Michael S. Tsirkin
2014-Sep-23 10:32 UTC
[PATCH RFC] virtio_pci: fix virtio spec compliance on restore
On restore, virtio pci does the following: + set features + init vqs etc - device can be used at this point! + set ACKNOWLEDGE,DRIVER and DRIVER_OK status bits This is in violation of the virtio spec, which requires the following order: - ACKNOWLEDGE - DRIVER - init vqs - DRIVER_OK Cc: stable at vger.kernel.org Cc: Amit Shah <amit.shah at redhat.com> Signed-off-by: Michael S. Tsirkin <mst at redhat.com> --- Lightly tested. Will repost as non-RFC once testing is done, sending out now for early flames/comments. Thanks! drivers/virtio/virtio_pci.c | 36 ++++++++++++++++++++++++++++++++---- 1 file changed, 32 insertions(+), 4 deletions(-) diff --git a/drivers/virtio/virtio_pci.c b/drivers/virtio/virtio_pci.c index 58f7e45..58cbf6e 100644 --- a/drivers/virtio/virtio_pci.c +++ b/drivers/virtio/virtio_pci.c @@ -785,6 +785,7 @@ static int virtio_pci_restore(struct device *dev) struct pci_dev *pci_dev = to_pci_dev(dev); struct virtio_pci_device *vp_dev = pci_get_drvdata(pci_dev); struct virtio_driver *drv; + unsigned status = 0; int ret; drv = container_of(vp_dev->vdev.dev.driver, @@ -795,14 +796,41 @@ static int virtio_pci_restore(struct device *dev) return ret; pci_set_master(pci_dev); + /* We always start by resetting the device, in case a previous + * driver messed it up. */ + vp_reset(&vp_dev->vdev); + + /* Acknowledge that we've seen the device. */ + status |= VIRTIO_CONFIG_S_ACKNOWLEDGE; + vp_set_status(&vp_dev->vdev, status); + + /* Maybe driver failed before freeze. + * Restore the failed status, for debugging. */ + status |= vp_dev->saved_status & VIRTIO_CONFIG_S_FAILED; + vp_set_status(&vp_dev->vdev, status); + + if (!drv) + return 0; + + /* We have a driver! */ + status |= VIRTIO_CONFIG_S_DRIVER; + vp_set_status(&vp_dev->vdev, status); + vp_finalize_features(&vp_dev->vdev); - if (drv && drv->restore) - ret = drv->restore(&vp_dev->vdev); + if (!drv->restore) + return 0; + + ret = drv->restore(&vp_dev->vdev); + if (ret) { + status |= VIRTIO_CONFIG_S_FAILED; + vp_set_status(&vp_dev->vdev, status); + return ret; + } /* Finally, tell the device we're all set */ - if (!ret) - vp_set_status(&vp_dev->vdev, vp_dev->saved_status); + status |= VIRTIO_CONFIG_S_DRIVER_OK; + vp_set_status(&vp_dev->vdev, status); return ret; } -- MST
Eric Northup
2014-Sep-23 16:06 UTC
[PATCH RFC] virtio_pci: fix virtio spec compliance on restore
On Tue, Sep 23, 2014 at 3:32 AM, Michael S. Tsirkin <mst at redhat.com> wrote:> On restore, virtio pci does the following: > + set features > + init vqs etc - device can be used at this point! > + set ACKNOWLEDGE,DRIVER and DRIVER_OK status bits > > This is in violation of the virtio spec, which > requires the following order: > - ACKNOWLEDGE > - DRIVER > - init vqs > - DRIVER_OK > > Cc: stable at vger.kernel.org > Cc: Amit Shah <amit.shah at redhat.com> > Signed-off-by: Michael S. Tsirkin <mst at redhat.com> > --- > > Lightly tested. > Will repost as non-RFC once testing is done, sending > out now for early flames/comments. > > Thanks! > > drivers/virtio/virtio_pci.c | 36 ++++++++++++++++++++++++++++++++---- > 1 file changed, 32 insertions(+), 4 deletions(-) > > diff --git a/drivers/virtio/virtio_pci.c b/drivers/virtio/virtio_pci.c > index 58f7e45..58cbf6e 100644 > --- a/drivers/virtio/virtio_pci.c > +++ b/drivers/virtio/virtio_pci.c > @@ -785,6 +785,7 @@ static int virtio_pci_restore(struct device *dev) > struct pci_dev *pci_dev = to_pci_dev(dev); > struct virtio_pci_device *vp_dev = pci_get_drvdata(pci_dev); > struct virtio_driver *drv; > + unsigned status = 0; > int ret; > > drv = container_of(vp_dev->vdev.dev.driver, > @@ -795,14 +796,41 @@ static int virtio_pci_restore(struct device *dev) > return ret; > > pci_set_master(pci_dev); > + /* We always start by resetting the device, in case a previous > + * driver messed it up. */ > + vp_reset(&vp_dev->vdev);This should happen before enabling PCI bus mastering.> + > + /* Acknowledge that we've seen the device. */ > + status |= VIRTIO_CONFIG_S_ACKNOWLEDGE; > + vp_set_status(&vp_dev->vdev, status); > + > + /* Maybe driver failed before freeze. > + * Restore the failed status, for debugging. */ > + status |= vp_dev->saved_status & VIRTIO_CONFIG_S_FAILED; > + vp_set_status(&vp_dev->vdev, status); > + > + if (!drv) > + return 0; > + > + /* We have a driver! */ > + status |= VIRTIO_CONFIG_S_DRIVER; > + vp_set_status(&vp_dev->vdev, status); > + > vp_finalize_features(&vp_dev->vdev); > > - if (drv && drv->restore) > - ret = drv->restore(&vp_dev->vdev); > + if (!drv->restore) > + return 0; > + > + ret = drv->restore(&vp_dev->vdev); > + if (ret) { > + status |= VIRTIO_CONFIG_S_FAILED; > + vp_set_status(&vp_dev->vdev, status); > + return ret; > + } > > /* Finally, tell the device we're all set */ > - if (!ret) > - vp_set_status(&vp_dev->vdev, vp_dev->saved_status); > + status |= VIRTIO_CONFIG_S_DRIVER_OK; > + vp_set_status(&vp_dev->vdev, status); > > return ret; > } > -- > MST > _______________________________________________ > Virtualization mailing list > Virtualization at lists.linux-foundation.org > https://lists.linuxfoundation.org/mailman/listinfo/virtualization
Michael S. Tsirkin
2014-Sep-23 18:02 UTC
[PATCH RFC] virtio_pci: fix virtio spec compliance on restore
On Tue, Sep 23, 2014 at 09:06:03AM -0700, Eric Northup wrote:> On Tue, Sep 23, 2014 at 3:32 AM, Michael S. Tsirkin <mst at redhat.com> wrote: > > On restore, virtio pci does the following: > > + set features > > + init vqs etc - device can be used at this point! > > + set ACKNOWLEDGE,DRIVER and DRIVER_OK status bits > > > > This is in violation of the virtio spec, which > > requires the following order: > > - ACKNOWLEDGE > > - DRIVER > > - init vqs > > - DRIVER_OK > > > > Cc: stable at vger.kernel.org > > Cc: Amit Shah <amit.shah at redhat.com> > > Signed-off-by: Michael S. Tsirkin <mst at redhat.com> > > --- > > > > Lightly tested. > > Will repost as non-RFC once testing is done, sending > > out now for early flames/comments. > > > > Thanks! > > > > drivers/virtio/virtio_pci.c | 36 ++++++++++++++++++++++++++++++++---- > > 1 file changed, 32 insertions(+), 4 deletions(-) > > > > diff --git a/drivers/virtio/virtio_pci.c b/drivers/virtio/virtio_pci.c > > index 58f7e45..58cbf6e 100644 > > --- a/drivers/virtio/virtio_pci.c > > +++ b/drivers/virtio/virtio_pci.c > > @@ -785,6 +785,7 @@ static int virtio_pci_restore(struct device *dev) > > struct pci_dev *pci_dev = to_pci_dev(dev); > > struct virtio_pci_device *vp_dev = pci_get_drvdata(pci_dev); > > struct virtio_driver *drv; > > + unsigned status = 0; > > int ret; > > > > drv = container_of(vp_dev->vdev.dev.driver, > > @@ -795,14 +796,41 @@ static int virtio_pci_restore(struct device *dev) > > return ret; > > > > pci_set_master(pci_dev); > > + /* We always start by resetting the device, in case a previous > > + * driver messed it up. */ > > + vp_reset(&vp_dev->vdev); > > This should happen before enabling PCI bus mastering.this is the order of events in initialization, it seems better to be consistent.> > + > > + /* Acknowledge that we've seen the device. */ > > + status |= VIRTIO_CONFIG_S_ACKNOWLEDGE; > > + vp_set_status(&vp_dev->vdev, status); > > + > > + /* Maybe driver failed before freeze. > > + * Restore the failed status, for debugging. */ > > + status |= vp_dev->saved_status & VIRTIO_CONFIG_S_FAILED; > > + vp_set_status(&vp_dev->vdev, status); > > + > > + if (!drv) > > + return 0; > > + > > + /* We have a driver! */ > > + status |= VIRTIO_CONFIG_S_DRIVER; > > + vp_set_status(&vp_dev->vdev, status); > > + > > vp_finalize_features(&vp_dev->vdev); > > > > - if (drv && drv->restore) > > - ret = drv->restore(&vp_dev->vdev); > > + if (!drv->restore) > > + return 0; > > + > > + ret = drv->restore(&vp_dev->vdev); > > + if (ret) { > > + status |= VIRTIO_CONFIG_S_FAILED; > > + vp_set_status(&vp_dev->vdev, status); > > + return ret; > > + } > > > > /* Finally, tell the device we're all set */ > > - if (!ret) > > - vp_set_status(&vp_dev->vdev, vp_dev->saved_status); > > + status |= VIRTIO_CONFIG_S_DRIVER_OK; > > + vp_set_status(&vp_dev->vdev, status); > > > > return ret; > > } > > -- > > MST > > _______________________________________________ > > Virtualization mailing list > > Virtualization at lists.linux-foundation.org > > https://lists.linuxfoundation.org/mailman/listinfo/virtualization
Ben Hutchings
2014-Sep-24 01:27 UTC
[PATCH RFC] virtio_pci: fix virtio spec compliance on restore
On Tue, 2014-09-23 at 13:32 +0300, Michael S. Tsirkin wrote:> On restore, virtio pci does the following: > + set features > + init vqs etc - device can be used at this point! > + set ACKNOWLEDGE,DRIVER and DRIVER_OK status bits > > This is in violation of the virtio spec, which > requires the following order: > - ACKNOWLEDGE > - DRIVER > - init vqs > - DRIVER_OK > > Cc: stable at vger.kernel.org > Cc: Amit Shah <amit.shah at redhat.com> > Signed-off-by: Michael S. Tsirkin <mst at redhat.com>[...] What concrete problem does this fix, such that it should be applied to stable branches? Ben. -- Ben Hutchings Everything should be made as simple as possible, but not simpler. - Albert Einstein -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 811 bytes Desc: This is a digitally signed message part URL: <http://lists.linuxfoundation.org/pipermail/virtualization/attachments/20140924/c2c11f49/attachment.sig>
Michael S. Tsirkin
2014-Sep-24 11:59 UTC
[PATCH RFC] virtio_pci: fix virtio spec compliance on restore
On Wed, Sep 24, 2014 at 02:27:27AM +0100, Ben Hutchings wrote:> On Tue, 2014-09-23 at 13:32 +0300, Michael S. Tsirkin wrote: > > On restore, virtio pci does the following: > > + set features > > + init vqs etc - device can be used at this point! > > + set ACKNOWLEDGE,DRIVER and DRIVER_OK status bits > > > > This is in violation of the virtio spec, which > > requires the following order: > > - ACKNOWLEDGE > > - DRIVER > > - init vqs > > - DRIVER_OK > > > > Cc: stable at vger.kernel.org > > Cc: Amit Shah <amit.shah at redhat.com> > > Signed-off-by: Michael S. Tsirkin <mst at redhat.com> > [...] > > What concrete problem does this fix, such that it should be applied to > stable branches? > > Ben.It will break with hypervisors that assume spec compliant behaviour. I would like this applied to stable branches so hypervisors don't need to support broken behaviour forever. -- MST
Amit Shah
2014-Sep-24 12:27 UTC
[PATCH RFC] virtio_pci: fix virtio spec compliance on restore
On (Tue) 23 Sep 2014 [13:32:22], Michael S. Tsirkin wrote:> On restore, virtio pci does the following: > + set features > + init vqs etc - device can be used at this point! > + set ACKNOWLEDGE,DRIVER and DRIVER_OK status bits > > This is in violation of the virtio spec, which > requires the following order: > - ACKNOWLEDGE > - DRIVER > - init vqs > - DRIVER_OK > > Cc: stable at vger.kernel.org > Cc: Amit Shah <amit.shah at redhat.com> > Signed-off-by: Michael S. Tsirkin <mst at redhat.com> > --- > > Lightly tested. > Will repost as non-RFC once testing is done, sending > out now for early flames/comments.What tests are you running?> Thanks! > > drivers/virtio/virtio_pci.c | 36 ++++++++++++++++++++++++++++++++---- > 1 file changed, 32 insertions(+), 4 deletions(-) > > diff --git a/drivers/virtio/virtio_pci.c b/drivers/virtio/virtio_pci.c > index 58f7e45..58cbf6e 100644 > --- a/drivers/virtio/virtio_pci.c > +++ b/drivers/virtio/virtio_pci.c > @@ -785,6 +785,7 @@ static int virtio_pci_restore(struct device *dev) > struct pci_dev *pci_dev = to_pci_dev(dev); > struct virtio_pci_device *vp_dev = pci_get_drvdata(pci_dev); > struct virtio_driver *drv; > + unsigned status = 0; > int ret; > > drv = container_of(vp_dev->vdev.dev.driver, > @@ -795,14 +796,41 @@ static int virtio_pci_restore(struct device *dev) > return ret; > > pci_set_master(pci_dev); > + /* We always start by resetting the device, in case a previous > + * driver messed it up. */ > + vp_reset(&vp_dev->vdev); > + > + /* Acknowledge that we've seen the device. */ > + status |= VIRTIO_CONFIG_S_ACKNOWLEDGE; > + vp_set_status(&vp_dev->vdev, status); > + > + /* Maybe driver failed before freeze. > + * Restore the failed status, for debugging. */ > + status |= vp_dev->saved_status & VIRTIO_CONFIG_S_FAILED; > + vp_set_status(&vp_dev->vdev, status); > + > + if (!drv) > + return 0; > + > + /* We have a driver! */ > + status |= VIRTIO_CONFIG_S_DRIVER; > + vp_set_status(&vp_dev->vdev, status); > + > vp_finalize_features(&vp_dev->vdev); > > - if (drv && drv->restore) > - ret = drv->restore(&vp_dev->vdev); > + if (!drv->restore) > + return 0;So in this case DRIVER_OK will never be set?> + > + ret = drv->restore(&vp_dev->vdev); > + if (ret) { > + status |= VIRTIO_CONFIG_S_FAILED; > + vp_set_status(&vp_dev->vdev, status); > + return ret; > + } > > /* Finally, tell the device we're all set */ > - if (!ret) > - vp_set_status(&vp_dev->vdev, vp_dev->saved_status); > + status |= VIRTIO_CONFIG_S_DRIVER_OK; > + vp_set_status(&vp_dev->vdev, status); > > return ret; > }Amit
Possibly Parallel Threads
- [PATCH RFC] virtio_pci: fix virtio spec compliance on restore
- [PATCH v2 00/15] virtio: fix spec compliance issues
- [PATCH v2 00/15] virtio: fix spec compliance issues
- [PATCH 00/16] virtio: fix spec compliance issues
- [PATCH 00/16] virtio: fix spec compliance issues