From: Jason Wang <jasowang@redhat.com>
To: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Connor Kuehl <ckuehl@redhat.com>,
virtio-fs@redhat.com, linux-fsdevel@vger.kernel.org,
linux-kernel@vger.kernel.org,
virtualization@lists.linux-foundation.org, stefanha@redhat.com,
vgoyal@redhat.com, miklos@szeredi.hu
Subject: Re: [PATCH 1/3] virtio_ring: always warn when descriptor chain exceeds queue size
Date: Tue, 23 Mar 2021 10:38:41 +0800 [thread overview]
Message-ID: <a6eb72e0-50be-1231-f7b5-3ebb822ee1b5@redhat.com> (raw)
In-Reply-To: <20210322041414-mutt-send-email-mst@kernel.org>
在 2021/3/22 下午4:17, Michael S. Tsirkin 写道:
> On Mon, Mar 22, 2021 at 11:22:15AM +0800, Jason Wang wrote:
>> 在 2021/3/18 下午9:52, Connor Kuehl 写道:
>>> From section 2.6.5.3.1 (Driver Requirements: Indirect Descriptors)
>>> of the virtio spec:
>>>
>>> "A driver MUST NOT create a descriptor chain longer than the Queue
>>> Size of the device."
>>>
>>> This text suggests that the warning should trigger even if
>>> indirect descriptors are in use.
>>
>> So I think at least the commit log needs some tweak.
>>
>> For split virtqueue. We had:
>>
>> 2.6.5.2 Driver Requirements: The Virtqueue Descriptor Table
>>
>> Drivers MUST NOT add a descriptor chain longer than 2^32 bytes in total;
>> this implies that loops in the descriptor chain are forbidden!
>>
>> 2.6.5.3.1 Driver Requirements: Indirect Descriptors
>>
>> A driver MUST NOT create a descriptor chain longer than the Queue Size of
>> the device.
>>
>> If I understand the spec correctly, the check is only needed for a single
>> indirect descriptor table?
>>
>> For packed virtqueue. We had:
>>
>> 2.7.17 Driver Requirements: Scatter-Gather Support
>>
>> A driver MUST NOT create a descriptor list longer than allowed by the
>> device.
>>
>> A driver MUST NOT create a descriptor list longer than the Queue Size.
>>
>> 2.7.19 Driver Requirements: Indirect Descriptors
>>
>> A driver MUST NOT create a descriptor chain longer than allowed by the
>> device.
>>
>> So it looks to me the packed part is fine.
>>
>> Note that if I understand the spec correctly 2.7.17 implies 2.7.19.
>>
>> Thanks
> It would be quite strange for packed and split to differ here:
> so for packed would you say there's no limit on # of descriptors at all?
>
> I am guessing I just forgot to move this part from
> the format specific to the common part of the spec.
>
> This needs discussion in the TC mailing list - want to start a thread
> there?
Will do.
Thanks
>
>
>
>>> Reported-by: Stefan Hajnoczi <stefanha@redhat.com>
>>> Signed-off-by: Connor Kuehl <ckuehl@redhat.com>
>>> ---
>>> drivers/virtio/virtio_ring.c | 7 ++++---
>>> 1 file changed, 4 insertions(+), 3 deletions(-)
>>>
>>> diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c
>>> index 71e16b53e9c1..1bc290f9ba13 100644
>>> --- a/drivers/virtio/virtio_ring.c
>>> +++ b/drivers/virtio/virtio_ring.c
>>> @@ -444,11 +444,12 @@ static inline int virtqueue_add_split(struct virtqueue *_vq,
>>> head = vq->free_head;
>>> + WARN_ON_ONCE(total_sg > vq->split.vring.num);
>>> +
>>> if (virtqueue_use_indirect(_vq, total_sg))
>>> desc = alloc_indirect_split(_vq, total_sg, gfp);
>>> else {
>>> desc = NULL;
>>> - WARN_ON_ONCE(total_sg > vq->split.vring.num && !vq->indirect);
>>> }
>>> if (desc) {
>>> @@ -1118,6 +1119,8 @@ static inline int virtqueue_add_packed(struct virtqueue *_vq,
>>> BUG_ON(total_sg == 0);
>>> + WARN_ON_ONCE(total_sg > vq->packed.vring.num);
>>> +
>>> if (virtqueue_use_indirect(_vq, total_sg))
>>> return virtqueue_add_indirect_packed(vq, sgs, total_sg,
>>> out_sgs, in_sgs, data, gfp);
>>> @@ -1125,8 +1128,6 @@ static inline int virtqueue_add_packed(struct virtqueue *_vq,
>>> head = vq->packed.next_avail_idx;
>>> avail_used_flags = vq->packed.avail_used_flags;
>>> - WARN_ON_ONCE(total_sg > vq->packed.vring.num && !vq->indirect);
>>> -
>>> desc = vq->packed.vring.desc;
>>> i = head;
>>> descs_used = total_sg;
WARNING: multiple messages have this Message-ID (diff)
From: Jason Wang <jasowang@redhat.com>
To: "Michael S. Tsirkin" <mst@redhat.com>
Cc: miklos@szeredi.hu, linux-kernel@vger.kernel.org,
virtualization@lists.linux-foundation.org, virtio-fs@redhat.com,
stefanha@redhat.com, linux-fsdevel@vger.kernel.org,
vgoyal@redhat.com
Subject: Re: [PATCH 1/3] virtio_ring: always warn when descriptor chain exceeds queue size
Date: Tue, 23 Mar 2021 10:38:41 +0800 [thread overview]
Message-ID: <a6eb72e0-50be-1231-f7b5-3ebb822ee1b5@redhat.com> (raw)
In-Reply-To: <20210322041414-mutt-send-email-mst@kernel.org>
在 2021/3/22 下午4:17, Michael S. Tsirkin 写道:
> On Mon, Mar 22, 2021 at 11:22:15AM +0800, Jason Wang wrote:
>> 在 2021/3/18 下午9:52, Connor Kuehl 写道:
>>> From section 2.6.5.3.1 (Driver Requirements: Indirect Descriptors)
>>> of the virtio spec:
>>>
>>> "A driver MUST NOT create a descriptor chain longer than the Queue
>>> Size of the device."
>>>
>>> This text suggests that the warning should trigger even if
>>> indirect descriptors are in use.
>>
>> So I think at least the commit log needs some tweak.
>>
>> For split virtqueue. We had:
>>
>> 2.6.5.2 Driver Requirements: The Virtqueue Descriptor Table
>>
>> Drivers MUST NOT add a descriptor chain longer than 2^32 bytes in total;
>> this implies that loops in the descriptor chain are forbidden!
>>
>> 2.6.5.3.1 Driver Requirements: Indirect Descriptors
>>
>> A driver MUST NOT create a descriptor chain longer than the Queue Size of
>> the device.
>>
>> If I understand the spec correctly, the check is only needed for a single
>> indirect descriptor table?
>>
>> For packed virtqueue. We had:
>>
>> 2.7.17 Driver Requirements: Scatter-Gather Support
>>
>> A driver MUST NOT create a descriptor list longer than allowed by the
>> device.
>>
>> A driver MUST NOT create a descriptor list longer than the Queue Size.
>>
>> 2.7.19 Driver Requirements: Indirect Descriptors
>>
>> A driver MUST NOT create a descriptor chain longer than allowed by the
>> device.
>>
>> So it looks to me the packed part is fine.
>>
>> Note that if I understand the spec correctly 2.7.17 implies 2.7.19.
>>
>> Thanks
> It would be quite strange for packed and split to differ here:
> so for packed would you say there's no limit on # of descriptors at all?
>
> I am guessing I just forgot to move this part from
> the format specific to the common part of the spec.
>
> This needs discussion in the TC mailing list - want to start a thread
> there?
Will do.
Thanks
>
>
>
>>> Reported-by: Stefan Hajnoczi <stefanha@redhat.com>
>>> Signed-off-by: Connor Kuehl <ckuehl@redhat.com>
>>> ---
>>> drivers/virtio/virtio_ring.c | 7 ++++---
>>> 1 file changed, 4 insertions(+), 3 deletions(-)
>>>
>>> diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c
>>> index 71e16b53e9c1..1bc290f9ba13 100644
>>> --- a/drivers/virtio/virtio_ring.c
>>> +++ b/drivers/virtio/virtio_ring.c
>>> @@ -444,11 +444,12 @@ static inline int virtqueue_add_split(struct virtqueue *_vq,
>>> head = vq->free_head;
>>> + WARN_ON_ONCE(total_sg > vq->split.vring.num);
>>> +
>>> if (virtqueue_use_indirect(_vq, total_sg))
>>> desc = alloc_indirect_split(_vq, total_sg, gfp);
>>> else {
>>> desc = NULL;
>>> - WARN_ON_ONCE(total_sg > vq->split.vring.num && !vq->indirect);
>>> }
>>> if (desc) {
>>> @@ -1118,6 +1119,8 @@ static inline int virtqueue_add_packed(struct virtqueue *_vq,
>>> BUG_ON(total_sg == 0);
>>> + WARN_ON_ONCE(total_sg > vq->packed.vring.num);
>>> +
>>> if (virtqueue_use_indirect(_vq, total_sg))
>>> return virtqueue_add_indirect_packed(vq, sgs, total_sg,
>>> out_sgs, in_sgs, data, gfp);
>>> @@ -1125,8 +1128,6 @@ static inline int virtqueue_add_packed(struct virtqueue *_vq,
>>> head = vq->packed.next_avail_idx;
>>> avail_used_flags = vq->packed.avail_used_flags;
>>> - WARN_ON_ONCE(total_sg > vq->packed.vring.num && !vq->indirect);
>>> -
>>> desc = vq->packed.vring.desc;
>>> i = head;
>>> descs_used = total_sg;
_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
WARNING: multiple messages have this Message-ID (diff)
From: Jason Wang <jasowang@redhat.com>
To: "Michael S. Tsirkin" <mst@redhat.com>
Cc: miklos@szeredi.hu, linux-kernel@vger.kernel.org,
virtualization@lists.linux-foundation.org, virtio-fs@redhat.com,
linux-fsdevel@vger.kernel.org, vgoyal@redhat.com
Subject: Re: [Virtio-fs] [PATCH 1/3] virtio_ring: always warn when descriptor chain exceeds queue size
Date: Tue, 23 Mar 2021 10:38:41 +0800 [thread overview]
Message-ID: <a6eb72e0-50be-1231-f7b5-3ebb822ee1b5@redhat.com> (raw)
In-Reply-To: <20210322041414-mutt-send-email-mst@kernel.org>
在 2021/3/22 下午4:17, Michael S. Tsirkin 写道:
> On Mon, Mar 22, 2021 at 11:22:15AM +0800, Jason Wang wrote:
>> 在 2021/3/18 下午9:52, Connor Kuehl 写道:
>>> From section 2.6.5.3.1 (Driver Requirements: Indirect Descriptors)
>>> of the virtio spec:
>>>
>>> "A driver MUST NOT create a descriptor chain longer than the Queue
>>> Size of the device."
>>>
>>> This text suggests that the warning should trigger even if
>>> indirect descriptors are in use.
>>
>> So I think at least the commit log needs some tweak.
>>
>> For split virtqueue. We had:
>>
>> 2.6.5.2 Driver Requirements: The Virtqueue Descriptor Table
>>
>> Drivers MUST NOT add a descriptor chain longer than 2^32 bytes in total;
>> this implies that loops in the descriptor chain are forbidden!
>>
>> 2.6.5.3.1 Driver Requirements: Indirect Descriptors
>>
>> A driver MUST NOT create a descriptor chain longer than the Queue Size of
>> the device.
>>
>> If I understand the spec correctly, the check is only needed for a single
>> indirect descriptor table?
>>
>> For packed virtqueue. We had:
>>
>> 2.7.17 Driver Requirements: Scatter-Gather Support
>>
>> A driver MUST NOT create a descriptor list longer than allowed by the
>> device.
>>
>> A driver MUST NOT create a descriptor list longer than the Queue Size.
>>
>> 2.7.19 Driver Requirements: Indirect Descriptors
>>
>> A driver MUST NOT create a descriptor chain longer than allowed by the
>> device.
>>
>> So it looks to me the packed part is fine.
>>
>> Note that if I understand the spec correctly 2.7.17 implies 2.7.19.
>>
>> Thanks
> It would be quite strange for packed and split to differ here:
> so for packed would you say there's no limit on # of descriptors at all?
>
> I am guessing I just forgot to move this part from
> the format specific to the common part of the spec.
>
> This needs discussion in the TC mailing list - want to start a thread
> there?
Will do.
Thanks
>
>
>
>>> Reported-by: Stefan Hajnoczi <stefanha@redhat.com>
>>> Signed-off-by: Connor Kuehl <ckuehl@redhat.com>
>>> ---
>>> drivers/virtio/virtio_ring.c | 7 ++++---
>>> 1 file changed, 4 insertions(+), 3 deletions(-)
>>>
>>> diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c
>>> index 71e16b53e9c1..1bc290f9ba13 100644
>>> --- a/drivers/virtio/virtio_ring.c
>>> +++ b/drivers/virtio/virtio_ring.c
>>> @@ -444,11 +444,12 @@ static inline int virtqueue_add_split(struct virtqueue *_vq,
>>> head = vq->free_head;
>>> + WARN_ON_ONCE(total_sg > vq->split.vring.num);
>>> +
>>> if (virtqueue_use_indirect(_vq, total_sg))
>>> desc = alloc_indirect_split(_vq, total_sg, gfp);
>>> else {
>>> desc = NULL;
>>> - WARN_ON_ONCE(total_sg > vq->split.vring.num && !vq->indirect);
>>> }
>>> if (desc) {
>>> @@ -1118,6 +1119,8 @@ static inline int virtqueue_add_packed(struct virtqueue *_vq,
>>> BUG_ON(total_sg == 0);
>>> + WARN_ON_ONCE(total_sg > vq->packed.vring.num);
>>> +
>>> if (virtqueue_use_indirect(_vq, total_sg))
>>> return virtqueue_add_indirect_packed(vq, sgs, total_sg,
>>> out_sgs, in_sgs, data, gfp);
>>> @@ -1125,8 +1128,6 @@ static inline int virtqueue_add_packed(struct virtqueue *_vq,
>>> head = vq->packed.next_avail_idx;
>>> avail_used_flags = vq->packed.avail_used_flags;
>>> - WARN_ON_ONCE(total_sg > vq->packed.vring.num && !vq->indirect);
>>> -
>>> desc = vq->packed.vring.desc;
>>> i = head;
>>> descs_used = total_sg;
next prev parent reply other threads:[~2021-03-23 2:39 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-18 13:52 [PATCH 0/3] virtiofs: split requests that exceed virtqueue size Connor Kuehl
2021-03-18 13:52 ` [Virtio-fs] " Connor Kuehl
2021-03-18 13:52 ` [PATCH 1/3] virtio_ring: always warn when descriptor chain exceeds queue size Connor Kuehl
2021-03-18 13:52 ` [Virtio-fs] " Connor Kuehl
2021-03-22 3:22 ` Jason Wang
2021-03-22 3:22 ` [Virtio-fs] " Jason Wang
2021-03-22 3:22 ` Jason Wang
2021-03-22 3:41 ` Jason Wang
2021-03-22 8:17 ` Michael S. Tsirkin
2021-03-22 8:17 ` [Virtio-fs] " Michael S. Tsirkin
2021-03-22 8:17 ` Michael S. Tsirkin
2021-03-23 2:38 ` Jason Wang [this message]
2021-03-23 2:38 ` [Virtio-fs] " Jason Wang
2021-03-23 2:38 ` Jason Wang
2021-03-18 13:52 ` [PATCH 2/3] virtiofs: split requests that exceed virtqueue size Connor Kuehl
2021-03-18 13:52 ` [Virtio-fs] " Connor Kuehl
2021-03-18 15:17 ` Miklos Szeredi
2021-03-18 15:17 ` [Virtio-fs] " Miklos Szeredi
2021-03-18 15:52 ` Connor Kuehl
2021-03-18 15:52 ` [Virtio-fs] " Connor Kuehl
2021-03-20 20:04 ` Michael S. Tsirkin
2021-03-20 20:04 ` [Virtio-fs] " Michael S. Tsirkin
2021-03-20 20:04 ` Michael S. Tsirkin
2021-03-22 19:01 ` Vivek Goyal
2021-03-22 19:01 ` [Virtio-fs] " Vivek Goyal
2021-03-22 19:01 ` Vivek Goyal
2021-03-24 15:09 ` Connor Kuehl
2021-03-24 15:09 ` [Virtio-fs] " Connor Kuehl
2021-03-24 15:09 ` Connor Kuehl
2021-03-24 15:30 ` Miklos Szeredi
2021-03-24 15:30 ` [Virtio-fs] " Miklos Szeredi
2021-03-24 15:31 ` Connor Kuehl
2021-03-24 15:31 ` [Virtio-fs] " Connor Kuehl
2021-03-24 15:31 ` Connor Kuehl
2021-03-19 13:49 ` Vivek Goyal
2021-03-19 13:49 ` [Virtio-fs] " Vivek Goyal
2021-03-19 13:49 ` Vivek Goyal
2021-03-19 14:16 ` Connor Kuehl
2021-03-19 14:16 ` [Virtio-fs] " Connor Kuehl
2021-03-19 14:16 ` Connor Kuehl
2021-03-22 15:47 ` Stefan Hajnoczi
2021-03-22 15:47 ` [Virtio-fs] " Stefan Hajnoczi
2021-03-22 15:47 ` Stefan Hajnoczi
2021-03-18 13:52 ` [PATCH 3/3] fuse: fix typo for fuse_conn.max_pages comment Connor Kuehl
2021-03-18 13:52 ` [Virtio-fs] " Connor Kuehl
2021-03-22 3:42 ` Jason Wang
2021-03-22 3:42 ` [Virtio-fs] " Jason Wang
2021-03-22 3:42 ` Jason Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a6eb72e0-50be-1231-f7b5-3ebb822ee1b5@redhat.com \
--to=jasowang@redhat.com \
--cc=ckuehl@redhat.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=miklos@szeredi.hu \
--cc=mst@redhat.com \
--cc=stefanha@redhat.com \
--cc=vgoyal@redhat.com \
--cc=virtio-fs@redhat.com \
--cc=virtualization@lists.linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.