Xuan Zhuo
2023-Oct-23  09:52 UTC
[PATCH] virtio_ring: add an error code check in virtqueue_resize
On Mon, 23 Oct 2023 17:50:46 +0800, Su Hui <suhui at nfschina.com> wrote:> On 2023/10/23 13:46, Xuan Zhuo wrote: > >>>>>>>> Well, what are the cases where it can happen practically? > >>>>>>> Device error. Such as vp_active_vq() > >>>>>>> > >>>>>>> Thanks. > >>>>>> Hmm interesting. OK. But do callers know to recover? > >>>>> No. > >>>>> > >>>>> So I think WARN + broken is suitable. > >>>>> > >>>>> Thanks. > >>>> Sorry for the late, is the following code okay? > >>>> > >>>> @@ -2739,7 +2739,7 @@ int virtqueue_resize(struct virtqueue *_vq, u32 num, > >>>> void (*recycle)(struct virtqueue *vq, void *buf)) > >>>> { > >>>> struct vring_virtqueue *vq = to_vvq(_vq); > >>>> - int err; > >>>> + int err, err_reset; > >>>> > >>>> if (num > vq->vq.num_max) > >>>> return -E2BIG; > >>>> @@ -2759,7 +2759,15 @@ int virtqueue_resize(struct virtqueue *_vq, u32 num, > >>>> else > >>>> err = virtqueue_resize_split(_vq, num); > >>>> > >>>> - return virtqueue_enable_after_reset(_vq); > >>>> + err_reset = virtqueue_enable_after_reset(_vq); > >>>> + > >>>> + if (err) { > >>> No err. > >>> > >>> err is not important. > >>> You can remove that. > >> Emm, I'm a little confused that which code should I remove ? > >> > >> > >> like this: > >> if (vq->packed_ring) > >> virtqueue_resize_packed(_vq, num); > >> else > >> virtqueue_resize_split(_vq, num); > >> > >> And we should set broken and warn inside virtqueue_enable_after_reset()? > > In my opinion, we should return the error code of virtqueue_resize_packed() / virtqueue_resize_split(). > But if this err is not important, this patch makes no sense. > Maybe I misunderstand somewhere... > If you think it's worth sending a patch, you can send it :).(I'm not familiar with this code).OK. Thanks.> > Thanks, > Su Hui >
Xuan Zhuo
2023-Oct-23  10:52 UTC
[PATCH] virtio_ring: add an error code check in virtqueue_resize
On Mon, 23 Oct 2023 17:52:02 +0800, Xuan Zhuo <xuanzhuo at linux.alibaba.com> wrote:> On Mon, 23 Oct 2023 17:50:46 +0800, Su Hui <suhui at nfschina.com> wrote: > > On 2023/10/23 13:46, Xuan Zhuo wrote: > > >>>>>>>> Well, what are the cases where it can happen practically? > > >>>>>>> Device error. Such as vp_active_vq() > > >>>>>>> > > >>>>>>> Thanks. > > >>>>>> Hmm interesting. OK. But do callers know to recover? > > >>>>> No. > > >>>>> > > >>>>> So I think WARN + broken is suitable. > > >>>>> > > >>>>> Thanks. > > >>>> Sorry for the late, is the following code okay? > > >>>> > > >>>> @@ -2739,7 +2739,7 @@ int virtqueue_resize(struct virtqueue *_vq, u32 num, > > >>>> void (*recycle)(struct virtqueue *vq, void *buf)) > > >>>> { > > >>>> struct vring_virtqueue *vq = to_vvq(_vq); > > >>>> - int err; > > >>>> + int err, err_reset; > > >>>> > > >>>> if (num > vq->vq.num_max) > > >>>> return -E2BIG; > > >>>> @@ -2759,7 +2759,15 @@ int virtqueue_resize(struct virtqueue *_vq, u32 num, > > >>>> else > > >>>> err = virtqueue_resize_split(_vq, num); > > >>>> > > >>>> - return virtqueue_enable_after_reset(_vq); > > >>>> + err_reset = virtqueue_enable_after_reset(_vq); > > >>>> + > > >>>> + if (err) { > > >>> No err. > > >>> > > >>> err is not important. > > >>> You can remove that. > > >> Emm, I'm a little confused that which code should I remove ? > > >> > > >> > > >> like this: > > >> if (vq->packed_ring) > > >> virtqueue_resize_packed(_vq, num); > > >> else > > >> virtqueue_resize_split(_vq, num); > > >> > > >> And we should set broken and warn inside virtqueue_enable_after_reset()? > > > > In my opinion, we should return the error code of virtqueue_resize_packed() / virtqueue_resize_split(). > > But if this err is not important, this patch makes no sense. > > Maybe I misunderstand somewhere... > > If you think it's worth sending a patch, you can send it :).(I'm not familiar with this code). > > OK.Hi Michael, The queue reset code is wrote with the CONFIG_VIRTIO_HARDEN_NOTIFICATION. When we disable the vq, the broken is true until we re-enable it. So when we re-enable it fail, the vq is broken status. Normally, this just happens on the buggy device. So I think that is enough. Thanks. static int vp_modern_disable_vq_and_reset(struct virtqueue *vq) { [...] vp_modern_set_queue_reset(mdev, vq->index); [...] #ifdef CONFIG_VIRTIO_HARDEN_NOTIFICATION ->> __virtqueue_break(vq); #endif [...] } static int vp_modern_enable_vq_after_reset(struct virtqueue *vq) { [...] if (vp_modern_get_queue_reset(mdev, index)) return -EBUSY; if (vp_modern_get_queue_enable(mdev, index)) return -EBUSY; err = vp_active_vq(vq, info->msix_vector); if (err) return err; } [...] #ifdef CONFIG_VIRTIO_HARDEN_NOTIFICATION ->> __virtqueue_unbreak(vq); #endif [...] }> > Thanks. > > > > > > Thanks, > > Su Hui > >
Michael S. Tsirkin
2023-Oct-23  11:17 UTC
[PATCH] virtio_ring: add an error code check in virtqueue_resize
On Mon, Oct 23, 2023 at 05:52:02PM +0800, Xuan Zhuo wrote:> On Mon, 23 Oct 2023 17:50:46 +0800, Su Hui <suhui at nfschina.com> wrote: > > On 2023/10/23 13:46, Xuan Zhuo wrote: > > >>>>>>>> Well, what are the cases where it can happen practically? > > >>>>>>> Device error. Such as vp_active_vq() > > >>>>>>> > > >>>>>>> Thanks. > > >>>>>> Hmm interesting. OK. But do callers know to recover? > > >>>>> No. > > >>>>> > > >>>>> So I think WARN + broken is suitable. > > >>>>> > > >>>>> Thanks. > > >>>> Sorry for the late, is the following code okay? > > >>>> > > >>>> @@ -2739,7 +2739,7 @@ int virtqueue_resize(struct virtqueue *_vq, u32 num, > > >>>> void (*recycle)(struct virtqueue *vq, void *buf)) > > >>>> { > > >>>> struct vring_virtqueue *vq = to_vvq(_vq); > > >>>> - int err; > > >>>> + int err, err_reset; > > >>>> > > >>>> if (num > vq->vq.num_max) > > >>>> return -E2BIG; > > >>>> @@ -2759,7 +2759,15 @@ int virtqueue_resize(struct virtqueue *_vq, u32 num, > > >>>> else > > >>>> err = virtqueue_resize_split(_vq, num); > > >>>> > > >>>> - return virtqueue_enable_after_reset(_vq); > > >>>> + err_reset = virtqueue_enable_after_reset(_vq); > > >>>> + > > >>>> + if (err) { > > >>> No err. > > >>> > > >>> err is not important. > > >>> You can remove that. > > >> Emm, I'm a little confused that which code should I remove ? > > >> > > >> > > >> like this: > > >> if (vq->packed_ring) > > >> virtqueue_resize_packed(_vq, num); > > >> else > > >> virtqueue_resize_split(_vq, num); > > >> > > >> And we should set broken and warn inside virtqueue_enable_after_reset()? > > > > In my opinion, we should return the error code of virtqueue_resize_packed() / virtqueue_resize_split(). > > But if this err is not important, this patch makes no sense. > > Maybe I misunderstand somewhere... > > If you think it's worth sending a patch, you can send it :).(I'm not familiar with this code). > > OK. > > Thanks.I would first try to recover by re-enabling. If that fails we can set broken.> > > > > Thanks, > > Su Hui > >