and ignore further kicks
198
+ * until some elements are used.
199
+ */
200
+ svq->next_guest_avail_elem = elem;
201
+ return;
202
+ }
203
+
204
+ ok = vhost_svq_add(svq, elem);
205
+ if (unlikely(!ok)) {
206
+ /* VQ is broken, just return and ignore any other kicks */
207
+ return;
208
+ }
209
+ vhost_svq_kick(svq);
210
+ }
211
+
212
+ virtio_queue_set_notification(svq->vq, true);
213
+ } while (!virtio_queue_empty(svq->vq));
214
+}
215
+
216
+/**
217
+ * Handle guest's kick.
218
*
219
* @n: guest kick event notifier, the one that guest set to notify svq.
220
*/
221
-static void vhost_handle_guest_kick(EventNotifier *n)
222
+static void vhost_handle_guest_kick_notifier(EventNotifier *n)
66
{
223
{
224
VhostShadowVirtqueue *svq = container_of(n, VhostShadowVirtqueue,
225
svq_kick);
226
event_notifier_test_and_clear(n);
227
- event_notifier_set(&svq->hdev_kick);
228
+ vhost_handle_guest_kick(svq);
229
+}
230
+
231
+static bool vhost_svq_more_used(VhostShadowVirtqueue *svq)
232
+{
233
+ if (svq->last_used_idx != svq->shadow_used_idx) {
234
+ return true;
235
+ }
236
+
237
+ svq->shadow_used_idx = cpu_to_le16(svq->vring.used->idx);
238
+
239
+ return svq->last_used_idx != svq->shadow_used_idx;
67
}
240
}
68
241
69
-int tap_probe_vnet_hdr(int fd)
242
/**
70
+int tap_probe_vnet_hdr(int fd, Error **errp)
243
- * Forward vhost notifications
244
+ * Enable vhost device calls after disable them.
245
+ *
246
+ * @svq: The svq
247
+ *
248
+ * It returns false if there are pending used buffers from the vhost device,
249
+ * avoiding the possible races between SVQ checking for more work and enabling
250
+ * callbacks. True if SVQ used vring has no more pending buffers.
251
+ */
252
+static bool vhost_svq_enable_notification(VhostShadowVirtqueue *svq)
253
+{
254
+ svq->vring.avail->flags &= ~cpu_to_le16(VRING_AVAIL_F_NO_INTERRUPT);
255
+ /* Make sure the flag is written before the read of used_idx */
256
+ smp_mb();
257
+ return !vhost_svq_more_used(svq);
258
+}
259
+
260
+static void vhost_svq_disable_notification(VhostShadowVirtqueue *svq)
261
+{
262
+ svq->vring.avail->flags |= cpu_to_le16(VRING_AVAIL_F_NO_INTERRUPT);
263
+}
264
+
265
+static VirtQueueElement *vhost_svq_get_buf(VhostShadowVirtqueue *svq,
266
+ uint32_t *len)
267
+{
268
+ vring_desc_t *descs = svq->vring.desc;
269
+ const vring_used_t *used = svq->vring.used;
270
+ vring_used_elem_t used_elem;
271
+ uint16_t last_used;
272
+
273
+ if (!vhost_svq_more_used(svq)) {
274
+ return NULL;
275
+ }
276
+
277
+ /* Only get used array entries after they have been exposed by dev */
278
+ smp_rmb();
279
+ last_used = svq->last_used_idx & (svq->vring.num - 1);
280
+ used_elem.id = le32_to_cpu(used->ring[last_used].id);
281
+ used_elem.len = le32_to_cpu(used->ring[last_used].len);
282
+
283
+ svq->last_used_idx++;
284
+ if (unlikely(used_elem.id >= svq->vring.num)) {
285
+ qemu_log_mask(LOG_GUEST_ERROR, "Device %s says index %u is used",
286
+ svq->vdev->name, used_elem.id);
287
+ return NULL;
288
+ }
289
+
290
+ if (unlikely(!svq->ring_id_maps[used_elem.id])) {
291
+ qemu_log_mask(LOG_GUEST_ERROR,
292
+ "Device %s says index %u is used, but it was not available",
293
+ svq->vdev->name, used_elem.id);
294
+ return NULL;
295
+ }
296
+
297
+ descs[used_elem.id].next = svq->free_head;
298
+ svq->free_head = used_elem.id;
299
+
300
+ *len = used_elem.len;
301
+ return g_steal_pointer(&svq->ring_id_maps[used_elem.id]);
302
+}
303
+
304
+static void vhost_svq_flush(VhostShadowVirtqueue *svq,
305
+ bool check_for_avail_queue)
306
+{
307
+ VirtQueue *vq = svq->vq;
308
+
309
+ /* Forward as many used buffers as possible. */
310
+ do {
311
+ unsigned i = 0;
312
+
313
+ vhost_svq_disable_notification(svq);
314
+ while (true) {
315
+ uint32_t len;
316
+ g_autofree VirtQueueElement *elem = vhost_svq_get_buf(svq, &len);
317
+ if (!elem) {
318
+ break;
319
+ }
320
+
321
+ if (unlikely(i >= svq->vring.num)) {
322
+ qemu_log_mask(LOG_GUEST_ERROR,
323
+ "More than %u used buffers obtained in a %u size SVQ",
324
+ i, svq->vring.num);
325
+ virtqueue_fill(vq, elem, len, i);
326
+ virtqueue_flush(vq, i);
327
+ return;
328
+ }
329
+ virtqueue_fill(vq, elem, len, i++);
330
+ }
331
+
332
+ virtqueue_flush(vq, i);
333
+ event_notifier_set(&svq->svq_call);
334
+
335
+ if (check_for_avail_queue && svq->next_guest_avail_elem) {
336
+ /*
337
+ * Avail ring was full when vhost_svq_flush was called, so it's a
338
+ * good moment to make more descriptors available if possible.
339
+ */
340
+ vhost_handle_guest_kick(svq);
341
+ }
342
+ } while (!vhost_svq_enable_notification(svq));
343
+}
344
+
345
+/**
346
+ * Forward used buffers.
347
*
348
* @n: hdev call event notifier, the one that device set to notify svq.
349
+ *
350
+ * Note that we are not making any buffers available in the loop, there is no
351
+ * way that it runs more than virtqueue size times.
352
*/
353
static void vhost_svq_handle_call(EventNotifier *n)
71
{
354
{
72
return 0;
355
VhostShadowVirtqueue *svq = container_of(n, VhostShadowVirtqueue,
356
hdev_call);
357
event_notifier_test_and_clear(n);
358
- event_notifier_set(&svq->svq_call);
359
+ vhost_svq_flush(svq, true);
73
}
360
}
74
diff --git a/net/tap-linux.c b/net/tap-linux.c
361
75
index XXXXXXX..XXXXXXX 100644
362
/**
76
--- a/net/tap-linux.c
363
@@ -XXX,XX +XXX,XX @@ void vhost_svq_set_svq_kick_fd(VhostShadowVirtqueue *svq, int svq_kick_fd)
77
+++ b/net/tap-linux.c
364
if (poll_start) {
78
@@ -XXX,XX +XXX,XX @@ void tap_set_sndbuf(int fd, const NetdevTapOptions *tap, Error **errp)
365
event_notifier_init_fd(svq_kick, svq_kick_fd);
366
event_notifier_set(svq_kick);
367
- event_notifier_set_handler(svq_kick, vhost_handle_guest_kick);
368
+ event_notifier_set_handler(svq_kick, vhost_handle_guest_kick_notifier);
369
+ }
370
+}
371
+
372
+/**
373
+ * Start the shadow virtqueue operation.
374
+ *
375
+ * @svq: Shadow Virtqueue
376
+ * @vdev: VirtIO device
377
+ * @vq: Virtqueue to shadow
378
+ */
379
+void vhost_svq_start(VhostShadowVirtqueue *svq, VirtIODevice *vdev,
380
+ VirtQueue *vq)
381
+{
382
+ size_t desc_size, driver_size, device_size;
383
+
384
+ svq->next_guest_avail_elem = NULL;
385
+ svq->shadow_avail_idx = 0;
386
+ svq->shadow_used_idx = 0;
387
+ svq->last_used_idx = 0;
388
+ svq->vdev = vdev;
389
+ svq->vq = vq;
390
+
391
+ svq->vring.num = virtio_queue_get_num(vdev, virtio_get_queue_index(vq));
392
+ driver_size = vhost_svq_driver_area_size(svq);
393
+ device_size = vhost_svq_device_area_size(svq);
394
+ svq->vring.desc = qemu_memalign(qemu_real_host_page_size, driver_size);
395
+ desc_size = sizeof(vring_desc_t) * svq->vring.num;
396
+ svq->vring.avail = (void *)((char *)svq->vring.desc + desc_size);
397
+ memset(svq->vring.desc, 0, driver_size);
398
+ svq->vring.used = qemu_memalign(qemu_real_host_page_size, device_size);
399
+ memset(svq->vring.used, 0, device_size);
400
+ svq->ring_id_maps = g_new0(VirtQueueElement *, svq->vring.num);
401
+ for (unsigned i = 0; i < svq->vring.num - 1; i++) {
402
+ svq->vring.desc[i].next = cpu_to_le16(i + 1);
79
}
403
}
80
}
404
}
81
405
82
-int tap_probe_vnet_hdr(int fd)
406
@@ -XXX,XX +XXX,XX @@ void vhost_svq_set_svq_kick_fd(VhostShadowVirtqueue *svq, int svq_kick_fd)
83
+int tap_probe_vnet_hdr(int fd, Error **errp)
407
void vhost_svq_stop(VhostShadowVirtqueue *svq)
84
{
408
{
85
struct ifreq ifr;
409
event_notifier_set_handler(&svq->svq_kick, NULL);
86
410
+ g_autofree VirtQueueElement *next_avail_elem = NULL;
87
if (ioctl(fd, TUNGETIFF, &ifr) != 0) {
411
+
88
- error_report("TUNGETIFF ioctl() failed: %s", strerror(errno));
412
+ if (!svq->vq) {
89
- return 0;
413
+ return;
90
+ /* TUNGETIFF is available since kernel v2.6.27 */
414
+ }
91
+ error_setg_errno(errp, errno,
415
+
92
+ "Unable to query TUNGETIFF on FD %d", fd);
416
+ /* Send all pending used descriptors to guest */
93
+ return -1;
417
+ vhost_svq_flush(svq, false);
418
+
419
+ for (unsigned i = 0; i < svq->vring.num; ++i) {
420
+ g_autofree VirtQueueElement *elem = NULL;
421
+ elem = g_steal_pointer(&svq->ring_id_maps[i]);
422
+ if (elem) {
423
+ virtqueue_detach_element(svq->vq, elem, 0);
424
+ }
425
+ }
426
+
427
+ next_avail_elem = g_steal_pointer(&svq->next_guest_avail_elem);
428
+ if (next_avail_elem) {
429
+ virtqueue_detach_element(svq->vq, next_avail_elem, 0);
430
+ }
431
+ svq->vq = NULL;
432
+ g_free(svq->ring_id_maps);
433
+ qemu_vfree(svq->vring.desc);
434
+ qemu_vfree(svq->vring.used);
435
}
436
437
/**
438
diff --git a/hw/virtio/vhost-shadow-virtqueue.h b/hw/virtio/vhost-shadow-virtqueue.h
439
index XXXXXXX..XXXXXXX 100644
440
--- a/hw/virtio/vhost-shadow-virtqueue.h
441
+++ b/hw/virtio/vhost-shadow-virtqueue.h
442
@@ -XXX,XX +XXX,XX @@ typedef struct VhostShadowVirtqueue {
443
444
/* Guest's call notifier, where the SVQ calls guest. */
445
EventNotifier svq_call;
446
+
447
+ /* Virtio queue shadowing */
448
+ VirtQueue *vq;
449
+
450
+ /* Virtio device */
451
+ VirtIODevice *vdev;
452
+
453
+ /* Map for use the guest's descriptors */
454
+ VirtQueueElement **ring_id_maps;
455
+
456
+ /* Next VirtQueue element that guest made available */
457
+ VirtQueueElement *next_guest_avail_elem;
458
+
459
+ /* Next head to expose to the device */
460
+ uint16_t shadow_avail_idx;
461
+
462
+ /* Next free descriptor */
463
+ uint16_t free_head;
464
+
465
+ /* Last seen used idx */
466
+ uint16_t shadow_used_idx;
467
+
468
+ /* Next head to consume from the device */
469
+ uint16_t last_used_idx;
470
} VhostShadowVirtqueue;
471
472
bool vhost_svq_valid_features(uint64_t features, Error **errp);
473
@@ -XXX,XX +XXX,XX @@ void vhost_svq_get_vring_addr(const VhostShadowVirtqueue *svq,
474
size_t vhost_svq_driver_area_size(const VhostShadowVirtqueue *svq);
475
size_t vhost_svq_device_area_size(const VhostShadowVirtqueue *svq);
476
477
+void vhost_svq_start(VhostShadowVirtqueue *svq, VirtIODevice *vdev,
478
+ VirtQueue *vq);
479
void vhost_svq_stop(VhostShadowVirtqueue *svq);
480
481
VhostShadowVirtqueue *vhost_svq_new(void);
482
diff --git a/hw/virtio/vhost-vdpa.c b/hw/virtio/vhost-vdpa.c
483
index XXXXXXX..XXXXXXX 100644
484
--- a/hw/virtio/vhost-vdpa.c
485
+++ b/hw/virtio/vhost-vdpa.c
486
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_set_vring_dev_addr(struct vhost_dev *dev,
487
* Note that this function does not rewind kick file descriptor if cannot set
488
* call one.
489
*/
490
-static bool vhost_vdpa_svq_setup(struct vhost_dev *dev,
491
- VhostShadowVirtqueue *svq,
492
- unsigned idx,
493
- Error **errp)
494
+static int vhost_vdpa_svq_set_fds(struct vhost_dev *dev,
495
+ VhostShadowVirtqueue *svq,
496
+ unsigned idx,
497
+ Error **errp)
498
{
499
struct vhost_vring_file file = {
500
.index = dev->vq_index + idx,
501
@@ -XXX,XX +XXX,XX @@ static bool vhost_vdpa_svq_setup(struct vhost_dev *dev,
502
r = vhost_vdpa_set_vring_dev_kick(dev, &file);
503
if (unlikely(r != 0)) {
504
error_setg_errno(errp, -r, "Can't set device kick fd");
505
- return false;
506
+ return r;
94
}
507
}
95
508
96
return ifr.ifr_flags & IFF_VNET_HDR;
509
event_notifier = &svq->hdev_call;
97
diff --git a/net/tap-solaris.c b/net/tap-solaris.c
510
@@ -XXX,XX +XXX,XX @@ static bool vhost_vdpa_svq_setup(struct vhost_dev *dev,
98
index XXXXXXX..XXXXXXX 100644
511
error_setg_errno(errp, -r, "Can't set device call fd");
99
--- a/net/tap-solaris.c
512
}
100
+++ b/net/tap-solaris.c
513
101
@@ -XXX,XX +XXX,XX @@ void tap_set_sndbuf(int fd, const NetdevTapOptions *tap, Error **errp)
514
+ return r;
102
{
515
+}
516
+
517
+/**
518
+ * Unmap a SVQ area in the device
519
+ */
520
+static bool vhost_vdpa_svq_unmap_ring(struct vhost_vdpa *v, hwaddr iova,
521
+ hwaddr size)
522
+{
523
+ int r;
524
+
525
+ size = ROUND_UP(size, qemu_real_host_page_size);
526
+ r = vhost_vdpa_dma_unmap(v, iova, size);
527
+ return r == 0;
528
+}
529
+
530
+static bool vhost_vdpa_svq_unmap_rings(struct vhost_dev *dev,
531
+ const VhostShadowVirtqueue *svq)
532
+{
533
+ struct vhost_vdpa *v = dev->opaque;
534
+ struct vhost_vring_addr svq_addr;
535
+ size_t device_size = vhost_svq_device_area_size(svq);
536
+ size_t driver_size = vhost_svq_driver_area_size(svq);
537
+ bool ok;
538
+
539
+ vhost_svq_get_vring_addr(svq, &svq_addr);
540
+
541
+ ok = vhost_vdpa_svq_unmap_ring(v, svq_addr.desc_user_addr, driver_size);
542
+ if (unlikely(!ok)) {
543
+ return false;
544
+ }
545
+
546
+ return vhost_vdpa_svq_unmap_ring(v, svq_addr.used_user_addr, device_size);
547
+}
548
+
549
+/**
550
+ * Map the shadow virtqueue rings in the device
551
+ *
552
+ * @dev: The vhost device
553
+ * @svq: The shadow virtqueue
554
+ * @addr: Assigned IOVA addresses
555
+ * @errp: Error pointer
556
+ */
557
+static bool vhost_vdpa_svq_map_rings(struct vhost_dev *dev,
558
+ const VhostShadowVirtqueue *svq,
559
+ struct vhost_vring_addr *addr,
560
+ Error **errp)
561
+{
562
+ struct vhost_vdpa *v = dev->opaque;
563
+ size_t device_size = vhost_svq_device_area_size(svq);
564
+ size_t driver_size = vhost_svq_driver_area_size(svq);
565
+ int r;
566
+
567
+ ERRP_GUARD();
568
+ vhost_svq_get_vring_addr(svq, addr);
569
+
570
+ r = vhost_vdpa_dma_map(v, addr->desc_user_addr, driver_size,
571
+ (void *)addr->desc_user_addr, true);
572
+ if (unlikely(r != 0)) {
573
+ error_setg_errno(errp, -r, "Cannot create vq driver region: ");
574
+ return false;
575
+ }
576
+
577
+ r = vhost_vdpa_dma_map(v, addr->used_user_addr, device_size,
578
+ (void *)addr->used_user_addr, false);
579
+ if (unlikely(r != 0)) {
580
+ error_setg_errno(errp, -r, "Cannot create vq device region: ");
581
+ }
582
+
583
+ return r == 0;
584
+}
585
+
586
+static bool vhost_vdpa_svq_setup(struct vhost_dev *dev,
587
+ VhostShadowVirtqueue *svq,
588
+ unsigned idx,
589
+ Error **errp)
590
+{
591
+ uint16_t vq_index = dev->vq_index + idx;
592
+ struct vhost_vring_state s = {
593
+ .index = vq_index,
594
+ };
595
+ int r;
596
+
597
+ r = vhost_vdpa_set_dev_vring_base(dev, &s);
598
+ if (unlikely(r)) {
599
+ error_setg_errno(errp, -r, "Cannot set vring base");
600
+ return false;
601
+ }
602
+
603
+ r = vhost_vdpa_svq_set_fds(dev, svq, idx, errp);
604
return r == 0;
103
}
605
}
104
606
105
-int tap_probe_vnet_hdr(int fd)
607
@@ -XXX,XX +XXX,XX @@ static bool vhost_vdpa_svqs_start(struct vhost_dev *dev)
106
+int tap_probe_vnet_hdr(int fd, Error **errp)
107
{
108
return 0;
109
}
110
diff --git a/net/tap-stub.c b/net/tap-stub.c
111
index XXXXXXX..XXXXXXX 100644
112
--- a/net/tap-stub.c
113
+++ b/net/tap-stub.c
114
@@ -XXX,XX +XXX,XX @@ void tap_set_sndbuf(int fd, const NetdevTapOptions *tap, Error **errp)
115
{
116
}
117
118
-int tap_probe_vnet_hdr(int fd)
119
+int tap_probe_vnet_hdr(int fd, Error **errp)
120
{
121
return 0;
122
}
123
diff --git a/net/tap.c b/net/tap.c
124
index XXXXXXX..XXXXXXX 100644
125
--- a/net/tap.c
126
+++ b/net/tap.c
127
@@ -XXX,XX +XXX,XX @@ int net_init_bridge(const Netdev *netdev, const char *name,
128
}
608
}
129
609
130
qemu_set_nonblock(fd);
610
for (i = 0; i < v->shadow_vqs->len; ++i) {
131
- vnet_hdr = tap_probe_vnet_hdr(fd);
611
+ VirtQueue *vq = virtio_get_queue(dev->vdev, dev->vq_index + i);
132
+ vnet_hdr = tap_probe_vnet_hdr(fd, errp);
612
VhostShadowVirtqueue *svq = g_ptr_array_index(v->shadow_vqs, i);
133
+ if (vnet_hdr < 0) {
613
+ struct vhost_vring_addr addr = {
134
+ close(fd);
614
+ .index = i,
135
+ return -1;
615
+ };
136
+ }
616
+ int r;
137
s = net_tap_fd_init(peer, "bridge", name, fd, vnet_hdr);
617
bool ok = vhost_vdpa_svq_setup(dev, svq, i, &err);
138
618
if (unlikely(!ok)) {
139
snprintf(s->nc.info_str, sizeof(s->nc.info_str), "helper=%s,br=%s", helper,
619
- error_reportf_err(err, "Cannot setup SVQ %u: ", i);
140
@@ -XXX,XX +XXX,XX @@ int net_init_tap(const Netdev *netdev, const char *name,
620
+ goto err;
141
return -1;
621
+ }
622
+
623
+ vhost_svq_start(svq, dev->vdev, vq);
624
+ ok = vhost_vdpa_svq_map_rings(dev, svq, &addr, &err);
625
+ if (unlikely(!ok)) {
626
+ goto err_map;
627
+ }
628
+
629
+ /* Override vring GPA set by vhost subsystem */
630
+ r = vhost_vdpa_set_vring_dev_addr(dev, &addr);
631
+ if (unlikely(r != 0)) {
632
+ error_setg_errno(&err, -r, "Cannot set device address");
633
+ goto err_set_addr;
634
+ }
635
+ }
636
+
637
+ return true;
638
+
639
+err_set_addr:
640
+ vhost_vdpa_svq_unmap_rings(dev, g_ptr_array_index(v->shadow_vqs, i));
641
+
642
+err_map:
643
+ vhost_svq_stop(g_ptr_array_index(v->shadow_vqs, i));
644
+
645
+err:
646
+ error_reportf_err(err, "Cannot setup SVQ %u: ", i);
647
+ for (unsigned j = 0; j < i; ++j) {
648
+ VhostShadowVirtqueue *svq = g_ptr_array_index(v->shadow_vqs, j);
649
+ vhost_vdpa_svq_unmap_rings(dev, svq);
650
+ vhost_svq_stop(svq);
651
+ }
652
+
653
+ return false;
654
+}
655
+
656
+static bool vhost_vdpa_svqs_stop(struct vhost_dev *dev)
657
+{
658
+ struct vhost_vdpa *v = dev->opaque;
659
+
660
+ if (!v->shadow_vqs) {
661
+ return true;
662
+ }
663
+
664
+ for (unsigned i = 0; i < v->shadow_vqs->len; ++i) {
665
+ VhostShadowVirtqueue *svq = g_ptr_array_index(v->shadow_vqs,
666
+ i);
667
+ bool ok = vhost_vdpa_svq_unmap_rings(dev, svq);
668
+ if (unlikely(!ok)) {
669
return false;
142
}
670
}
143
671
}
144
- vnet_hdr = tap_probe_vnet_hdr(fd);
672
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_dev_start(struct vhost_dev *dev, bool started)
145
+ vnet_hdr = tap_probe_vnet_hdr(fd, errp);
673
}
146
+ if (vnet_hdr < 0) {
674
vhost_vdpa_set_vring_ready(dev);
147
+ close(fd);
675
} else {
676
+ ok = vhost_vdpa_svqs_stop(dev);
677
+ if (unlikely(!ok)) {
148
+ return -1;
678
+ return -1;
149
+ }
679
+ }
150
680
vhost_vdpa_host_notifiers_uninit(dev, dev->nvqs);
151
net_init_tap_one(tap, peer, "tap", name, NULL,
681
}
152
script, downscript,
682
153
@@ -XXX,XX +XXX,XX @@ int net_init_tap(const Netdev *netdev, const char *name,
154
}
155
156
if (i == 0) {
157
- vnet_hdr = tap_probe_vnet_hdr(fd);
158
- } else if (vnet_hdr != tap_probe_vnet_hdr(fd)) {
159
+ vnet_hdr = tap_probe_vnet_hdr(fd, errp);
160
+ if (vnet_hdr < 0) {
161
+ goto free_fail;
162
+ }
163
+ } else if (vnet_hdr != tap_probe_vnet_hdr(fd, NULL)) {
164
error_setg(errp,
165
"vnet_hdr not consistent across given tap fds");
166
ret = -1;
167
@@ -XXX,XX +XXX,XX @@ free_fail:
168
}
169
170
qemu_set_nonblock(fd);
171
- vnet_hdr = tap_probe_vnet_hdr(fd);
172
+ vnet_hdr = tap_probe_vnet_hdr(fd, errp);
173
+ if (vnet_hdr < 0) {
174
+ close(fd);
175
+ return -1;
176
+ }
177
178
net_init_tap_one(tap, peer, "bridge", name, ifname,
179
script, downscript, vhostfdname,
180
diff --git a/net/tap_int.h b/net/tap_int.h
181
index XXXXXXX..XXXXXXX 100644
182
--- a/net/tap_int.h
183
+++ b/net/tap_int.h
184
@@ -XXX,XX +XXX,XX @@ int tap_open(char *ifname, int ifname_size, int *vnet_hdr,
185
ssize_t tap_read_packet(int tapfd, uint8_t *buf, int maxlen);
186
187
void tap_set_sndbuf(int fd, const NetdevTapOptions *tap, Error **errp);
188
-int tap_probe_vnet_hdr(int fd);
189
+int tap_probe_vnet_hdr(int fd, Error **errp);
190
int tap_probe_vnet_hdr_len(int fd, int len);
191
int tap_probe_has_ufo(int fd);
192
void tap_fd_set_offload(int fd, int csum, int tso4, int tso6, int ecn, int ufo);
193
--
683
--
194
2.5.0
684
2.7.4
195
685
196
686
diff view generated by jsdifflib
New patch
[PULL V2 09/15] util: Add iova_tree_alloc_map
1
1
From: Eugenio Pérez <eperezma@redhat.com>
2
3
This iova tree function allows it to look for a hole in allocated
4
regions and return a totally new translation for a given translated
5
address.
6
7
It's usage is mainly to allow devices to access qemu address space,
8
remapping guest's one into a new iova space where qemu can add chunks of
9
addresses.
10
11
Acked-by: Michael S. Tsirkin <mst@redhat.com>
12
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
13
Reviewed-by: Peter Xu <peterx@redhat.com>
14
Signed-off-by: Jason Wang <jasowang@redhat.com>
15
---
16
include/qemu/iova-tree.h | 18 +++++++
17
util/iova-tree.c | 135 +++++++++++++++++++++++++++++++++++++++++++++++
18
2 files changed, 153 insertions(+)
19
20
diff --git a/include/qemu/iova-tree.h b/include/qemu/iova-tree.h
21
index XXXXXXX..XXXXXXX 100644
22
--- a/include/qemu/iova-tree.h
23
+++ b/include/qemu/iova-tree.h
24
@@ -XXX,XX +XXX,XX @@
25
#define IOVA_OK (0)
26
#define IOVA_ERR_INVALID (-1) /* Invalid parameters */
27
#define IOVA_ERR_OVERLAP (-2) /* IOVA range overlapped */
28
+#define IOVA_ERR_NOMEM (-3) /* Cannot allocate */
29
30
typedef struct IOVATree IOVATree;
31
typedef struct DMAMap {
32
@@ -XXX,XX +XXX,XX @@ const DMAMap *iova_tree_find_address(const IOVATree *tree, hwaddr iova);
33
void iova_tree_foreach(IOVATree *tree, iova_tree_iterator iterator);
34
35
/**
36
+ * iova_tree_alloc_map:
37
+ *
38
+ * @tree: the iova tree to allocate from
39
+ * @map: the new map (as translated addr & size) to allocate in the iova region
40
+ * @iova_begin: the minimum address of the allocation
41
+ * @iova_end: the maximum addressable direction of the allocation
42
+ *
43
+ * Allocates a new region of a given size, between iova_min and iova_max.
44
+ *
45
+ * Return: Same as iova_tree_insert, but cannot overlap and can return error if
46
+ * iova tree is out of free contiguous range. The caller gets the assigned iova
47
+ * in map->iova.
48
+ */
49
+int iova_tree_alloc_map(IOVATree *tree, DMAMap *map, hwaddr iova_begin,
50
+ hwaddr iova_end);
51
+
52
+/**
53
* iova_tree_destroy:
54
*
55
* @tree: the iova tree to destroy
56
diff --git a/util/iova-tree.c b/util/iova-tree.c
57
index XXXXXXX..XXXXXXX 100644
58
--- a/util/iova-tree.c
59
+++ b/util/iova-tree.c
60
@@ -XXX,XX +XXX,XX @@ struct IOVATree {
61
GTree *tree;
62
};
63
64
+/* Args to pass to iova_tree_alloc foreach function. */
65
+struct IOVATreeAllocArgs {
66
+ /* Size of the desired allocation */
67
+ size_t new_size;
68
+
69
+ /* The minimum address allowed in the allocation */
70
+ hwaddr iova_begin;
71
+
72
+ /* Map at the left of the hole, can be NULL if "this" is first one */
73
+ const DMAMap *prev;
74
+
75
+ /* Map at the right of the hole, can be NULL if "prev" is the last one */
76
+ const DMAMap *this;
77
+
78
+ /* If found, we fill in the IOVA here */
79
+ hwaddr iova_result;
80
+
81
+ /* Whether have we found a valid IOVA */
82
+ bool iova_found;
83
+};
84
+
85
+/**
86
+ * Iterate args to the next hole
87
+ *
88
+ * @args: The alloc arguments
89
+ * @next: The next mapping in the tree. Can be NULL to signal the last one
90
+ */
91
+static void iova_tree_alloc_args_iterate(struct IOVATreeAllocArgs *args,
92
+ const DMAMap *next) {
93
+ args->prev = args->this;
94
+ args->this = next;
95
+}
96
+
97
static int iova_tree_compare(gconstpointer a, gconstpointer b, gpointer data)
98
{
99
const DMAMap *m1 = a, *m2 = b;
100
@@ -XXX,XX +XXX,XX @@ int iova_tree_remove(IOVATree *tree, const DMAMap *map)
101
return IOVA_OK;
102
}
103
104
+/**
105
+ * Try to find an unallocated IOVA range between prev and this elements.
106
+ *
107
+ * @args: Arguments to allocation
108
+ *
109
+ * Cases:
110
+ *
111
+ * (1) !prev, !this: No entries allocated, always succeed
112
+ *
113
+ * (2) !prev, this: We're iterating at the 1st element.
114
+ *
115
+ * (3) prev, !this: We're iterating at the last element.
116
+ *
117
+ * (4) prev, this: this is the most common case, we'll try to find a hole
118
+ * between "prev" and "this" mapping.
119
+ *
120
+ * Note that this function assumes the last valid iova is HWADDR_MAX, but it
121
+ * searches linearly so it's easy to discard the result if it's not the case.
122
+ */
123
+static void iova_tree_alloc_map_in_hole(struct IOVATreeAllocArgs *args)
124
+{
125
+ const DMAMap *prev = args->prev, *this = args->this;
126
+ uint64_t hole_start, hole_last;
127
+
128
+ if (this && this->iova + this->size < args->iova_begin) {
129
+ return;
130
+ }
131
+
132
+ hole_start = MAX(prev ? prev->iova + prev->size + 1 : 0, args->iova_begin);
133
+ hole_last = this ? this->iova : HWADDR_MAX;
134
+
135
+ if (hole_last - hole_start > args->new_size) {
136
+ args->iova_result = hole_start;
137
+ args->iova_found = true;
138
+ }
139
+}
140
+
141
+/**
142
+ * Foreach dma node in the tree, compare if there is a hole with its previous
143
+ * node (or minimum iova address allowed) and the node.
144
+ *
145
+ * @key: Node iterating
146
+ * @value: Node iterating
147
+ * @pargs: Struct to communicate with the outside world
148
+ *
149
+ * Return: false to keep iterating, true if needs break.
150
+ */
151
+static gboolean iova_tree_alloc_traverse(gpointer key, gpointer value,
152
+ gpointer pargs)
153
+{
154
+ struct IOVATreeAllocArgs *args = pargs;
155
+ DMAMap *node = value;
156
+
157
+ assert(key == value);
158
+
159
+ iova_tree_alloc_args_iterate(args, node);
160
+ iova_tree_alloc_map_in_hole(args);
161
+ return args->iova_found;
162
+}
163
+
164
+int iova_tree_alloc_map(IOVATree *tree, DMAMap *map, hwaddr iova_begin,
165
+ hwaddr iova_last)
166
+{
167
+ struct IOVATreeAllocArgs args = {
168
+ .new_size = map->size,
169
+ .iova_begin = iova_begin,
170
+ };
171
+
172
+ if (unlikely(iova_last < iova_begin)) {
173
+ return IOVA_ERR_INVALID;
174
+ }
175
+
176
+ /*
177
+ * Find a valid hole for the mapping
178
+ *
179
+ * Assuming low iova_begin, so no need to do a binary search to
180
+ * locate the first node.
181
+ *
182
+ * TODO: Replace all this with g_tree_node_first/next/last when available
183
+ * (from glib since 2.68). To do it with g_tree_foreach complicates the
184
+ * code a lot.
185
+ *
186
+ */
187
+ g_tree_foreach(tree->tree, iova_tree_alloc_traverse, &args);
188
+ if (!args.iova_found) {
189
+ /*
190
+ * Either tree is empty or the last hole is still not checked.
191
+ * g_tree_foreach does not compare (last, iova_last] range, so we check
192
+ * it here.
193
+ */
194
+ iova_tree_alloc_args_iterate(&args, NULL);
195
+ iova_tree_alloc_map_in_hole(&args);
196
+ }
197
+
198
+ if (!args.iova_found || args.iova_result + map->size > iova_last) {
199
+ return IOVA_ERR_NOMEM;
200
+ }
201
+
202
+ map->iova = args.iova_result;
203
+ return iova_tree_insert(tree, map);
204
+}
205
+
206
void iova_tree_destroy(IOVATree *tree)
207
{
208
g_tree_destroy(tree->tree);
209
--
210
2.7.4
211
212
diff view generated by jsdifflib
New patch
[PULL V2 10/15] util: add iova_tree_find_iova
1
From: Eugenio Pérez <eperezma@redhat.com>
1
2
3
This function does the reverse operation of iova_tree_find: To look for
4
a mapping that match a translated address so we can do the reverse.
5
6
This have linear complexity instead of logarithmic, but it supports
7
overlapping HVA. Future developments could reduce it.
8
9
Acked-by: Michael S. Tsirkin <mst@redhat.com>
10
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
11
Signed-off-by: Jason Wang <jasowang@redhat.com>
12
---
13
include/qemu/iova-tree.h | 20 +++++++++++++++++++-
14
util/iova-tree.c | 34 ++++++++++++++++++++++++++++++++++
15
2 files changed, 53 insertions(+), 1 deletion(-)
16
17
diff --git a/include/qemu/iova-tree.h b/include/qemu/iova-tree.h
18
index XXXXXXX..XXXXXXX 100644
19
--- a/include/qemu/iova-tree.h
20
+++ b/include/qemu/iova-tree.h
21
@@ -XXX,XX +XXX,XX @@ int iova_tree_remove(IOVATree *tree, const DMAMap *map);
22
* @tree: the iova tree to search from
23
* @map: the mapping to search
24
*
25
- * Search for a mapping in the iova tree that overlaps with the
26
+ * Search for a mapping in the iova tree that iova overlaps with the
27
* mapping range specified. Only the first found mapping will be
28
* returned.
29
*
30
@@ -XXX,XX +XXX,XX @@ int iova_tree_remove(IOVATree *tree, const DMAMap *map);
31
const DMAMap *iova_tree_find(const IOVATree *tree, const DMAMap *map);
32
33
/**
34
+ * iova_tree_find_iova:
35
+ *
36
+ * @tree: the iova tree to search from
37
+ * @map: the mapping to search
38
+ *
39
+ * Search for a mapping in the iova tree that translated_addr overlaps with the
40
+ * mapping range specified. Only the first found mapping will be
41
+ * returned.
42
+ *
43
+ * Return: DMAMap pointer if found, or NULL if not found. Note that
44
+ * the returned DMAMap pointer is maintained internally. User should
45
+ * only read the content but never modify or free the content. Also,
46
+ * user is responsible to make sure the pointer is valid (say, no
47
+ * concurrent deletion in progress).
48
+ */
49
+const DMAMap *iova_tree_find_iova(const IOVATree *tree, const DMAMap *map);
50
+
51
+/**
52
* iova_tree_find_address:
53
*
54
* @tree: the iova tree to search from
55
diff --git a/util/iova-tree.c b/util/iova-tree.c
56
index XXXXXXX..XXXXXXX 100644
57
--- a/util/iova-tree.c
58
+++ b/util/iova-tree.c
59
@@ -XXX,XX +XXX,XX @@ struct IOVATreeAllocArgs {
60
bool iova_found;
61
};
62
63
+typedef struct IOVATreeFindIOVAArgs {
64
+ const DMAMap *needle;
65
+ const DMAMap *result;
66
+} IOVATreeFindIOVAArgs;
67
+
68
/**
69
* Iterate args to the next hole
70
*
71
@@ -XXX,XX +XXX,XX @@ const DMAMap *iova_tree_find(const IOVATree *tree, const DMAMap *map)
72
return g_tree_lookup(tree->tree, map);
73
}
74
75
+static gboolean iova_tree_find_address_iterator(gpointer key, gpointer value,
76
+ gpointer data)
77
+{
78
+ const DMAMap *map = key;
79
+ IOVATreeFindIOVAArgs *args = data;
80
+ const DMAMap *needle;
81
+
82
+ g_assert(key == value);
83
+
84
+ needle = args->needle;
85
+ if (map->translated_addr + map->size < needle->translated_addr ||
86
+ needle->translated_addr + needle->size < map->translated_addr) {
87
+ return false;
88
+ }
89
+
90
+ args->result = map;
91
+ return true;
92
+}
93
+
94
+const DMAMap *iova_tree_find_iova(const IOVATree *tree, const DMAMap *map)
95
+{
96
+ IOVATreeFindIOVAArgs args = {
97
+ .needle = map,
98
+ };
99
+
100
+ g_tree_foreach(tree->tree, iova_tree_find_address_iterator, &args);
101
+ return args.result;
102
+}
103
+
104
const DMAMap *iova_tree_find_address(const IOVATree *tree, hwaddr iova)
105
{
106
const DMAMap map = { .iova = iova, .size = 0 };
107
--
108
2.7.4
109
110
diff view generated by jsdifflib
[PULL 5/7] net: check if the file descriptor is valid before using it
[PULL V2 11/15] vhost: Add VhostIOVATree
1
From: Laurent Vivier <lvivier@redhat.com>
1
From: Eugenio Pérez <eperezma@redhat.com>
2
2
3
qemu_set_nonblock() checks that the file descriptor can be used and, if
3
This tree is able to look for a translated address from an IOVA address.
4
not, crashes QEMU. An assert() is used for that. The use of assert() is
5
used to detect programming error and the coredump will allow to debug
6
the problem.
7
4
8
But in the case of the tap device, this assert() can be triggered by
5
At first glance it is similar to util/iova-tree. However, SVQ working on
9
a misconfiguration by the user. At startup, it's not a real problem, but it
6
devices with limited IOVA space need more capabilities, like allocating
10
can also happen during the hot-plug of a new device, and here it's a
7
IOVA chunks or performing reverse translations (qemu addresses to iova).
11
problem because we can crash a perfectly healthy system.
12
8
13
For instance:
9
The allocation capability, as "assign a free IOVA address to this chunk
14
# ip link add link virbr0 name macvtap0 type macvtap mode bridge
10
of memory in qemu's address space" allows shadow virtqueue to create a
15
# ip link set macvtap0 up
11
new address space that is not restricted by guest's addressable one, so
16
# TAP=/dev/tap$(ip -o link show macvtap0 | cut -d: -f1)
12
we can allocate shadow vqs vrings outside of it.
17
# qemu-system-x86_64 -machine q35 -device pcie-root-port,id=pcie-root-port-0 -monitor stdio 9<> $TAP
18
(qemu) netdev_add type=tap,id=hostnet0,vhost=on,fd=9
19
(qemu) device_add driver=virtio-net-pci,netdev=hostnet0,id=net0,bus=pcie-root-port-0
20
(qemu) device_del net0
21
(qemu) netdev_del hostnet0
22
(qemu) netdev_add type=tap,id=hostnet1,vhost=on,fd=9
23
qemu-system-x86_64: .../util/oslib-posix.c:247: qemu_set_nonblock: Assertion `f != -1' failed.
24
Aborted (core dumped)
25
13
26
To avoid that, add a function, qemu_try_set_nonblock(), that allows to report the
14
It duplicates the tree so it can search efficiently in both directions,
27
problem without crashing.
15
and it will signal overlap if iova or the translated address is present
16
in any tree.
28
17
29
In the same way, we also update the function for vhostfd in net_init_tap_one() and
18
Acked-by: Michael S. Tsirkin <mst@redhat.com>
30
for fd in net_init_socket() (both descriptors are provided by the user and can
19
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
31
be wrong).
32
33
Signed-off-by: Laurent Vivier <lvivier@redhat.com>
34
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
35
Signed-off-by: Jason Wang <jasowang@redhat.com>
20
Signed-off-by: Jason Wang <jasowang@redhat.com>
36
---
21
---
37
include/qemu/sockets.h | 1 +
22
hw/virtio/meson.build | 2 +-
38
net/socket.c | 9 ++++++--
23
hw/virtio/vhost-iova-tree.c | 110 ++++++++++++++++++++++++++++++++++++++++++++
39
net/tap.c | 25 ++++++++++++++++++----
24
hw/virtio/vhost-iova-tree.h | 27 +++++++++++
40
util/oslib-posix.c | 26 ++++++++++++++++-------
25
3 files changed, 138 insertions(+), 1 deletion(-)
41
util/oslib-win32.c | 57 ++++++++++++++++++++++++++++----------------------
26
create mode 100644 hw/virtio/vhost-iova-tree.c
42
5 files changed, 79 insertions(+), 39 deletions(-)
27
create mode 100644 hw/virtio/vhost-iova-tree.h
43
28
44
diff --git a/include/qemu/sockets.h b/include/qemu/sockets.h
29
diff --git a/hw/virtio/meson.build b/hw/virtio/meson.build
45
index XXXXXXX..XXXXXXX 100644
30
index XXXXXXX..XXXXXXX 100644
46
--- a/include/qemu/sockets.h
31
--- a/hw/virtio/meson.build
47
+++ b/include/qemu/sockets.h
32
+++ b/hw/virtio/meson.build
48
@@ -XXX,XX +XXX,XX @@ int qemu_accept(int s, struct sockaddr *addr, socklen_t *addrlen);
33
@@ -XXX,XX +XXX,XX @@ softmmu_ss.add(when: 'CONFIG_ALL', if_true: files('vhost-stub.c'))
49
int socket_set_cork(int fd, int v);
34
50
int socket_set_nodelay(int fd);
35
virtio_ss = ss.source_set()
51
void qemu_set_block(int fd);
36
virtio_ss.add(files('virtio.c'))
52
+int qemu_try_set_nonblock(int fd);
37
-virtio_ss.add(when: 'CONFIG_VHOST', if_true: files('vhost.c', 'vhost-backend.c', 'vhost-shadow-virtqueue.c'))
53
void qemu_set_nonblock(int fd);
38
+virtio_ss.add(when: 'CONFIG_VHOST', if_true: files('vhost.c', 'vhost-backend.c', 'vhost-shadow-virtqueue.c', 'vhost-iova-tree.c'))
54
int socket_set_fast_reuse(int fd);
39
virtio_ss.add(when: 'CONFIG_VHOST_USER', if_true: files('vhost-user.c'))
55
40
virtio_ss.add(when: 'CONFIG_VHOST_VDPA', if_true: files('vhost-vdpa.c'))
56
diff --git a/net/socket.c b/net/socket.c
41
virtio_ss.add(when: 'CONFIG_VIRTIO_BALLOON', if_true: files('virtio-balloon.c'))
57
index XXXXXXX..XXXXXXX 100644
42
diff --git a/hw/virtio/vhost-iova-tree.c b/hw/virtio/vhost-iova-tree.c
58
--- a/net/socket.c
43
new file mode 100644
59
+++ b/net/socket.c
44
index XXXXXXX..XXXXXXX
60
@@ -XXX,XX +XXX,XX @@ int net_init_socket(const Netdev *netdev, const char *name,
45
--- /dev/null
61
}
46
+++ b/hw/virtio/vhost-iova-tree.c
62
47
@@ -XXX,XX +XXX,XX @@
63
if (sock->has_fd) {
48
+/*
64
- int fd;
49
+ * vhost software live migration iova tree
65
+ int fd, ret;
50
+ *
66
51
+ * SPDX-FileCopyrightText: Red Hat, Inc. 2021
67
fd = monitor_fd_param(cur_mon, sock->fd, errp);
52
+ * SPDX-FileContributor: Author: Eugenio Pérez <eperezma@redhat.com>
68
if (fd == -1) {
53
+ *
69
return -1;
54
+ * SPDX-License-Identifier: GPL-2.0-or-later
70
}
55
+ */
71
- qemu_set_nonblock(fd);
72
+ ret = qemu_try_set_nonblock(fd);
73
+ if (ret < 0) {
74
+ error_setg_errno(errp, -ret, "%s: Can't use file descriptor %d",
75
+ name, fd);
76
+ return -1;
77
+ }
78
if (!net_socket_fd_init(peer, "socket", name, fd, 1, sock->mcast,
79
errp)) {
80
return -1;
81
diff --git a/net/tap.c b/net/tap.c
82
index XXXXXXX..XXXXXXX 100644
83
--- a/net/tap.c
84
+++ b/net/tap.c
85
@@ -XXX,XX +XXX,XX @@ static void net_init_tap_one(const NetdevTapOptions *tap, NetClientState *peer,
86
}
87
88
if (vhostfdname) {
89
+ int ret;
90
+
56
+
91
vhostfd = monitor_fd_param(cur_mon, vhostfdname, &err);
57
+#include "qemu/osdep.h"
92
if (vhostfd == -1) {
58
+#include "qemu/iova-tree.h"
93
if (tap->has_vhostforce && tap->vhostforce) {
59
+#include "vhost-iova-tree.h"
94
@@ -XXX,XX +XXX,XX @@ static void net_init_tap_one(const NetdevTapOptions *tap, NetClientState *peer,
60
+
95
}
61
+#define iova_min_addr qemu_real_host_page_size
96
return;
62
+
97
}
63
+/**
98
- qemu_set_nonblock(vhostfd);
64
+ * VhostIOVATree, able to:
99
+ ret = qemu_try_set_nonblock(vhostfd);
65
+ * - Translate iova address
100
+ if (ret < 0) {
66
+ * - Reverse translate iova address (from translated to iova)
101
+ error_setg_errno(errp, -ret, "%s: Can't use file descriptor %d",
67
+ * - Allocate IOVA regions for translated range (linear operation)
102
+ name, fd);
68
+ */
103
+ return;
69
+struct VhostIOVATree {
104
+ }
70
+ /* First addressable iova address in the device */
105
} else {
71
+ uint64_t iova_first;
106
vhostfd = open("/dev/vhost-net", O_RDWR);
72
+
107
if (vhostfd < 0) {
73
+ /* Last addressable iova address in the device */
108
@@ -XXX,XX +XXX,XX @@ int net_init_tap(const Netdev *netdev, const char *name,
74
+ uint64_t iova_last;
109
Error *err = NULL;
75
+
110
const char *vhostfdname;
76
+ /* IOVA address to qemu memory maps. */
111
char ifname[128];
77
+ IOVATree *iova_taddr_map;
112
+ int ret = 0;
78
+};
113
79
+
114
assert(netdev->type == NET_CLIENT_DRIVER_TAP);
80
+/**
115
tap = &netdev->u.tap;
81
+ * Create a new IOVA tree
116
@@ -XXX,XX +XXX,XX @@ int net_init_tap(const Netdev *netdev, const char *name,
82
+ *
117
return -1;
83
+ * Returns the new IOVA tree
118
}
84
+ */
119
85
+VhostIOVATree *vhost_iova_tree_new(hwaddr iova_first, hwaddr iova_last)
120
- qemu_set_nonblock(fd);
86
+{
121
+ ret = qemu_try_set_nonblock(fd);
87
+ VhostIOVATree *tree = g_new(VhostIOVATree, 1);
122
+ if (ret < 0) {
88
+
123
+ error_setg_errno(errp, -ret, "%s: Can't use file descriptor %d",
89
+ /* Some devices do not like 0 addresses */
124
+ name, fd);
90
+ tree->iova_first = MAX(iova_first, iova_min_addr);
125
+ return -1;
91
+ tree->iova_last = iova_last;
126
+ }
92
+
127
93
+ tree->iova_taddr_map = iova_tree_new();
128
vnet_hdr = tap_probe_vnet_hdr(fd);
94
+ return tree;
129
130
@@ -XXX,XX +XXX,XX @@ int net_init_tap(const Netdev *netdev, const char *name,
131
char **fds;
132
char **vhost_fds;
133
int nfds = 0, nvhosts = 0;
134
- int ret = 0;
135
136
if (tap->has_ifname || tap->has_script || tap->has_downscript ||
137
tap->has_vnet_hdr || tap->has_helper || tap->has_queues ||
138
@@ -XXX,XX +XXX,XX @@ int net_init_tap(const Netdev *netdev, const char *name,
139
goto free_fail;
140
}
141
142
- qemu_set_nonblock(fd);
143
+ ret = qemu_try_set_nonblock(fd);
144
+ if (ret < 0) {
145
+ error_setg_errno(errp, -ret, "%s: Can't use file descriptor %d",
146
+ name, fd);
147
+ goto free_fail;
148
+ }
149
150
if (i == 0) {
151
vnet_hdr = tap_probe_vnet_hdr(fd);
152
diff --git a/util/oslib-posix.c b/util/oslib-posix.c
153
index XXXXXXX..XXXXXXX 100644
154
--- a/util/oslib-posix.c
155
+++ b/util/oslib-posix.c
156
@@ -XXX,XX +XXX,XX @@ void qemu_set_block(int fd)
157
assert(f != -1);
158
}
159
160
-void qemu_set_nonblock(int fd)
161
+int qemu_try_set_nonblock(int fd)
162
{
163
int f;
164
f = fcntl(fd, F_GETFL);
165
- assert(f != -1);
166
- f = fcntl(fd, F_SETFL, f | O_NONBLOCK);
167
-#ifdef __OpenBSD__
168
if (f == -1) {
169
+ return -errno;
170
+ }
171
+ if (fcntl(fd, F_SETFL, f | O_NONBLOCK) == -1) {
172
+#ifdef __OpenBSD__
173
/*
174
* Previous to OpenBSD 6.3, fcntl(F_SETFL) is not permitted on
175
* memory devices and sets errno to ENODEV.
176
* It's OK if we fail to set O_NONBLOCK on devices like /dev/null,
177
* because they will never block anyway.
178
*/
179
- assert(errno == ENODEV);
180
- }
181
-#else
182
- assert(f != -1);
183
+ if (errno == ENODEV) {
184
+ return 0;
185
+ }
186
#endif
187
+ return -errno;
188
+ }
189
+ return 0;
190
+}
95
+}
191
+
96
+
192
+void qemu_set_nonblock(int fd)
97
+/**
98
+ * Delete an iova tree
99
+ */
100
+void vhost_iova_tree_delete(VhostIOVATree *iova_tree)
193
+{
101
+{
194
+ int f;
102
+ iova_tree_destroy(iova_tree->iova_taddr_map);
195
+ f = qemu_try_set_nonblock(fd);
103
+ g_free(iova_tree);
196
+ assert(f == 0);
197
}
198
199
int socket_set_fast_reuse(int fd)
200
diff --git a/util/oslib-win32.c b/util/oslib-win32.c
201
index XXXXXXX..XXXXXXX 100644
202
--- a/util/oslib-win32.c
203
+++ b/util/oslib-win32.c
204
@@ -XXX,XX +XXX,XX @@ struct tm *localtime_r(const time_t *timep, struct tm *result)
205
}
206
#endif /* CONFIG_LOCALTIME_R */
207
208
-void qemu_set_block(int fd)
209
-{
210
- unsigned long opt = 0;
211
- WSAEventSelect(fd, NULL, 0);
212
- ioctlsocket(fd, FIONBIO, &opt);
213
-}
214
-
215
-void qemu_set_nonblock(int fd)
216
-{
217
- unsigned long opt = 1;
218
- ioctlsocket(fd, FIONBIO, &opt);
219
- qemu_fd_register(fd);
220
-}
221
-
222
-int socket_set_fast_reuse(int fd)
223
-{
224
- /* Enabling the reuse of an endpoint that was used by a socket still in
225
- * TIME_WAIT state is usually performed by setting SO_REUSEADDR. On Windows
226
- * fast reuse is the default and SO_REUSEADDR does strange things. So we
227
- * don't have to do anything here. More info can be found at:
228
- * http://msdn.microsoft.com/en-us/library/windows/desktop/ms740621.aspx */
229
- return 0;
230
-}
231
-
232
-
233
static int socket_error(void)
234
{
235
switch (WSAGetLastError()) {
236
@@ -XXX,XX +XXX,XX @@ static int socket_error(void)
237
}
238
}
239
240
+void qemu_set_block(int fd)
241
+{
242
+ unsigned long opt = 0;
243
+ WSAEventSelect(fd, NULL, 0);
244
+ ioctlsocket(fd, FIONBIO, &opt);
245
+}
104
+}
246
+
105
+
247
+int qemu_try_set_nonblock(int fd)
106
+/**
107
+ * Find the IOVA address stored from a memory address
108
+ *
109
+ * @tree: The iova tree
110
+ * @map: The map with the memory address
111
+ *
112
+ * Return the stored mapping, or NULL if not found.
113
+ */
114
+const DMAMap *vhost_iova_tree_find_iova(const VhostIOVATree *tree,
115
+ const DMAMap *map)
248
+{
116
+{
249
+ unsigned long opt = 1;
117
+ return iova_tree_find_iova(tree->iova_taddr_map, map);
250
+ if (ioctlsocket(fd, FIONBIO, &opt) != NO_ERROR) {
251
+ return -socket_error();
252
+ }
253
+ qemu_fd_register(fd);
254
+ return 0;
255
+}
118
+}
256
+
119
+
257
+void qemu_set_nonblock(int fd)
120
+/**
121
+ * Allocate a new mapping
122
+ *
123
+ * @tree: The iova tree
124
+ * @map: The iova map
125
+ *
126
+ * Returns:
127
+ * - IOVA_OK if the map fits in the container
128
+ * - IOVA_ERR_INVALID if the map does not make sense (like size overflow)
129
+ * - IOVA_ERR_NOMEM if tree cannot allocate more space.
130
+ *
131
+ * It returns assignated iova in map->iova if return value is VHOST_DMA_MAP_OK.
132
+ */
133
+int vhost_iova_tree_map_alloc(VhostIOVATree *tree, DMAMap *map)
258
+{
134
+{
259
+ (void)qemu_try_set_nonblock(fd);
135
+ /* Some vhost devices do not like addr 0. Skip first page */
136
+ hwaddr iova_first = tree->iova_first ?: qemu_real_host_page_size;
137
+
138
+ if (map->translated_addr + map->size < map->translated_addr ||
139
+ map->perm == IOMMU_NONE) {
140
+ return IOVA_ERR_INVALID;
141
+ }
142
+
143
+ /* Allocate a node in IOVA address */
144
+ return iova_tree_alloc_map(tree->iova_taddr_map, map, iova_first,
145
+ tree->iova_last);
260
+}
146
+}
261
+
147
+
262
+int socket_set_fast_reuse(int fd)
148
+/**
149
+ * Remove existing mappings from iova tree
150
+ *
151
+ * @iova_tree: The vhost iova tree
152
+ * @map: The map to remove
153
+ */
154
+void vhost_iova_tree_remove(VhostIOVATree *iova_tree, const DMAMap *map)
263
+{
155
+{
264
+ /* Enabling the reuse of an endpoint that was used by a socket still in
156
+ iova_tree_remove(iova_tree->iova_taddr_map, map);
265
+ * TIME_WAIT state is usually performed by setting SO_REUSEADDR. On Windows
266
+ * fast reuse is the default and SO_REUSEADDR does strange things. So we
267
+ * don't have to do anything here. More info can be found at:
268
+ * http://msdn.microsoft.com/en-us/library/windows/desktop/ms740621.aspx */
269
+ return 0;
270
+}
157
+}
158
diff --git a/hw/virtio/vhost-iova-tree.h b/hw/virtio/vhost-iova-tree.h
159
new file mode 100644
160
index XXXXXXX..XXXXXXX
161
--- /dev/null
162
+++ b/hw/virtio/vhost-iova-tree.h
163
@@ -XXX,XX +XXX,XX @@
164
+/*
165
+ * vhost software live migration iova tree
166
+ *
167
+ * SPDX-FileCopyrightText: Red Hat, Inc. 2021
168
+ * SPDX-FileContributor: Author: Eugenio Pérez <eperezma@redhat.com>
169
+ *
170
+ * SPDX-License-Identifier: GPL-2.0-or-later
171
+ */
271
+
172
+
272
int inet_aton(const char *cp, struct in_addr *ia)
173
+#ifndef HW_VIRTIO_VHOST_IOVA_TREE_H
273
{
174
+#define HW_VIRTIO_VHOST_IOVA_TREE_H
274
uint32_t addr = inet_addr(cp);
175
+
176
+#include "qemu/iova-tree.h"
177
+#include "exec/memory.h"
178
+
179
+typedef struct VhostIOVATree VhostIOVATree;
180
+
181
+VhostIOVATree *vhost_iova_tree_new(uint64_t iova_first, uint64_t iova_last);
182
+void vhost_iova_tree_delete(VhostIOVATree *iova_tree);
183
+G_DEFINE_AUTOPTR_CLEANUP_FUNC(VhostIOVATree, vhost_iova_tree_delete);
184
+
185
+const DMAMap *vhost_iova_tree_find_iova(const VhostIOVATree *iova_tree,
186
+ const DMAMap *map);
187
+int vhost_iova_tree_map_alloc(VhostIOVATree *iova_tree, DMAMap *map);
188
+void vhost_iova_tree_remove(VhostIOVATree *iova_tree, const DMAMap *map);
189
+
190
+#endif
275
--
191
--
276
2.5.0
192
2.7.4
277
193
278
194
diff view generated by jsdifflib
New patch
[PULL V2 12/15] vdpa: Add custom IOTLB translations to SVQ
1
1
From: Eugenio Pérez <eperezma@redhat.com>
2
3
Use translations added in VhostIOVATree in SVQ.
4
5
Only introduce usage here, not allocation and deallocation. As with
6
previous patches, we use the dead code paths of shadow_vqs_enabled to
7
avoid commiting too many changes at once. These are impossible to take
8
at the moment.
9
10
Acked-by: Michael S. Tsirkin <mst@redhat.com>
11
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
12
Signed-off-by: Jason Wang <jasowang@redhat.com>
13
---
14
hw/virtio/vhost-shadow-virtqueue.c | 75 +++++++++++++++++++++--
15
hw/virtio/vhost-shadow-virtqueue.h | 6 +-
16
hw/virtio/vhost-vdpa.c | 122 +++++++++++++++++++++++++++++++------
17
include/hw/virtio/vhost-vdpa.h | 3 +
18
4 files changed, 181 insertions(+), 25 deletions(-)
19
20
diff --git a/hw/virtio/vhost-shadow-virtqueue.c b/hw/virtio/vhost-shadow-virtqueue.c
21
index XXXXXXX..XXXXXXX 100644
22
--- a/hw/virtio/vhost-shadow-virtqueue.c
23
+++ b/hw/virtio/vhost-shadow-virtqueue.c
24
@@ -XXX,XX +XXX,XX @@ static uint16_t vhost_svq_available_slots(const VhostShadowVirtqueue *svq)
25
return svq->vring.num - (svq->shadow_avail_idx - svq->shadow_used_idx);
26
}
27
28
+/**
29
+ * Translate addresses between the qemu's virtual address and the SVQ IOVA
30
+ *
31
+ * @svq: Shadow VirtQueue
32
+ * @vaddr: Translated IOVA addresses
33
+ * @iovec: Source qemu's VA addresses
34
+ * @num: Length of iovec and minimum length of vaddr
35
+ */
36
+static bool vhost_svq_translate_addr(const VhostShadowVirtqueue *svq,
37
+ void **addrs, const struct iovec *iovec,
38
+ size_t num)
39
+{
40
+ if (num == 0) {
41
+ return true;
42
+ }
43
+
44
+ for (size_t i = 0; i < num; ++i) {
45
+ DMAMap needle = {
46
+ .translated_addr = (hwaddr)iovec[i].iov_base,
47
+ .size = iovec[i].iov_len,
48
+ };
49
+ size_t off;
50
+
51
+ const DMAMap *map = vhost_iova_tree_find_iova(svq->iova_tree, &needle);
52
+ /*
53
+ * Map cannot be NULL since iova map contains all guest space and
54
+ * qemu already has a physical address mapped
55
+ */
56
+ if (unlikely(!map)) {
57
+ qemu_log_mask(LOG_GUEST_ERROR,
58
+ "Invalid address 0x%"HWADDR_PRIx" given by guest",
59
+ needle.translated_addr);
60
+ return false;
61
+ }
62
+
63
+ off = needle.translated_addr - map->translated_addr;
64
+ addrs[i] = (void *)(map->iova + off);
65
+
66
+ if (unlikely(int128_gt(int128_add(needle.translated_addr,
67
+ iovec[i].iov_len),
68
+ map->translated_addr + map->size))) {
69
+ qemu_log_mask(LOG_GUEST_ERROR,
70
+ "Guest buffer expands over iova range");
71
+ return false;
72
+ }
73
+ }
74
+
75
+ return true;
76
+}
77
+
78
static void vhost_vring_write_descs(VhostShadowVirtqueue *svq,
79
+ void * const *sg,
80
const struct iovec *iovec,
81
size_t num, bool more_descs, bool write)
82
{
83
@@ -XXX,XX +XXX,XX @@ static void vhost_vring_write_descs(VhostShadowVirtqueue *svq,
84
} else {
85
descs[i].flags = flags;
86
}
87
- descs[i].addr = cpu_to_le64((hwaddr)iovec[n].iov_base);
88
+ descs[i].addr = cpu_to_le64((hwaddr)sg[n]);
89
descs[i].len = cpu_to_le32(iovec[n].iov_len);
90
91
last = i;
92
@@ -XXX,XX +XXX,XX @@ static bool vhost_svq_add_split(VhostShadowVirtqueue *svq,
93
{
94
unsigned avail_idx;
95
vring_avail_t *avail = svq->vring.avail;
96
+ bool ok;
97
+ g_autofree void **sgs = g_new(void *, MAX(elem->out_num, elem->in_num));
98
99
*head = svq->free_head;
100
101
@@ -XXX,XX +XXX,XX @@ static bool vhost_svq_add_split(VhostShadowVirtqueue *svq,
102
return false;
103
}
104
105
- vhost_vring_write_descs(svq, elem->out_sg, elem->out_num,
106
+ ok = vhost_svq_translate_addr(svq, sgs, elem->out_sg, elem->out_num);
107
+ if (unlikely(!ok)) {
108
+ return false;
109
+ }
110
+ vhost_vring_write_descs(svq, sgs, elem->out_sg, elem->out_num,
111
elem->in_num > 0, false);
112
- vhost_vring_write_descs(svq, elem->in_sg, elem->in_num, false, true);
113
+
114
+
115
+ ok = vhost_svq_translate_addr(svq, sgs, elem->in_sg, elem->in_num);
116
+ if (unlikely(!ok)) {
117
+ return false;
118
+ }
119
+
120
+ vhost_vring_write_descs(svq, sgs, elem->in_sg, elem->in_num, false, true);
121
122
/*
123
* Put the entry in the available array (but don't update avail->idx until
124
@@ -XXX,XX +XXX,XX @@ void vhost_svq_stop(VhostShadowVirtqueue *svq)
125
* Creates vhost shadow virtqueue, and instructs the vhost device to use the
126
* shadow methods and file descriptors.
127
*
128
+ * @iova_tree: Tree to perform descriptors translations
129
+ *
130
* Returns the new virtqueue or NULL.
131
*
132
* In case of error, reason is reported through error_report.
133
*/
134
-VhostShadowVirtqueue *vhost_svq_new(void)
135
+VhostShadowVirtqueue *vhost_svq_new(VhostIOVATree *iova_tree)
136
{
137
g_autofree VhostShadowVirtqueue *svq = g_new0(VhostShadowVirtqueue, 1);
138
int r;
139
@@ -XXX,XX +XXX,XX @@ VhostShadowVirtqueue *vhost_svq_new(void)
140
141
event_notifier_init_fd(&svq->svq_kick, VHOST_FILE_UNBIND);
142
event_notifier_set_handler(&svq->hdev_call, vhost_svq_handle_call);
143
+ svq->iova_tree = iova_tree;
144
return g_steal_pointer(&svq);
145
146
err_init_hdev_call:
147
diff --git a/hw/virtio/vhost-shadow-virtqueue.h b/hw/virtio/vhost-shadow-virtqueue.h
148
index XXXXXXX..XXXXXXX 100644
149
--- a/hw/virtio/vhost-shadow-virtqueue.h
150
+++ b/hw/virtio/vhost-shadow-virtqueue.h
151
@@ -XXX,XX +XXX,XX @@
152
#include "qemu/event_notifier.h"
153
#include "hw/virtio/virtio.h"
154
#include "standard-headers/linux/vhost_types.h"
155
+#include "hw/virtio/vhost-iova-tree.h"
156
157
/* Shadow virtqueue to relay notifications */
158
typedef struct VhostShadowVirtqueue {
159
@@ -XXX,XX +XXX,XX @@ typedef struct VhostShadowVirtqueue {
160
/* Virtio device */
161
VirtIODevice *vdev;
162
163
+ /* IOVA mapping */
164
+ VhostIOVATree *iova_tree;
165
+
166
/* Map for use the guest's descriptors */
167
VirtQueueElement **ring_id_maps;
168
169
@@ -XXX,XX +XXX,XX @@ void vhost_svq_start(VhostShadowVirtqueue *svq, VirtIODevice *vdev,
170
VirtQueue *vq);
171
void vhost_svq_stop(VhostShadowVirtqueue *svq);
172
173
-VhostShadowVirtqueue *vhost_svq_new(void);
174
+VhostShadowVirtqueue *vhost_svq_new(VhostIOVATree *iova_tree);
175
176
void vhost_svq_free(gpointer vq);
177
G_DEFINE_AUTOPTR_CLEANUP_FUNC(VhostShadowVirtqueue, vhost_svq_free);
178
diff --git a/hw/virtio/vhost-vdpa.c b/hw/virtio/vhost-vdpa.c
179
index XXXXXXX..XXXXXXX 100644
180
--- a/hw/virtio/vhost-vdpa.c
181
+++ b/hw/virtio/vhost-vdpa.c
182
@@ -XXX,XX +XXX,XX @@ static void vhost_vdpa_listener_region_add(MemoryListener *listener,
183
vaddr, section->readonly);
184
185
llsize = int128_sub(llend, int128_make64(iova));
186
+ if (v->shadow_vqs_enabled) {
187
+ DMAMap mem_region = {
188
+ .translated_addr = (hwaddr)vaddr,
189
+ .size = int128_get64(llsize) - 1,
190
+ .perm = IOMMU_ACCESS_FLAG(true, section->readonly),
191
+ };
192
+
193
+ int r = vhost_iova_tree_map_alloc(v->iova_tree, &mem_region);
194
+ if (unlikely(r != IOVA_OK)) {
195
+ error_report("Can't allocate a mapping (%d)", r);
196
+ goto fail;
197
+ }
198
+
199
+ iova = mem_region.iova;
200
+ }
201
202
vhost_vdpa_iotlb_batch_begin_once(v);
203
ret = vhost_vdpa_dma_map(v, iova, int128_get64(llsize),
204
@@ -XXX,XX +XXX,XX @@ static void vhost_vdpa_listener_region_del(MemoryListener *listener,
205
206
llsize = int128_sub(llend, int128_make64(iova));
207
208
+ if (v->shadow_vqs_enabled) {
209
+ const DMAMap *result;
210
+ const void *vaddr = memory_region_get_ram_ptr(section->mr) +
211
+ section->offset_within_region +
212
+ (iova - section->offset_within_address_space);
213
+ DMAMap mem_region = {
214
+ .translated_addr = (hwaddr)vaddr,
215
+ .size = int128_get64(llsize) - 1,
216
+ };
217
+
218
+ result = vhost_iova_tree_find_iova(v->iova_tree, &mem_region);
219
+ iova = result->iova;
220
+ vhost_iova_tree_remove(v->iova_tree, &mem_region);
221
+ }
222
vhost_vdpa_iotlb_batch_begin_once(v);
223
ret = vhost_vdpa_dma_unmap(v, iova, int128_get64(llsize));
224
if (ret) {
225
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_init_svq(struct vhost_dev *hdev, struct vhost_vdpa *v,
226
227
shadow_vqs = g_ptr_array_new_full(hdev->nvqs, vhost_svq_free);
228
for (unsigned n = 0; n < hdev->nvqs; ++n) {
229
- g_autoptr(VhostShadowVirtqueue) svq = vhost_svq_new();
230
+ g_autoptr(VhostShadowVirtqueue) svq = vhost_svq_new(v->iova_tree);
231
232
if (unlikely(!svq)) {
233
error_setg(errp, "Cannot create svq %u", n);
234
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_svq_set_fds(struct vhost_dev *dev,
235
/**
236
* Unmap a SVQ area in the device
237
*/
238
-static bool vhost_vdpa_svq_unmap_ring(struct vhost_vdpa *v, hwaddr iova,
239
- hwaddr size)
240
+static bool vhost_vdpa_svq_unmap_ring(struct vhost_vdpa *v,
241
+ const DMAMap *needle)
242
{
243
+ const DMAMap *result = vhost_iova_tree_find_iova(v->iova_tree, needle);
244
+ hwaddr size;
245
int r;
246
247
- size = ROUND_UP(size, qemu_real_host_page_size);
248
- r = vhost_vdpa_dma_unmap(v, iova, size);
249
+ if (unlikely(!result)) {
250
+ error_report("Unable to find SVQ address to unmap");
251
+ return false;
252
+ }
253
+
254
+ size = ROUND_UP(result->size, qemu_real_host_page_size);
255
+ r = vhost_vdpa_dma_unmap(v, result->iova, size);
256
return r == 0;
257
}
258
259
static bool vhost_vdpa_svq_unmap_rings(struct vhost_dev *dev,
260
const VhostShadowVirtqueue *svq)
261
{
262
+ DMAMap needle = {};
263
struct vhost_vdpa *v = dev->opaque;
264
struct vhost_vring_addr svq_addr;
265
- size_t device_size = vhost_svq_device_area_size(svq);
266
- size_t driver_size = vhost_svq_driver_area_size(svq);
267
bool ok;
268
269
vhost_svq_get_vring_addr(svq, &svq_addr);
270
271
- ok = vhost_vdpa_svq_unmap_ring(v, svq_addr.desc_user_addr, driver_size);
272
+ needle.translated_addr = svq_addr.desc_user_addr;
273
+ ok = vhost_vdpa_svq_unmap_ring(v, &needle);
274
if (unlikely(!ok)) {
275
return false;
276
}
277
278
- return vhost_vdpa_svq_unmap_ring(v, svq_addr.used_user_addr, device_size);
279
+ needle.translated_addr = svq_addr.used_user_addr;
280
+ return vhost_vdpa_svq_unmap_ring(v, &needle);
281
+}
282
+
283
+/**
284
+ * Map the SVQ area in the device
285
+ *
286
+ * @v: Vhost-vdpa device
287
+ * @needle: The area to search iova
288
+ * @errorp: Error pointer
289
+ */
290
+static bool vhost_vdpa_svq_map_ring(struct vhost_vdpa *v, DMAMap *needle,
291
+ Error **errp)
292
+{
293
+ int r;
294
+
295
+ r = vhost_iova_tree_map_alloc(v->iova_tree, needle);
296
+ if (unlikely(r != IOVA_OK)) {
297
+ error_setg(errp, "Cannot allocate iova (%d)", r);
298
+ return false;
299
+ }
300
+
301
+ r = vhost_vdpa_dma_map(v, needle->iova, needle->size + 1,
302
+ (void *)needle->translated_addr,
303
+ needle->perm == IOMMU_RO);
304
+ if (unlikely(r != 0)) {
305
+ error_setg_errno(errp, -r, "Cannot map region to device");
306
+ vhost_iova_tree_remove(v->iova_tree, needle);
307
+ }
308
+
309
+ return r == 0;
310
}
311
312
/**
313
@@ -XXX,XX +XXX,XX @@ static bool vhost_vdpa_svq_map_rings(struct vhost_dev *dev,
314
struct vhost_vring_addr *addr,
315
Error **errp)
316
{
317
+ DMAMap device_region, driver_region;
318
+ struct vhost_vring_addr svq_addr;
319
struct vhost_vdpa *v = dev->opaque;
320
size_t device_size = vhost_svq_device_area_size(svq);
321
size_t driver_size = vhost_svq_driver_area_size(svq);
322
- int r;
323
+ size_t avail_offset;
324
+ bool ok;
325
326
ERRP_GUARD();
327
- vhost_svq_get_vring_addr(svq, addr);
328
+ vhost_svq_get_vring_addr(svq, &svq_addr);
329
330
- r = vhost_vdpa_dma_map(v, addr->desc_user_addr, driver_size,
331
- (void *)addr->desc_user_addr, true);
332
- if (unlikely(r != 0)) {
333
- error_setg_errno(errp, -r, "Cannot create vq driver region: ");
334
+ driver_region = (DMAMap) {
335
+ .translated_addr = svq_addr.desc_user_addr,
336
+ .size = driver_size - 1,
337
+ .perm = IOMMU_RO,
338
+ };
339
+ ok = vhost_vdpa_svq_map_ring(v, &driver_region, errp);
340
+ if (unlikely(!ok)) {
341
+ error_prepend(errp, "Cannot create vq driver region: ");
342
return false;
343
}
344
+ addr->desc_user_addr = driver_region.iova;
345
+ avail_offset = svq_addr.avail_user_addr - svq_addr.desc_user_addr;
346
+ addr->avail_user_addr = driver_region.iova + avail_offset;
347
348
- r = vhost_vdpa_dma_map(v, addr->used_user_addr, device_size,
349
- (void *)addr->used_user_addr, false);
350
- if (unlikely(r != 0)) {
351
- error_setg_errno(errp, -r, "Cannot create vq device region: ");
352
+ device_region = (DMAMap) {
353
+ .translated_addr = svq_addr.used_user_addr,
354
+ .size = device_size - 1,
355
+ .perm = IOMMU_RW,
356
+ };
357
+ ok = vhost_vdpa_svq_map_ring(v, &device_region, errp);
358
+ if (unlikely(!ok)) {
359
+ error_prepend(errp, "Cannot create vq device region: ");
360
+ vhost_vdpa_svq_unmap_ring(v, &driver_region);
361
}
362
+ addr->used_user_addr = device_region.iova;
363
364
- return r == 0;
365
+ return ok;
366
}
367
368
static bool vhost_vdpa_svq_setup(struct vhost_dev *dev,
369
diff --git a/include/hw/virtio/vhost-vdpa.h b/include/hw/virtio/vhost-vdpa.h
370
index XXXXXXX..XXXXXXX 100644
371
--- a/include/hw/virtio/vhost-vdpa.h
372
+++ b/include/hw/virtio/vhost-vdpa.h
373
@@ -XXX,XX +XXX,XX @@
374
375
#include <gmodule.h>
376
377
+#include "hw/virtio/vhost-iova-tree.h"
378
#include "hw/virtio/virtio.h"
379
#include "standard-headers/linux/vhost_types.h"
380
381
@@ -XXX,XX +XXX,XX @@ typedef struct vhost_vdpa {
382
MemoryListener listener;
383
struct vhost_vdpa_iova_range iova_range;
384
bool shadow_vqs_enabled;
385
+ /* IOVA mapping used by the Shadow Virtqueue */
386
+ VhostIOVATree *iova_tree;
387
GPtrArray *shadow_vqs;
388
struct vhost_dev *dev;
389
VhostVDPAHostNotifier notifier[VIRTIO_QUEUE_MAX];
390
--
391
2.7.4
392
393
diff view generated by jsdifflib
[PULL 7/7] ftgmac100: fix dblac write test
[PULL V2 13/15] vdpa: Adapt vhost_vdpa_get_vring_base to SVQ
1
From: erik-smit <erik.lucas.smit@gmail.com>
1
From: Eugenio Pérez <eperezma@redhat.com>
2
2
3
The test of the write of the dblac register was testing the old value
3
This is needed to achieve migration, so the destination can restore its
4
instead of the new value. This would accept the write of an invalid value
4
index.
5
but subsequently refuse any following valid writes.
6
5
7
Signed-off-by: erik-smit <erik.lucas.smit@gmail.com>
6
Setting base as last used idx, so destination will see as available all
8
Reviewed-by: Cédric Le Goater <clg@kaod.org>
7
the entries that the device did not use, including the in-flight
8
processing ones.
9
10
This is ok for networking, but other kinds of devices might have
11
problems with these retransmissions.
12
13
Acked-by: Michael S. Tsirkin <mst@redhat.com>
14
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
9
Signed-off-by: Jason Wang <jasowang@redhat.com>
15
Signed-off-by: Jason Wang <jasowang@redhat.com>
10
---
16
---
11
hw/net/ftgmac100.c | 14 ++++++++------
17
hw/virtio/vhost-vdpa.c | 17 +++++++++++++++++
12
1 file changed, 8 insertions(+), 6 deletions(-)
18
1 file changed, 17 insertions(+)
13
19
14
diff --git a/hw/net/ftgmac100.c b/hw/net/ftgmac100.c
20
diff --git a/hw/virtio/vhost-vdpa.c b/hw/virtio/vhost-vdpa.c
15
index XXXXXXX..XXXXXXX 100644
21
index XXXXXXX..XXXXXXX 100644
16
--- a/hw/net/ftgmac100.c
22
--- a/hw/virtio/vhost-vdpa.c
17
+++ b/hw/net/ftgmac100.c
23
+++ b/hw/virtio/vhost-vdpa.c
18
@@ -XXX,XX +XXX,XX @@ static void ftgmac100_write(void *opaque, hwaddr addr,
24
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_set_vring_base(struct vhost_dev *dev,
19
s->phydata = value & 0xffff;
25
static int vhost_vdpa_get_vring_base(struct vhost_dev *dev,
20
break;
26
struct vhost_vring_state *ring)
21
case FTGMAC100_DBLAC: /* DMA Burst Length and Arbitration Control */
27
{
22
- if (FTGMAC100_DBLAC_TXDES_SIZE(s->dblac) < sizeof(FTGMAC100Desc)) {
28
+ struct vhost_vdpa *v = dev->opaque;
23
+ if (FTGMAC100_DBLAC_TXDES_SIZE(value) < sizeof(FTGMAC100Desc)) {
29
int ret;
24
qemu_log_mask(LOG_GUEST_ERROR,
30
25
- "%s: transmit descriptor too small : %d bytes\n",
31
+ if (v->shadow_vqs_enabled) {
26
- __func__, FTGMAC100_DBLAC_TXDES_SIZE(s->dblac));
32
+ VhostShadowVirtqueue *svq = g_ptr_array_index(v->shadow_vqs,
27
+ "%s: transmit descriptor too small: %" PRIx64
33
+ ring->index);
28
+ " bytes\n", __func__,
34
+
29
+ FTGMAC100_DBLAC_TXDES_SIZE(value));
35
+ /*
30
break;
36
+ * Setting base as last used idx, so destination will see as available
31
}
37
+ * all the entries that the device did not use, including the in-flight
32
- if (FTGMAC100_DBLAC_RXDES_SIZE(s->dblac) < sizeof(FTGMAC100Desc)) {
38
+ * processing ones.
33
+ if (FTGMAC100_DBLAC_RXDES_SIZE(value) < sizeof(FTGMAC100Desc)) {
39
+ *
34
qemu_log_mask(LOG_GUEST_ERROR,
40
+ * TODO: This is ok for networking, but other kinds of devices might
35
- "%s: receive descriptor too small : %d bytes\n",
41
+ * have problems with these retransmissions.
36
- __func__, FTGMAC100_DBLAC_RXDES_SIZE(s->dblac));
42
+ */
37
+ "%s: receive descriptor too small : %" PRIx64
43
+ ring->num = svq->last_used_idx;
38
+ " bytes\n", __func__,
44
+ return 0;
39
+ FTGMAC100_DBLAC_RXDES_SIZE(value));
45
+ }
40
break;
46
+
41
}
47
ret = vhost_vdpa_call(dev, VHOST_GET_VRING_BASE, ring);
42
s->dblac = value;
48
trace_vhost_vdpa_get_vring_base(dev, ring->index, ring->num);
49
return ret;
43
--
50
--
44
2.5.0
51
2.7.4
45
52
46
53
diff view generated by jsdifflib
[PULL 4/7] qemu-options.hx: Clean up and fix typo for colo-compare
[PULL V2 14/15] vdpa: Never set log_base addr if SVQ is enabled
1
From: Zhang Chen <chen.zhang@intel.com>
1
From: Eugenio Pérez <eperezma@redhat.com>
2
2
3
Fix some typo and optimized some descriptions.
3
Setting the log address would make the device start reporting invalid
4
dirty memory because the SVQ vrings are located in qemu's memory.
4
5
5
Signed-off-by: Zhang Chen <chen.zhang@intel.com>
6
Acked-by: Michael S. Tsirkin <mst@redhat.com>
7
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
6
Signed-off-by: Jason Wang <jasowang@redhat.com>
8
Signed-off-by: Jason Wang <jasowang@redhat.com>
7
---
9
---
8
qemu-options.hx | 32 ++++++++++++++++----------------
10
hw/virtio/vhost-vdpa.c | 3 ++-
9
1 file changed, 16 insertions(+), 16 deletions(-)
11
1 file changed, 2 insertions(+), 1 deletion(-)
10
12
11
diff --git a/qemu-options.hx b/qemu-options.hx
13
diff --git a/hw/virtio/vhost-vdpa.c b/hw/virtio/vhost-vdpa.c
12
index XXXXXXX..XXXXXXX 100644
14
index XXXXXXX..XXXXXXX 100644
13
--- a/qemu-options.hx
15
--- a/hw/virtio/vhost-vdpa.c
14
+++ b/qemu-options.hx
16
+++ b/hw/virtio/vhost-vdpa.c
15
@@ -XXX,XX +XXX,XX @@ SRST
17
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_dev_start(struct vhost_dev *dev, bool started)
16
tools such as tcpdump or Wireshark.
18
static int vhost_vdpa_set_log_base(struct vhost_dev *dev, uint64_t base,
17
19
struct vhost_log *log)
18
``-object colo-compare,id=id,primary_in=chardevid,secondary_in=chardevid,outdev=chardevid,iothread=id[,vnet_hdr_support][,notify_dev=id][,compare_timeout=@var{ms}][,expired_scan_cycle=@var{ms}][,max_queue_size=@var{size}]``
20
{
19
- Colo-compare gets packet from primary\_inchardevid and
21
- if (vhost_vdpa_one_time_request(dev)) {
20
- secondary\_inchardevid, than compare primary packet with
22
+ struct vhost_vdpa *v = dev->opaque;
21
- secondary packet. If the packets are same, we will output
23
+ if (v->shadow_vqs_enabled || vhost_vdpa_one_time_request(dev)) {
22
- primary packet to outdevchardevid, else we will notify
24
return 0;
23
- colo-frame do checkpoint and send primary packet to
25
}
24
- outdevchardevid. In order to improve efficiency, we need to put
25
- the task of comparison in another thread. If it has the
26
- vnet\_hdr\_support flag, colo compare will send/recv packet with
27
- vnet\_hdr\_len. Then compare\_timeout=@var{ms} determines the
28
- maximum delay colo-compare wait for the packet.
29
- The expired\_scan\_cycle=@var{ms} to set the period of scanning
30
- expired primary node network packets. The max\_queue\_size=@var{size}
31
- is to set the max compare queue size depend on user environment.
32
- If you want to use Xen COLO, will need the notify\_dev to
33
+ Colo-compare gets packet from primary\_in chardevid and
34
+ secondary\_in, then compare whether the payload of primary packet
35
+ and secondary packet are the same. If same, it will output
36
+ primary packet to out\_dev, else it will notify COLO-framework to do
37
+ checkpoint and send primary packet to out\_dev. In order to
38
+ improve efficiency, we need to put the task of comparison in
39
+ another iothread. If it has the vnet\_hdr\_support flag,
40
+ colo compare will send/recv packet with vnet\_hdr\_len.
41
+ The compare\_timeout=@var{ms} determines the maximum time of the
42
+ colo-compare hold the packet. The expired\_scan\_cycle=@var{ms}
43
+ is to set the period of scanning expired primary node network packets.
44
+ The max\_queue\_size=@var{size} is to set the max compare queue
45
+ size depend on user environment.
46
+ If user want to use Xen COLO, need to add the notify\_dev to
47
notify Xen colo-frame to do checkpoint.
48
49
- we must use it with the help of filter-mirror and
50
- filter-redirector.
51
+ COLO-compare must be used with the help of filter-mirror,
52
+ filter-redirector and filter-rewriter.
53
54
::
55
26
56
--
27
--
57
2.5.0
28
2.7.4
58
29
59
30
diff view generated by jsdifflib
[PULL 2/7] hw/net: Added CSO for IPv6
[PULL V2 15/15] vdpa: Expose VHOST_F_LOG_ALL on SVQ
1
From: Andrew <andrew@daynix.com>
1
From: Eugenio Pérez <eperezma@redhat.com>
2
2
3
Added fix for checksum offload for IPv6 if a backend doesn't
3
SVQ is able to log the dirty bits by itself, so let's use it to not
4
have a virtual header.
4
block migration.
5
This patch is a part of IPv6 fragmentation.
6
5
7
Signed-off-by: Andrew Melnychenko <andrew@daynix.com>
6
Also, ignore set and clear of VHOST_F_LOG_ALL on set_features if SVQ is
7
enabled. Even if the device supports it, the reports would be nonsense
8
because SVQ memory is in the qemu region.
9
10
The log region is still allocated. Future changes might skip that, but
11
this series is already long enough.
12
13
Acked-by: Michael S. Tsirkin <mst@redhat.com>
14
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
8
Signed-off-by: Jason Wang <jasowang@redhat.com>
15
Signed-off-by: Jason Wang <jasowang@redhat.com>
9
---
16
---
10
hw/net/net_tx_pkt.c | 15 ++++++++++++---
17
hw/virtio/vhost-vdpa.c | 39 +++++++++++++++++++++++++++++++++++----
11
1 file changed, 12 insertions(+), 3 deletions(-)
18
include/hw/virtio/vhost-vdpa.h | 1 +
19
2 files changed, 36 insertions(+), 4 deletions(-)
12
20
13
diff --git a/hw/net/net_tx_pkt.c b/hw/net/net_tx_pkt.c
21
diff --git a/hw/virtio/vhost-vdpa.c b/hw/virtio/vhost-vdpa.c
14
index XXXXXXX..XXXXXXX 100644
22
index XXXXXXX..XXXXXXX 100644
15
--- a/hw/net/net_tx_pkt.c
23
--- a/hw/virtio/vhost-vdpa.c
16
+++ b/hw/net/net_tx_pkt.c
24
+++ b/hw/virtio/vhost-vdpa.c
17
@@ -XXX,XX +XXX,XX @@ static void net_tx_pkt_do_sw_csum(struct NetTxPkt *pkt)
25
@@ -XXX,XX +XXX,XX @@ static bool vhost_vdpa_one_time_request(struct vhost_dev *dev)
18
/* num of iovec without vhdr */
26
return v->index != 0;
19
uint32_t iov_len = pkt->payload_frags + NET_TX_PKT_PL_START_FRAG - 1;
27
}
20
uint16_t csl;
28
21
- struct ip_header *iphdr;
29
+static int vhost_vdpa_get_dev_features(struct vhost_dev *dev,
22
size_t csum_offset = pkt->virt_hdr.csum_start + pkt->virt_hdr.csum_offset;
30
+ uint64_t *features)
23
+ uint16_t l3_proto = eth_get_l3_proto(iov, 1, iov->iov_len);
31
+{
24
32
+ int ret;
25
/* Put zero to checksum field */
33
+
26
iov_from_buf(iov, iov_len, csum_offset, &csum, sizeof csum);
34
+ ret = vhost_vdpa_call(dev, VHOST_GET_FEATURES, features);
27
@@ -XXX,XX +XXX,XX @@ static void net_tx_pkt_do_sw_csum(struct NetTxPkt *pkt)
35
+ trace_vhost_vdpa_get_features(dev, *features);
28
/* Calculate L4 TCP/UDP checksum */
36
+ return ret;
29
csl = pkt->payload_len;
37
+}
30
38
+
31
+ csum_cntr = 0;
39
static int vhost_vdpa_init_svq(struct vhost_dev *hdev, struct vhost_vdpa *v,
32
+ cso = 0;
40
Error **errp)
33
/* add pseudo header to csum */
41
{
34
- iphdr = pkt->vec[NET_TX_PKT_L3HDR_FRAG].iov_base;
42
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_init_svq(struct vhost_dev *hdev, struct vhost_vdpa *v,
35
- csum_cntr = eth_calc_ip4_pseudo_hdr_csum(iphdr, csl, &cso);
43
return 0;
36
+ if (l3_proto == ETH_P_IP) {
44
}
37
+ csum_cntr = eth_calc_ip4_pseudo_hdr_csum(
45
38
+ pkt->vec[NET_TX_PKT_L3HDR_FRAG].iov_base,
46
- r = hdev->vhost_ops->vhost_get_features(hdev, &dev_features);
39
+ csl, &cso);
47
+ r = vhost_vdpa_get_dev_features(hdev, &dev_features);
40
+ } else if (l3_proto == ETH_P_IPV6) {
48
if (r != 0) {
41
+ csum_cntr = eth_calc_ip6_pseudo_hdr_csum(
49
error_setg_errno(errp, -r, "Can't get vdpa device features");
42
+ pkt->vec[NET_TX_PKT_L3HDR_FRAG].iov_base,
50
return r;
43
+ csl, pkt->l4proto, &cso);
51
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_set_mem_table(struct vhost_dev *dev,
52
static int vhost_vdpa_set_features(struct vhost_dev *dev,
53
uint64_t features)
54
{
55
+ struct vhost_vdpa *v = dev->opaque;
56
int ret;
57
58
if (vhost_vdpa_one_time_request(dev)) {
59
return 0;
60
}
61
62
+ if (v->shadow_vqs_enabled) {
63
+ if ((v->acked_features ^ features) == BIT_ULL(VHOST_F_LOG_ALL)) {
64
+ /*
65
+ * QEMU is just trying to enable or disable logging. SVQ handles
66
+ * this sepparately, so no need to forward this.
67
+ */
68
+ v->acked_features = features;
69
+ return 0;
70
+ }
71
+
72
+ v->acked_features = features;
73
+
74
+ /* We must not ack _F_LOG if SVQ is enabled */
75
+ features &= ~BIT_ULL(VHOST_F_LOG_ALL);
44
+ }
76
+ }
45
77
+
46
/* data checksum */
78
trace_vhost_vdpa_set_features(dev, features);
47
csum_cntr +=
79
ret = vhost_vdpa_call(dev, VHOST_SET_FEATURES, &features);
80
if (ret) {
81
@@ -XXX,XX +XXX,XX @@ static int vhost_vdpa_set_vring_call(struct vhost_dev *dev,
82
static int vhost_vdpa_get_features(struct vhost_dev *dev,
83
uint64_t *features)
84
{
85
- int ret;
86
+ struct vhost_vdpa *v = dev->opaque;
87
+ int ret = vhost_vdpa_get_dev_features(dev, features);
88
+
89
+ if (ret == 0 && v->shadow_vqs_enabled) {
90
+ /* Add SVQ logging capabilities */
91
+ *features |= BIT_ULL(VHOST_F_LOG_ALL);
92
+ }
93
94
- ret = vhost_vdpa_call(dev, VHOST_GET_FEATURES, features);
95
- trace_vhost_vdpa_get_features(dev, *features);
96
return ret;
97
}
98
99
diff --git a/include/hw/virtio/vhost-vdpa.h b/include/hw/virtio/vhost-vdpa.h
100
index XXXXXXX..XXXXXXX 100644
101
--- a/include/hw/virtio/vhost-vdpa.h
102
+++ b/include/hw/virtio/vhost-vdpa.h
103
@@ -XXX,XX +XXX,XX @@ typedef struct vhost_vdpa {
104
bool iotlb_batch_begin_sent;
105
MemoryListener listener;
106
struct vhost_vdpa_iova_range iova_range;
107
+ uint64_t acked_features;
108
bool shadow_vqs_enabled;
109
/* IOVA mapping used by the Shadow Virtqueue */
110
VhostIOVATree *iova_tree;
48
--
111
--
49
2.5.0
112
2.7.4
50
113
51
114
diff view generated by jsdifflib

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.