* [Qemu-devel] [PATCH 0/3] please pull xen-20170627-tag
@ 2017-06-27 22:04 ` Stefano Stabellini
0 siblings, 0 replies; 20+ messages in thread
From: Stefano Stabellini @ 2017-06-27 22:04 UTC (permalink / raw)
To: peter.maydell, stefanha
Cc: sstabellini, stefanha, anthony.perard, xen-devel, qemu-devel
The following changes since commit 577caa2672ccde7352fda3ef17e44993de862f0e:
Merge remote-tracking branch 'remotes/edgar/tags/edgar/mmio-exec-v2.for-upstream' into staging (2017-06-27 16:56:55 +0100)
are available in the git repository at:
git://xenbits.xen.org/people/sstabellini/qemu-dm.git tags/xen-20170627-tag
for you to fetch changes up to 3284fad7283596033cb810b4788fd1bb43312dbd:
xen-disk: add support for multi-page shared rings (2017-06-27 15:01:56 -0700)
----------------------------------------------------------------
Xen 2017/06/27
----------------------------------------------------------------
Paul Durrant (2):
xen-disk: only advertize feature-persistent if grant copy is not available
xen-disk: add support for multi-page shared rings
Stefano Stabellini (1):
xen/disk: don't leak stack data via response ring
hw/block/xen_disk.c | 184 +++++++++++++++++++++++++++++++++++++---------------
1 file changed, 133 insertions(+), 51 deletions(-)
^ permalink raw reply [flat|nested] 20+ messages in thread
* [PATCH 0/3] please pull xen-20170627-tag
@ 2017-06-27 22:04 ` Stefano Stabellini
0 siblings, 0 replies; 20+ messages in thread
From: Stefano Stabellini @ 2017-06-27 22:04 UTC (permalink / raw)
To: peter.maydell, stefanha
Cc: anthony.perard, xen-devel, sstabellini, qemu-devel, stefanha
The following changes since commit 577caa2672ccde7352fda3ef17e44993de862f0e:
Merge remote-tracking branch 'remotes/edgar/tags/edgar/mmio-exec-v2.for-upstream' into staging (2017-06-27 16:56:55 +0100)
are available in the git repository at:
git://xenbits.xen.org/people/sstabellini/qemu-dm.git tags/xen-20170627-tag
for you to fetch changes up to 3284fad7283596033cb810b4788fd1bb43312dbd:
xen-disk: add support for multi-page shared rings (2017-06-27 15:01:56 -0700)
----------------------------------------------------------------
Xen 2017/06/27
----------------------------------------------------------------
Paul Durrant (2):
xen-disk: only advertize feature-persistent if grant copy is not available
xen-disk: add support for multi-page shared rings
Stefano Stabellini (1):
xen/disk: don't leak stack data via response ring
hw/block/xen_disk.c | 184 +++++++++++++++++++++++++++++++++++++---------------
1 file changed, 133 insertions(+), 51 deletions(-)
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 20+ messages in thread
* [Qemu-devel] [PULL 1/3] xen/disk: don't leak stack data via response ring
2017-06-27 22:04 ` Stefano Stabellini
@ 2017-06-27 22:04 ` Stefano Stabellini
-1 siblings, 0 replies; 20+ messages in thread
From: Stefano Stabellini @ 2017-06-27 22:04 UTC (permalink / raw)
To: peter.maydell, stefanha
Cc: sstabellini, stefanha, anthony.perard, xen-devel, qemu-devel,
Jan Beulich
Rather than constructing a local structure instance on the stack, fill
the fields directly on the shared ring, just like other (Linux)
backends do. Build on the fact that all response structure flavors are
actually identical (aside from alignment and padding at the end).
This is XSA-216.
Reported by: Anthony Perard <anthony.perard@citrix.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Acked-by: Anthony PERARD <anthony.perard@citrix.com>
---
hw/block/xen_disk.c | 25 ++++++++++++-------------
1 file changed, 12 insertions(+), 13 deletions(-)
diff --git a/hw/block/xen_disk.c b/hw/block/xen_disk.c
index 3a22805..9200511 100644
--- a/hw/block/xen_disk.c
+++ b/hw/block/xen_disk.c
@@ -769,31 +769,30 @@ static int blk_send_response_one(struct ioreq *ioreq)
struct XenBlkDev *blkdev = ioreq->blkdev;
int send_notify = 0;
int have_requests = 0;
- blkif_response_t resp;
- void *dst;
-
- resp.id = ioreq->req.id;
- resp.operation = ioreq->req.operation;
- resp.status = ioreq->status;
+ blkif_response_t *resp;
/* Place on the response ring for the relevant domain. */
switch (blkdev->protocol) {
case BLKIF_PROTOCOL_NATIVE:
- dst = RING_GET_RESPONSE(&blkdev->rings.native, blkdev->rings.native.rsp_prod_pvt);
+ resp = (blkif_response_t *) RING_GET_RESPONSE(&blkdev->rings.native,
+ blkdev->rings.native.rsp_prod_pvt);
break;
case BLKIF_PROTOCOL_X86_32:
- dst = RING_GET_RESPONSE(&blkdev->rings.x86_32_part,
- blkdev->rings.x86_32_part.rsp_prod_pvt);
+ resp = (blkif_response_t *) RING_GET_RESPONSE(&blkdev->rings.x86_32_part,
+ blkdev->rings.x86_32_part.rsp_prod_pvt);
break;
case BLKIF_PROTOCOL_X86_64:
- dst = RING_GET_RESPONSE(&blkdev->rings.x86_64_part,
- blkdev->rings.x86_64_part.rsp_prod_pvt);
+ resp = (blkif_response_t *) RING_GET_RESPONSE(&blkdev->rings.x86_64_part,
+ blkdev->rings.x86_64_part.rsp_prod_pvt);
break;
default:
- dst = NULL;
return 0;
}
- memcpy(dst, &resp, sizeof(resp));
+
+ resp->id = ioreq->req.id;
+ resp->operation = ioreq->req.operation;
+ resp->status = ioreq->status;
+
blkdev->rings.common.rsp_prod_pvt++;
RING_PUSH_RESPONSES_AND_CHECK_NOTIFY(&blkdev->rings.common, send_notify);
--
1.9.1
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [PULL 1/3] xen/disk: don't leak stack data via response ring
@ 2017-06-27 22:04 ` Stefano Stabellini
0 siblings, 0 replies; 20+ messages in thread
From: Stefano Stabellini @ 2017-06-27 22:04 UTC (permalink / raw)
To: peter.maydell, stefanha
Cc: sstabellini, stefanha, qemu-devel, Jan Beulich, anthony.perard,
xen-devel
Rather than constructing a local structure instance on the stack, fill
the fields directly on the shared ring, just like other (Linux)
backends do. Build on the fact that all response structure flavors are
actually identical (aside from alignment and padding at the end).
This is XSA-216.
Reported by: Anthony Perard <anthony.perard@citrix.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Acked-by: Anthony PERARD <anthony.perard@citrix.com>
---
hw/block/xen_disk.c | 25 ++++++++++++-------------
1 file changed, 12 insertions(+), 13 deletions(-)
diff --git a/hw/block/xen_disk.c b/hw/block/xen_disk.c
index 3a22805..9200511 100644
--- a/hw/block/xen_disk.c
+++ b/hw/block/xen_disk.c
@@ -769,31 +769,30 @@ static int blk_send_response_one(struct ioreq *ioreq)
struct XenBlkDev *blkdev = ioreq->blkdev;
int send_notify = 0;
int have_requests = 0;
- blkif_response_t resp;
- void *dst;
-
- resp.id = ioreq->req.id;
- resp.operation = ioreq->req.operation;
- resp.status = ioreq->status;
+ blkif_response_t *resp;
/* Place on the response ring for the relevant domain. */
switch (blkdev->protocol) {
case BLKIF_PROTOCOL_NATIVE:
- dst = RING_GET_RESPONSE(&blkdev->rings.native, blkdev->rings.native.rsp_prod_pvt);
+ resp = (blkif_response_t *) RING_GET_RESPONSE(&blkdev->rings.native,
+ blkdev->rings.native.rsp_prod_pvt);
break;
case BLKIF_PROTOCOL_X86_32:
- dst = RING_GET_RESPONSE(&blkdev->rings.x86_32_part,
- blkdev->rings.x86_32_part.rsp_prod_pvt);
+ resp = (blkif_response_t *) RING_GET_RESPONSE(&blkdev->rings.x86_32_part,
+ blkdev->rings.x86_32_part.rsp_prod_pvt);
break;
case BLKIF_PROTOCOL_X86_64:
- dst = RING_GET_RESPONSE(&blkdev->rings.x86_64_part,
- blkdev->rings.x86_64_part.rsp_prod_pvt);
+ resp = (blkif_response_t *) RING_GET_RESPONSE(&blkdev->rings.x86_64_part,
+ blkdev->rings.x86_64_part.rsp_prod_pvt);
break;
default:
- dst = NULL;
return 0;
}
- memcpy(dst, &resp, sizeof(resp));
+
+ resp->id = ioreq->req.id;
+ resp->operation = ioreq->req.operation;
+ resp->status = ioreq->status;
+
blkdev->rings.common.rsp_prod_pvt++;
RING_PUSH_RESPONSES_AND_CHECK_NOTIFY(&blkdev->rings.common, send_notify);
--
1.9.1
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PULL 2/3] xen-disk: only advertize feature-persistent if grant copy is not available
2017-06-27 22:04 ` Stefano Stabellini
@ 2017-06-27 22:04 ` Stefano Stabellini
-1 siblings, 0 replies; 20+ messages in thread
From: Stefano Stabellini @ 2017-06-27 22:04 UTC (permalink / raw)
To: peter.maydell, stefanha
Cc: sstabellini, stefanha, anthony.perard, xen-devel, qemu-devel,
Paul Durrant
From: Paul Durrant <paul.durrant@citrix.com>
If grant copy is available then it will always be used in preference to
persistent maps. In this case feature-persistent should not be advertized
to the frontend, otherwise it may needlessly copy data into persistently
granted buffers.
Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
---
hw/block/xen_disk.c | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/hw/block/xen_disk.c b/hw/block/xen_disk.c
index 9200511..8218741 100644
--- a/hw/block/xen_disk.c
+++ b/hw/block/xen_disk.c
@@ -1022,11 +1022,18 @@ static int blk_init(struct XenDevice *xendev)
blkdev->file_blk = BLOCK_SIZE;
+ blkdev->feature_grant_copy =
+ (xengnttab_grant_copy(blkdev->xendev.gnttabdev, 0, NULL) == 0);
+
+ xen_pv_printf(&blkdev->xendev, 3, "grant copy operation %s\n",
+ blkdev->feature_grant_copy ? "enabled" : "disabled");
+
/* fill info
* blk_connect supplies sector-size and sectors
*/
xenstore_write_be_int(&blkdev->xendev, "feature-flush-cache", 1);
- xenstore_write_be_int(&blkdev->xendev, "feature-persistent", 1);
+ xenstore_write_be_int(&blkdev->xendev, "feature-persistent",
+ !blkdev->feature_grant_copy);
xenstore_write_be_int(&blkdev->xendev, "info", info);
blk_parse_discard(blkdev);
@@ -1201,12 +1208,6 @@ static int blk_connect(struct XenDevice *xendev)
xen_be_bind_evtchn(&blkdev->xendev);
- blkdev->feature_grant_copy =
- (xengnttab_grant_copy(blkdev->xendev.gnttabdev, 0, NULL) == 0);
-
- xen_pv_printf(&blkdev->xendev, 3, "grant copy operation %s\n",
- blkdev->feature_grant_copy ? "enabled" : "disabled");
-
xen_pv_printf(&blkdev->xendev, 1, "ok: proto %s, ring-ref %d, "
"remote port %d, local port %d\n",
blkdev->xendev.protocol, blkdev->ring_ref,
--
1.9.1
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [PULL 2/3] xen-disk: only advertize feature-persistent if grant copy is not available
@ 2017-06-27 22:04 ` Stefano Stabellini
0 siblings, 0 replies; 20+ messages in thread
From: Stefano Stabellini @ 2017-06-27 22:04 UTC (permalink / raw)
To: peter.maydell, stefanha
Cc: sstabellini, qemu-devel, Paul Durrant, stefanha, anthony.perard,
xen-devel
From: Paul Durrant <paul.durrant@citrix.com>
If grant copy is available then it will always be used in preference to
persistent maps. In this case feature-persistent should not be advertized
to the frontend, otherwise it may needlessly copy data into persistently
granted buffers.
Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
---
hw/block/xen_disk.c | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/hw/block/xen_disk.c b/hw/block/xen_disk.c
index 9200511..8218741 100644
--- a/hw/block/xen_disk.c
+++ b/hw/block/xen_disk.c
@@ -1022,11 +1022,18 @@ static int blk_init(struct XenDevice *xendev)
blkdev->file_blk = BLOCK_SIZE;
+ blkdev->feature_grant_copy =
+ (xengnttab_grant_copy(blkdev->xendev.gnttabdev, 0, NULL) == 0);
+
+ xen_pv_printf(&blkdev->xendev, 3, "grant copy operation %s\n",
+ blkdev->feature_grant_copy ? "enabled" : "disabled");
+
/* fill info
* blk_connect supplies sector-size and sectors
*/
xenstore_write_be_int(&blkdev->xendev, "feature-flush-cache", 1);
- xenstore_write_be_int(&blkdev->xendev, "feature-persistent", 1);
+ xenstore_write_be_int(&blkdev->xendev, "feature-persistent",
+ !blkdev->feature_grant_copy);
xenstore_write_be_int(&blkdev->xendev, "info", info);
blk_parse_discard(blkdev);
@@ -1201,12 +1208,6 @@ static int blk_connect(struct XenDevice *xendev)
xen_be_bind_evtchn(&blkdev->xendev);
- blkdev->feature_grant_copy =
- (xengnttab_grant_copy(blkdev->xendev.gnttabdev, 0, NULL) == 0);
-
- xen_pv_printf(&blkdev->xendev, 3, "grant copy operation %s\n",
- blkdev->feature_grant_copy ? "enabled" : "disabled");
-
xen_pv_printf(&blkdev->xendev, 1, "ok: proto %s, ring-ref %d, "
"remote port %d, local port %d\n",
blkdev->xendev.protocol, blkdev->ring_ref,
--
1.9.1
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PULL 3/3] xen-disk: add support for multi-page shared rings
2017-06-27 22:04 ` Stefano Stabellini
@ 2017-06-27 22:04 ` Stefano Stabellini
-1 siblings, 0 replies; 20+ messages in thread
From: Stefano Stabellini @ 2017-06-27 22:04 UTC (permalink / raw)
To: peter.maydell, stefanha
Cc: sstabellini, stefanha, anthony.perard, xen-devel, qemu-devel,
Paul Durrant
From: Paul Durrant <paul.durrant@citrix.com>
The blkif protocol has had provision for negotiation of multi-page shared
rings for some time now and many guest OS have support in their frontend
drivers.
This patch makes the necessary modifications to xen-disk support a shared
ring up to order 4 (i.e. 16 pages).
Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
---
hw/block/xen_disk.c | 144 +++++++++++++++++++++++++++++++++++++++++-----------
1 file changed, 113 insertions(+), 31 deletions(-)
diff --git a/hw/block/xen_disk.c b/hw/block/xen_disk.c
index 8218741..d42ed70 100644
--- a/hw/block/xen_disk.c
+++ b/hw/block/xen_disk.c
@@ -36,8 +36,6 @@
static int batch_maps = 0;
-static int max_requests = 32;
-
/* ------------------------------------------------------------- */
#define BLOCK_SIZE 512
@@ -84,6 +82,8 @@ struct ioreq {
BlockAcctCookie acct;
};
+#define MAX_RING_PAGE_ORDER 4
+
struct XenBlkDev {
struct XenDevice xendev; /* must be first */
char *params;
@@ -94,7 +94,8 @@ struct XenBlkDev {
bool directiosafe;
const char *fileproto;
const char *filename;
- int ring_ref;
+ unsigned int ring_ref[1 << MAX_RING_PAGE_ORDER];
+ unsigned int nr_ring_ref;
void *sring;
int64_t file_blk;
int64_t file_size;
@@ -110,6 +111,7 @@ struct XenBlkDev {
int requests_total;
int requests_inflight;
int requests_finished;
+ unsigned int max_requests;
/* Persistent grants extension */
gboolean feature_discard;
@@ -199,7 +201,7 @@ static struct ioreq *ioreq_start(struct XenBlkDev *blkdev)
struct ioreq *ioreq = NULL;
if (QLIST_EMPTY(&blkdev->freelist)) {
- if (blkdev->requests_total >= max_requests) {
+ if (blkdev->requests_total >= blkdev->max_requests) {
goto out;
}
/* allocate new struct */
@@ -904,7 +906,7 @@ static void blk_handle_requests(struct XenBlkDev *blkdev)
ioreq_runio_qemu_aio(ioreq);
}
- if (blkdev->more_work && blkdev->requests_inflight < max_requests) {
+ if (blkdev->more_work && blkdev->requests_inflight < blkdev->max_requests) {
qemu_bh_schedule(blkdev->bh);
}
}
@@ -917,15 +919,6 @@ static void blk_bh(void *opaque)
blk_handle_requests(blkdev);
}
-/*
- * We need to account for the grant allocations requiring contiguous
- * chunks; the worst case number would be
- * max_req * max_seg + (max_req - 1) * (max_seg - 1) + 1,
- * but in order to keep things simple just use
- * 2 * max_req * max_seg.
- */
-#define MAX_GRANTS(max_req, max_seg) (2 * (max_req) * (max_seg))
-
static void blk_alloc(struct XenDevice *xendev)
{
struct XenBlkDev *blkdev = container_of(xendev, struct XenBlkDev, xendev);
@@ -937,11 +930,6 @@ static void blk_alloc(struct XenDevice *xendev)
if (xen_mode != XEN_EMULATE) {
batch_maps = 1;
}
- if (xengnttab_set_max_grants(xendev->gnttabdev,
- MAX_GRANTS(max_requests, BLKIF_MAX_SEGMENTS_PER_REQUEST)) < 0) {
- xen_pv_printf(xendev, 0, "xengnttab_set_max_grants failed: %s\n",
- strerror(errno));
- }
}
static void blk_parse_discard(struct XenBlkDev *blkdev)
@@ -1036,6 +1024,9 @@ static int blk_init(struct XenDevice *xendev)
!blkdev->feature_grant_copy);
xenstore_write_be_int(&blkdev->xendev, "info", info);
+ xenstore_write_be_int(&blkdev->xendev, "max-ring-page-order",
+ MAX_RING_PAGE_ORDER);
+
blk_parse_discard(blkdev);
g_free(directiosafe);
@@ -1057,12 +1048,25 @@ out_error:
return -1;
}
+/*
+ * We need to account for the grant allocations requiring contiguous
+ * chunks; the worst case number would be
+ * max_req * max_seg + (max_req - 1) * (max_seg - 1) + 1,
+ * but in order to keep things simple just use
+ * 2 * max_req * max_seg.
+ */
+#define MAX_GRANTS(max_req, max_seg) (2 * (max_req) * (max_seg))
+
static int blk_connect(struct XenDevice *xendev)
{
struct XenBlkDev *blkdev = container_of(xendev, struct XenBlkDev, xendev);
int pers, index, qflags;
bool readonly = true;
bool writethrough = true;
+ int order, ring_ref;
+ unsigned int ring_size, max_grants;
+ unsigned int i;
+ uint32_t *domids;
/* read-only ? */
if (blkdev->directiosafe) {
@@ -1137,9 +1141,42 @@ static int blk_connect(struct XenDevice *xendev)
xenstore_write_be_int64(&blkdev->xendev, "sectors",
blkdev->file_size / blkdev->file_blk);
- if (xenstore_read_fe_int(&blkdev->xendev, "ring-ref", &blkdev->ring_ref) == -1) {
+ if (xenstore_read_fe_int(&blkdev->xendev, "ring-page-order",
+ &order) == -1) {
+ blkdev->nr_ring_ref = 1;
+
+ if (xenstore_read_fe_int(&blkdev->xendev, "ring-ref",
+ &ring_ref) == -1) {
+ return -1;
+ }
+ blkdev->ring_ref[0] = ring_ref;
+
+ } else if (order >= 0 && order <= MAX_RING_PAGE_ORDER) {
+ blkdev->nr_ring_ref = 1 << order;
+
+ for (i = 0; i < blkdev->nr_ring_ref; i++) {
+ char *key;
+
+ key = g_strdup_printf("ring-ref%u", i);
+ if (!key) {
+ return -1;
+ }
+
+ if (xenstore_read_fe_int(&blkdev->xendev, key,
+ &ring_ref) == -1) {
+ g_free(key);
+ return -1;
+ }
+ blkdev->ring_ref[i] = ring_ref;
+
+ g_free(key);
+ }
+ } else {
+ xen_pv_printf(xendev, 0, "invalid ring-page-order: %d\n",
+ order);
return -1;
}
+
if (xenstore_read_fe_int(&blkdev->xendev, "event-channel",
&blkdev->xendev.remote_port) == -1) {
return -1;
@@ -1162,41 +1199,85 @@ static int blk_connect(struct XenDevice *xendev)
blkdev->protocol = BLKIF_PROTOCOL_NATIVE;
}
- blkdev->sring = xengnttab_map_grant_ref(blkdev->xendev.gnttabdev,
- blkdev->xendev.dom,
- blkdev->ring_ref,
- PROT_READ | PROT_WRITE);
+ ring_size = XC_PAGE_SIZE * blkdev->nr_ring_ref;
+ switch (blkdev->protocol) {
+ case BLKIF_PROTOCOL_NATIVE:
+ {
+ blkdev->max_requests = __CONST_RING_SIZE(blkif, ring_size);
+ break;
+ }
+ case BLKIF_PROTOCOL_X86_32:
+ {
+ blkdev->max_requests = __CONST_RING_SIZE(blkif_x86_32, ring_size);
+ break;
+ }
+ case BLKIF_PROTOCOL_X86_64:
+ {
+ blkdev->max_requests = __CONST_RING_SIZE(blkif_x86_64, ring_size);
+ break;
+ }
+ default:
+ return -1;
+ }
+
+ /* Calculate the maximum number of grants needed by ioreqs */
+ max_grants = MAX_GRANTS(blkdev->max_requests,
+ BLKIF_MAX_SEGMENTS_PER_REQUEST);
+ /* Add on the number needed for the ring pages */
+ max_grants += blkdev->nr_ring_ref;
+
+ if (xengnttab_set_max_grants(blkdev->xendev.gnttabdev, max_grants)) {
+ xen_pv_printf(xendev, 0, "xengnttab_set_max_grants failed: %s\n",
+ strerror(errno));
+ return -1;
+ }
+
+ domids = g_malloc0_n(blkdev->nr_ring_ref, sizeof(uint32_t));
+ for (i = 0; i < blkdev->nr_ring_ref; i++) {
+ domids[i] = blkdev->xendev.dom;
+ }
+
+ blkdev->sring = xengnttab_map_grant_refs(blkdev->xendev.gnttabdev,
+ blkdev->nr_ring_ref,
+ domids,
+ blkdev->ring_ref,
+ PROT_READ | PROT_WRITE);
+
+ g_free(domids);
+
if (!blkdev->sring) {
return -1;
}
+
blkdev->cnt_map++;
switch (blkdev->protocol) {
case BLKIF_PROTOCOL_NATIVE:
{
blkif_sring_t *sring_native = blkdev->sring;
- BACK_RING_INIT(&blkdev->rings.native, sring_native, XC_PAGE_SIZE);
+ BACK_RING_INIT(&blkdev->rings.native, sring_native, ring_size);
break;
}
case BLKIF_PROTOCOL_X86_32:
{
blkif_x86_32_sring_t *sring_x86_32 = blkdev->sring;
- BACK_RING_INIT(&blkdev->rings.x86_32_part, sring_x86_32, XC_PAGE_SIZE);
+ BACK_RING_INIT(&blkdev->rings.x86_32_part, sring_x86_32, ring_size);
break;
}
case BLKIF_PROTOCOL_X86_64:
{
blkif_x86_64_sring_t *sring_x86_64 = blkdev->sring;
- BACK_RING_INIT(&blkdev->rings.x86_64_part, sring_x86_64, XC_PAGE_SIZE);
+ BACK_RING_INIT(&blkdev->rings.x86_64_part, sring_x86_64, ring_size);
break;
}
}
if (blkdev->feature_persistent) {
/* Init persistent grants */
- blkdev->max_grants = max_requests * BLKIF_MAX_SEGMENTS_PER_REQUEST;
+ blkdev->max_grants = blkdev->max_requests *
+ BLKIF_MAX_SEGMENTS_PER_REQUEST;
blkdev->persistent_gnts = g_tree_new_full((GCompareDataFunc)int_cmp,
NULL, NULL,
batch_maps ?
@@ -1208,9 +1289,9 @@ static int blk_connect(struct XenDevice *xendev)
xen_be_bind_evtchn(&blkdev->xendev);
- xen_pv_printf(&blkdev->xendev, 1, "ok: proto %s, ring-ref %d, "
+ xen_pv_printf(&blkdev->xendev, 1, "ok: proto %s, nr-ring-ref %u, "
"remote port %d, local port %d\n",
- blkdev->xendev.protocol, blkdev->ring_ref,
+ blkdev->xendev.protocol, blkdev->nr_ring_ref,
blkdev->xendev.remote_port, blkdev->xendev.local_port);
return 0;
}
@@ -1227,7 +1308,8 @@ static void blk_disconnect(struct XenDevice *xendev)
xen_pv_unbind_evtchn(&blkdev->xendev);
if (blkdev->sring) {
- xengnttab_unmap(blkdev->xendev.gnttabdev, blkdev->sring, 1);
+ xengnttab_unmap(blkdev->xendev.gnttabdev, blkdev->sring,
+ blkdev->nr_ring_ref);
blkdev->cnt_map--;
blkdev->sring = NULL;
}
--
1.9.1
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [PULL 3/3] xen-disk: add support for multi-page shared rings
@ 2017-06-27 22:04 ` Stefano Stabellini
0 siblings, 0 replies; 20+ messages in thread
From: Stefano Stabellini @ 2017-06-27 22:04 UTC (permalink / raw)
To: peter.maydell, stefanha
Cc: sstabellini, qemu-devel, Paul Durrant, stefanha, anthony.perard,
xen-devel
From: Paul Durrant <paul.durrant@citrix.com>
The blkif protocol has had provision for negotiation of multi-page shared
rings for some time now and many guest OS have support in their frontend
drivers.
This patch makes the necessary modifications to xen-disk support a shared
ring up to order 4 (i.e. 16 pages).
Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
---
hw/block/xen_disk.c | 144 +++++++++++++++++++++++++++++++++++++++++-----------
1 file changed, 113 insertions(+), 31 deletions(-)
diff --git a/hw/block/xen_disk.c b/hw/block/xen_disk.c
index 8218741..d42ed70 100644
--- a/hw/block/xen_disk.c
+++ b/hw/block/xen_disk.c
@@ -36,8 +36,6 @@
static int batch_maps = 0;
-static int max_requests = 32;
-
/* ------------------------------------------------------------- */
#define BLOCK_SIZE 512
@@ -84,6 +82,8 @@ struct ioreq {
BlockAcctCookie acct;
};
+#define MAX_RING_PAGE_ORDER 4
+
struct XenBlkDev {
struct XenDevice xendev; /* must be first */
char *params;
@@ -94,7 +94,8 @@ struct XenBlkDev {
bool directiosafe;
const char *fileproto;
const char *filename;
- int ring_ref;
+ unsigned int ring_ref[1 << MAX_RING_PAGE_ORDER];
+ unsigned int nr_ring_ref;
void *sring;
int64_t file_blk;
int64_t file_size;
@@ -110,6 +111,7 @@ struct XenBlkDev {
int requests_total;
int requests_inflight;
int requests_finished;
+ unsigned int max_requests;
/* Persistent grants extension */
gboolean feature_discard;
@@ -199,7 +201,7 @@ static struct ioreq *ioreq_start(struct XenBlkDev *blkdev)
struct ioreq *ioreq = NULL;
if (QLIST_EMPTY(&blkdev->freelist)) {
- if (blkdev->requests_total >= max_requests) {
+ if (blkdev->requests_total >= blkdev->max_requests) {
goto out;
}
/* allocate new struct */
@@ -904,7 +906,7 @@ static void blk_handle_requests(struct XenBlkDev *blkdev)
ioreq_runio_qemu_aio(ioreq);
}
- if (blkdev->more_work && blkdev->requests_inflight < max_requests) {
+ if (blkdev->more_work && blkdev->requests_inflight < blkdev->max_requests) {
qemu_bh_schedule(blkdev->bh);
}
}
@@ -917,15 +919,6 @@ static void blk_bh(void *opaque)
blk_handle_requests(blkdev);
}
-/*
- * We need to account for the grant allocations requiring contiguous
- * chunks; the worst case number would be
- * max_req * max_seg + (max_req - 1) * (max_seg - 1) + 1,
- * but in order to keep things simple just use
- * 2 * max_req * max_seg.
- */
-#define MAX_GRANTS(max_req, max_seg) (2 * (max_req) * (max_seg))
-
static void blk_alloc(struct XenDevice *xendev)
{
struct XenBlkDev *blkdev = container_of(xendev, struct XenBlkDev, xendev);
@@ -937,11 +930,6 @@ static void blk_alloc(struct XenDevice *xendev)
if (xen_mode != XEN_EMULATE) {
batch_maps = 1;
}
- if (xengnttab_set_max_grants(xendev->gnttabdev,
- MAX_GRANTS(max_requests, BLKIF_MAX_SEGMENTS_PER_REQUEST)) < 0) {
- xen_pv_printf(xendev, 0, "xengnttab_set_max_grants failed: %s\n",
- strerror(errno));
- }
}
static void blk_parse_discard(struct XenBlkDev *blkdev)
@@ -1036,6 +1024,9 @@ static int blk_init(struct XenDevice *xendev)
!blkdev->feature_grant_copy);
xenstore_write_be_int(&blkdev->xendev, "info", info);
+ xenstore_write_be_int(&blkdev->xendev, "max-ring-page-order",
+ MAX_RING_PAGE_ORDER);
+
blk_parse_discard(blkdev);
g_free(directiosafe);
@@ -1057,12 +1048,25 @@ out_error:
return -1;
}
+/*
+ * We need to account for the grant allocations requiring contiguous
+ * chunks; the worst case number would be
+ * max_req * max_seg + (max_req - 1) * (max_seg - 1) + 1,
+ * but in order to keep things simple just use
+ * 2 * max_req * max_seg.
+ */
+#define MAX_GRANTS(max_req, max_seg) (2 * (max_req) * (max_seg))
+
static int blk_connect(struct XenDevice *xendev)
{
struct XenBlkDev *blkdev = container_of(xendev, struct XenBlkDev, xendev);
int pers, index, qflags;
bool readonly = true;
bool writethrough = true;
+ int order, ring_ref;
+ unsigned int ring_size, max_grants;
+ unsigned int i;
+ uint32_t *domids;
/* read-only ? */
if (blkdev->directiosafe) {
@@ -1137,9 +1141,42 @@ static int blk_connect(struct XenDevice *xendev)
xenstore_write_be_int64(&blkdev->xendev, "sectors",
blkdev->file_size / blkdev->file_blk);
- if (xenstore_read_fe_int(&blkdev->xendev, "ring-ref", &blkdev->ring_ref) == -1) {
+ if (xenstore_read_fe_int(&blkdev->xendev, "ring-page-order",
+ &order) == -1) {
+ blkdev->nr_ring_ref = 1;
+
+ if (xenstore_read_fe_int(&blkdev->xendev, "ring-ref",
+ &ring_ref) == -1) {
+ return -1;
+ }
+ blkdev->ring_ref[0] = ring_ref;
+
+ } else if (order >= 0 && order <= MAX_RING_PAGE_ORDER) {
+ blkdev->nr_ring_ref = 1 << order;
+
+ for (i = 0; i < blkdev->nr_ring_ref; i++) {
+ char *key;
+
+ key = g_strdup_printf("ring-ref%u", i);
+ if (!key) {
+ return -1;
+ }
+
+ if (xenstore_read_fe_int(&blkdev->xendev, key,
+ &ring_ref) == -1) {
+ g_free(key);
+ return -1;
+ }
+ blkdev->ring_ref[i] = ring_ref;
+
+ g_free(key);
+ }
+ } else {
+ xen_pv_printf(xendev, 0, "invalid ring-page-order: %d\n",
+ order);
return -1;
}
+
if (xenstore_read_fe_int(&blkdev->xendev, "event-channel",
&blkdev->xendev.remote_port) == -1) {
return -1;
@@ -1162,41 +1199,85 @@ static int blk_connect(struct XenDevice *xendev)
blkdev->protocol = BLKIF_PROTOCOL_NATIVE;
}
- blkdev->sring = xengnttab_map_grant_ref(blkdev->xendev.gnttabdev,
- blkdev->xendev.dom,
- blkdev->ring_ref,
- PROT_READ | PROT_WRITE);
+ ring_size = XC_PAGE_SIZE * blkdev->nr_ring_ref;
+ switch (blkdev->protocol) {
+ case BLKIF_PROTOCOL_NATIVE:
+ {
+ blkdev->max_requests = __CONST_RING_SIZE(blkif, ring_size);
+ break;
+ }
+ case BLKIF_PROTOCOL_X86_32:
+ {
+ blkdev->max_requests = __CONST_RING_SIZE(blkif_x86_32, ring_size);
+ break;
+ }
+ case BLKIF_PROTOCOL_X86_64:
+ {
+ blkdev->max_requests = __CONST_RING_SIZE(blkif_x86_64, ring_size);
+ break;
+ }
+ default:
+ return -1;
+ }
+
+ /* Calculate the maximum number of grants needed by ioreqs */
+ max_grants = MAX_GRANTS(blkdev->max_requests,
+ BLKIF_MAX_SEGMENTS_PER_REQUEST);
+ /* Add on the number needed for the ring pages */
+ max_grants += blkdev->nr_ring_ref;
+
+ if (xengnttab_set_max_grants(blkdev->xendev.gnttabdev, max_grants)) {
+ xen_pv_printf(xendev, 0, "xengnttab_set_max_grants failed: %s\n",
+ strerror(errno));
+ return -1;
+ }
+
+ domids = g_malloc0_n(blkdev->nr_ring_ref, sizeof(uint32_t));
+ for (i = 0; i < blkdev->nr_ring_ref; i++) {
+ domids[i] = blkdev->xendev.dom;
+ }
+
+ blkdev->sring = xengnttab_map_grant_refs(blkdev->xendev.gnttabdev,
+ blkdev->nr_ring_ref,
+ domids,
+ blkdev->ring_ref,
+ PROT_READ | PROT_WRITE);
+
+ g_free(domids);
+
if (!blkdev->sring) {
return -1;
}
+
blkdev->cnt_map++;
switch (blkdev->protocol) {
case BLKIF_PROTOCOL_NATIVE:
{
blkif_sring_t *sring_native = blkdev->sring;
- BACK_RING_INIT(&blkdev->rings.native, sring_native, XC_PAGE_SIZE);
+ BACK_RING_INIT(&blkdev->rings.native, sring_native, ring_size);
break;
}
case BLKIF_PROTOCOL_X86_32:
{
blkif_x86_32_sring_t *sring_x86_32 = blkdev->sring;
- BACK_RING_INIT(&blkdev->rings.x86_32_part, sring_x86_32, XC_PAGE_SIZE);
+ BACK_RING_INIT(&blkdev->rings.x86_32_part, sring_x86_32, ring_size);
break;
}
case BLKIF_PROTOCOL_X86_64:
{
blkif_x86_64_sring_t *sring_x86_64 = blkdev->sring;
- BACK_RING_INIT(&blkdev->rings.x86_64_part, sring_x86_64, XC_PAGE_SIZE);
+ BACK_RING_INIT(&blkdev->rings.x86_64_part, sring_x86_64, ring_size);
break;
}
}
if (blkdev->feature_persistent) {
/* Init persistent grants */
- blkdev->max_grants = max_requests * BLKIF_MAX_SEGMENTS_PER_REQUEST;
+ blkdev->max_grants = blkdev->max_requests *
+ BLKIF_MAX_SEGMENTS_PER_REQUEST;
blkdev->persistent_gnts = g_tree_new_full((GCompareDataFunc)int_cmp,
NULL, NULL,
batch_maps ?
@@ -1208,9 +1289,9 @@ static int blk_connect(struct XenDevice *xendev)
xen_be_bind_evtchn(&blkdev->xendev);
- xen_pv_printf(&blkdev->xendev, 1, "ok: proto %s, ring-ref %d, "
+ xen_pv_printf(&blkdev->xendev, 1, "ok: proto %s, nr-ring-ref %u, "
"remote port %d, local port %d\n",
- blkdev->xendev.protocol, blkdev->ring_ref,
+ blkdev->xendev.protocol, blkdev->nr_ring_ref,
blkdev->xendev.remote_port, blkdev->xendev.local_port);
return 0;
}
@@ -1227,7 +1308,8 @@ static void blk_disconnect(struct XenDevice *xendev)
xen_pv_unbind_evtchn(&blkdev->xendev);
if (blkdev->sring) {
- xengnttab_unmap(blkdev->xendev.gnttabdev, blkdev->sring, 1);
+ xengnttab_unmap(blkdev->xendev.gnttabdev, blkdev->sring,
+ blkdev->nr_ring_ref);
blkdev->cnt_map--;
blkdev->sring = NULL;
}
--
1.9.1
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
^ permalink raw reply related [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] [PATCH 0/3] please pull xen-20170627-tag
2017-06-27 22:04 ` Stefano Stabellini
@ 2017-06-29 12:12 ` Peter Maydell
-1 siblings, 0 replies; 20+ messages in thread
From: Peter Maydell @ 2017-06-29 12:12 UTC (permalink / raw)
To: Stefano Stabellini
Cc: Stefan Hajnoczi, Stefan Hajnoczi, Anthony PERARD, xen-devel,
QEMU Developers
On 27 June 2017 at 23:04, Stefano Stabellini <sstabellini@kernel.org> wrote:
> The following changes since commit 577caa2672ccde7352fda3ef17e44993de862f0e:
>
> Merge remote-tracking branch 'remotes/edgar/tags/edgar/mmio-exec-v2.for-upstream' into staging (2017-06-27 16:56:55 +0100)
>
> are available in the git repository at:
>
>
> git://xenbits.xen.org/people/sstabellini/qemu-dm.git tags/xen-20170627-tag
>
> for you to fetch changes up to 3284fad7283596033cb810b4788fd1bb43312dbd:
>
> xen-disk: add support for multi-page shared rings (2017-06-27 15:01:56 -0700)
>
> ----------------------------------------------------------------
> Xen 2017/06/27
>
> ----------------------------------------------------------------
> Paul Durrant (2):
> xen-disk: only advertize feature-persistent if grant copy is not available
> xen-disk: add support for multi-page shared rings
>
> Stefano Stabellini (1):
> xen/disk: don't leak stack data via response ring
>
> hw/block/xen_disk.c | 184 +++++++++++++++++++++++++++++++++++++---------------
> 1 file changed, 133 insertions(+), 51 deletions(-)
Applied, thanks.
-- PMM
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PATCH 0/3] please pull xen-20170627-tag
@ 2017-06-29 12:12 ` Peter Maydell
0 siblings, 0 replies; 20+ messages in thread
From: Peter Maydell @ 2017-06-29 12:12 UTC (permalink / raw)
To: Stefano Stabellini
Cc: Anthony PERARD, Stefan Hajnoczi, QEMU Developers,
Stefan Hajnoczi, xen-devel
On 27 June 2017 at 23:04, Stefano Stabellini <sstabellini@kernel.org> wrote:
> The following changes since commit 577caa2672ccde7352fda3ef17e44993de862f0e:
>
> Merge remote-tracking branch 'remotes/edgar/tags/edgar/mmio-exec-v2.for-upstream' into staging (2017-06-27 16:56:55 +0100)
>
> are available in the git repository at:
>
>
> git://xenbits.xen.org/people/sstabellini/qemu-dm.git tags/xen-20170627-tag
>
> for you to fetch changes up to 3284fad7283596033cb810b4788fd1bb43312dbd:
>
> xen-disk: add support for multi-page shared rings (2017-06-27 15:01:56 -0700)
>
> ----------------------------------------------------------------
> Xen 2017/06/27
>
> ----------------------------------------------------------------
> Paul Durrant (2):
> xen-disk: only advertize feature-persistent if grant copy is not available
> xen-disk: add support for multi-page shared rings
>
> Stefano Stabellini (1):
> xen/disk: don't leak stack data via response ring
>
> hw/block/xen_disk.c | 184 +++++++++++++++++++++++++++++++++++++---------------
> 1 file changed, 133 insertions(+), 51 deletions(-)
Applied, thanks.
-- PMM
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] [Xen-devel] [PULL 3/3] xen-disk: add support for multi-page shared rings
2017-06-27 22:04 ` Stefano Stabellini
@ 2017-07-27 6:02 ` Olaf Hering
-1 siblings, 0 replies; 20+ messages in thread
From: Olaf Hering @ 2017-07-27 6:02 UTC (permalink / raw)
To: Stefano Stabellini
Cc: peter.maydell, stefanha, qemu-devel, Paul Durrant, stefanha,
anthony.perard, xen-devel
[-- Attachment #1: Type: text/plain, Size: 567 bytes --]
On Tue, Jun 27, Stefano Stabellini wrote:
> From: Paul Durrant <paul.durrant@citrix.com>
> The blkif protocol has had provision for negotiation of multi-page shared
> rings for some time now and many guest OS have support in their frontend
> drivers.
> +++ b/hw/block/xen_disk.c
> + domids = g_malloc0_n(blkdev->nr_ring_ref, sizeof(uint32_t));
According to [1] g_malloc0_n requires at least glib-2.24. As a result
compilation of qemu-2.10 fails in SLE11, which has just glib-2.22.
Olaf
[1] https://developer.gnome.org/glib/stable/glib-Memory-Allocation.html
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 195 bytes --]
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PULL 3/3] xen-disk: add support for multi-page shared rings
@ 2017-07-27 6:02 ` Olaf Hering
0 siblings, 0 replies; 20+ messages in thread
From: Olaf Hering @ 2017-07-27 6:02 UTC (permalink / raw)
To: Stefano Stabellini
Cc: peter.maydell, stefanha, qemu-devel, Paul Durrant, stefanha,
anthony.perard, xen-devel
[-- Attachment #1.1: Type: text/plain, Size: 567 bytes --]
On Tue, Jun 27, Stefano Stabellini wrote:
> From: Paul Durrant <paul.durrant@citrix.com>
> The blkif protocol has had provision for negotiation of multi-page shared
> rings for some time now and many guest OS have support in their frontend
> drivers.
> +++ b/hw/block/xen_disk.c
> + domids = g_malloc0_n(blkdev->nr_ring_ref, sizeof(uint32_t));
According to [1] g_malloc0_n requires at least glib-2.24. As a result
compilation of qemu-2.10 fails in SLE11, which has just glib-2.22.
Olaf
[1] https://developer.gnome.org/glib/stable/glib-Memory-Allocation.html
[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 195 bytes --]
[-- Attachment #2: Type: text/plain, Size: 127 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] [Xen-devel] [PULL 3/3] xen-disk: add support for multi-page shared rings
2017-07-27 6:02 ` Olaf Hering
@ 2017-07-27 19:14 ` Stefano Stabellini
-1 siblings, 0 replies; 20+ messages in thread
From: Stefano Stabellini @ 2017-07-27 19:14 UTC (permalink / raw)
To: Olaf Hering
Cc: Stefano Stabellini, peter.maydell, stefanha, qemu-devel,
Paul Durrant, stefanha, anthony.perard, xen-devel
On Thu, 27 Jul 2017, Olaf Hering wrote:
> On Tue, Jun 27, Stefano Stabellini wrote:
>
> > From: Paul Durrant <paul.durrant@citrix.com>
> > The blkif protocol has had provision for negotiation of multi-page shared
> > rings for some time now and many guest OS have support in their frontend
> > drivers.
>
> > +++ b/hw/block/xen_disk.c
>
> > + domids = g_malloc0_n(blkdev->nr_ring_ref, sizeof(uint32_t));
>
> According to [1] g_malloc0_n requires at least glib-2.24. As a result
> compilation of qemu-2.10 fails in SLE11, which has just glib-2.22.
>
> Olaf
>
> [1] https://developer.gnome.org/glib/stable/glib-Memory-Allocation.html
It looks like QEMU supports glib 2.22, so this ought to work. In fact
the only user of g_malloc0_n is xen_disk.c. I would be happy to take a
patch that replaces g_malloc0_n with g_malloc0.
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] [PULL 3/3] xen-disk: add support for multi-page shared rings
@ 2017-07-27 19:14 ` Stefano Stabellini
0 siblings, 0 replies; 20+ messages in thread
From: Stefano Stabellini @ 2017-07-27 19:14 UTC (permalink / raw)
To: Olaf Hering
Cc: peter.maydell, Stefano Stabellini, stefanha, qemu-devel,
Paul Durrant, stefanha, anthony.perard, xen-devel
On Thu, 27 Jul 2017, Olaf Hering wrote:
> On Tue, Jun 27, Stefano Stabellini wrote:
>
> > From: Paul Durrant <paul.durrant@citrix.com>
> > The blkif protocol has had provision for negotiation of multi-page shared
> > rings for some time now and many guest OS have support in their frontend
> > drivers.
>
> > +++ b/hw/block/xen_disk.c
>
> > + domids = g_malloc0_n(blkdev->nr_ring_ref, sizeof(uint32_t));
>
> According to [1] g_malloc0_n requires at least glib-2.24. As a result
> compilation of qemu-2.10 fails in SLE11, which has just glib-2.22.
>
> Olaf
>
> [1] https://developer.gnome.org/glib/stable/glib-Memory-Allocation.html
It looks like QEMU supports glib 2.22, so this ought to work. In fact
the only user of g_malloc0_n is xen_disk.c. I would be happy to take a
patch that replaces g_malloc0_n with g_malloc0.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] xen/disk: don't leak stack data via response ring
2017-06-27 22:04 ` Stefano Stabellini
@ 2017-09-23 16:05 ` Michael Tokarev
-1 siblings, 0 replies; 20+ messages in thread
From: Michael Tokarev @ 2017-09-23 16:05 UTC (permalink / raw)
To: Stefano Stabellini, stefanha
Cc: stefanha, qemu-devel, Jan Beulich, anthony.perard, xen-devel
28.06.2017 01:04, Stefano Stabellini wrote:
> Rather than constructing a local structure instance on the stack, fill
> the fields directly on the shared ring, just like other (Linux)
> backends do. Build on the fact that all response structure flavors are
> actually identical (aside from alignment and padding at the end).
>
> This is XSA-216.
>
> Reported by: Anthony Perard <anthony.perard@citrix.com>
> Signed-off-by: Jan Beulich <jbeulich@suse.com>
> Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
> Acked-by: Anthony PERARD <anthony.perard@citrix.com>
Reportedly, after this patch, HVM DomUs running with qemu-system-i386
(note i386, not x86_64), are leaking memory and host is running out of
memory rather fast. See for example https://bugs.debian.org/871702
I've asked for details, let's see...
For one, I've no idea how xen hvm works, and whenever -i386 version
can be choosen in config or how.
Thanks,
/mjt
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] xen/disk: don't leak stack data via response ring
@ 2017-09-23 16:05 ` Michael Tokarev
0 siblings, 0 replies; 20+ messages in thread
From: Michael Tokarev @ 2017-09-23 16:05 UTC (permalink / raw)
To: Stefano Stabellini, stefanha
Cc: anthony.perard, xen-devel, Jan Beulich, qemu-devel, stefanha
28.06.2017 01:04, Stefano Stabellini wrote:
> Rather than constructing a local structure instance on the stack, fill
> the fields directly on the shared ring, just like other (Linux)
> backends do. Build on the fact that all response structure flavors are
> actually identical (aside from alignment and padding at the end).
>
> This is XSA-216.
>
> Reported by: Anthony Perard <anthony.perard@citrix.com>
> Signed-off-by: Jan Beulich <jbeulich@suse.com>
> Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
> Acked-by: Anthony PERARD <anthony.perard@citrix.com>
Reportedly, after this patch, HVM DomUs running with qemu-system-i386
(note i386, not x86_64), are leaking memory and host is running out of
memory rather fast. See for example https://bugs.debian.org/871702
I've asked for details, let's see...
For one, I've no idea how xen hvm works, and whenever -i386 version
can be choosen in config or how.
Thanks,
/mjt
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] xen/disk: don't leak stack data via response ring
2017-09-23 16:05 ` Michael Tokarev
@ 2017-09-24 9:18 ` Michael Tokarev
-1 siblings, 0 replies; 20+ messages in thread
From: Michael Tokarev @ 2017-09-24 9:18 UTC (permalink / raw)
To: Stefano Stabellini, stefanha
Cc: anthony.perard, xen-devel, Jan Beulich, qemu-devel, stefanha
23.09.2017 19:05, Michael Tokarev wrote:
> 28.06.2017 01:04, Stefano Stabellini wrote:
>> Rather than constructing a local structure instance on the stack, fill
>> the fields directly on the shared ring, just like other (Linux)
>> backends do. Build on the fact that all response structure flavors are
>> actually identical (aside from alignment and padding at the end).
>>
>> This is XSA-216.
>>
>> Reported by: Anthony Perard <anthony.perard@citrix.com>
>> Signed-off-by: Jan Beulich <jbeulich@suse.com>
>> Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
>> Acked-by: Anthony PERARD <anthony.perard@citrix.com>
>
> Reportedly, after this patch, HVM DomUs running with qemu-system-i386
> (note i386, not x86_64), are leaking memory and host is running out of
> memory rather fast. See for example https://bugs.debian.org/871702
Looks like this is a false alarm, the problem actually is with
04bf2526ce87f21b32c9acba1c5518708c243ad0 (exec: use qemu_ram_ptr_length
to access guest ram) without f5aa69bdc3418773f26747ca282c291519626ece
(exec: Add lock parameter to qemu_ram_ptr_length).
I applied only 04bf2526ce87f to 2.8, without realizing that we also
need f5aa69bdc3418).
Now when I try to backport f5aa69bdc3418 to 2.8 (on top of 04bf2526ce87f),
I face an interesting logic without also applying 1ff7c5986a515d2d936eba0
(xen/mapcache: store dma information in revmapcache entries for debugging),
the arguments for xen_map_cache in qemu_ram_ptr_length() in these two patches
are quite fun.. :)
Thanks,
/mjt
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] xen/disk: don't leak stack data via response ring
@ 2017-09-24 9:18 ` Michael Tokarev
0 siblings, 0 replies; 20+ messages in thread
From: Michael Tokarev @ 2017-09-24 9:18 UTC (permalink / raw)
To: Stefano Stabellini, stefanha
Cc: anthony.perard, xen-devel, stefanha, qemu-devel, Jan Beulich
23.09.2017 19:05, Michael Tokarev wrote:
> 28.06.2017 01:04, Stefano Stabellini wrote:
>> Rather than constructing a local structure instance on the stack, fill
>> the fields directly on the shared ring, just like other (Linux)
>> backends do. Build on the fact that all response structure flavors are
>> actually identical (aside from alignment and padding at the end).
>>
>> This is XSA-216.
>>
>> Reported by: Anthony Perard <anthony.perard@citrix.com>
>> Signed-off-by: Jan Beulich <jbeulich@suse.com>
>> Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
>> Acked-by: Anthony PERARD <anthony.perard@citrix.com>
>
> Reportedly, after this patch, HVM DomUs running with qemu-system-i386
> (note i386, not x86_64), are leaking memory and host is running out of
> memory rather fast. See for example https://bugs.debian.org/871702
Looks like this is a false alarm, the problem actually is with
04bf2526ce87f21b32c9acba1c5518708c243ad0 (exec: use qemu_ram_ptr_length
to access guest ram) without f5aa69bdc3418773f26747ca282c291519626ece
(exec: Add lock parameter to qemu_ram_ptr_length).
I applied only 04bf2526ce87f to 2.8, without realizing that we also
need f5aa69bdc3418).
Now when I try to backport f5aa69bdc3418 to 2.8 (on top of 04bf2526ce87f),
I face an interesting logic without also applying 1ff7c5986a515d2d936eba0
(xen/mapcache: store dma information in revmapcache entries for debugging),
the arguments for xen_map_cache in qemu_ram_ptr_length() in these two patches
are quite fun.. :)
Thanks,
/mjt
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] xen/disk: don't leak stack data via response ring
2017-09-24 9:18 ` Michael Tokarev
@ 2017-09-25 22:48 ` Stefano Stabellini
-1 siblings, 0 replies; 20+ messages in thread
From: Stefano Stabellini @ 2017-09-25 22:48 UTC (permalink / raw)
To: Michael Tokarev
Cc: Stefano Stabellini, stefanha, anthony.perard, xen-devel,
Jan Beulich, qemu-devel, stefanha
On Sun, 24 Sep 2017, Michael Tokarev wrote:
> 23.09.2017 19:05, Michael Tokarev wrote:
> > 28.06.2017 01:04, Stefano Stabellini wrote:
> >> Rather than constructing a local structure instance on the stack, fill
> >> the fields directly on the shared ring, just like other (Linux)
> >> backends do. Build on the fact that all response structure flavors are
> >> actually identical (aside from alignment and padding at the end).
> >>
> >> This is XSA-216.
> >>
> >> Reported by: Anthony Perard <anthony.perard@citrix.com>
> >> Signed-off-by: Jan Beulich <jbeulich@suse.com>
> >> Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
> >> Acked-by: Anthony PERARD <anthony.perard@citrix.com>
> >
> > Reportedly, after this patch, HVM DomUs running with qemu-system-i386
> > (note i386, not x86_64), are leaking memory and host is running out of
> > memory rather fast. See for example https://bugs.debian.org/871702
>
> Looks like this is a false alarm, the problem actually is with
> 04bf2526ce87f21b32c9acba1c5518708c243ad0 (exec: use qemu_ram_ptr_length
> to access guest ram) without f5aa69bdc3418773f26747ca282c291519626ece
> (exec: Add lock parameter to qemu_ram_ptr_length).
>
> I applied only 04bf2526ce87f to 2.8, without realizing that we also
> need f5aa69bdc3418).
>
> Now when I try to backport f5aa69bdc3418 to 2.8 (on top of 04bf2526ce87f),
> I face an interesting logic without also applying 1ff7c5986a515d2d936eba0
> (xen/mapcache: store dma information in revmapcache entries for debugging),
> the arguments for xen_map_cache in qemu_ram_ptr_length() in these two patches
> are quite fun.. :)
Sorry about that. Let me know if you need any help with those backport.
Thank you!
- Stefano
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] xen/disk: don't leak stack data via response ring
@ 2017-09-25 22:48 ` Stefano Stabellini
0 siblings, 0 replies; 20+ messages in thread
From: Stefano Stabellini @ 2017-09-25 22:48 UTC (permalink / raw)
To: Michael Tokarev
Cc: Stefano Stabellini, stefanha, stefanha, qemu-devel, Jan Beulich,
anthony.perard, xen-devel
On Sun, 24 Sep 2017, Michael Tokarev wrote:
> 23.09.2017 19:05, Michael Tokarev wrote:
> > 28.06.2017 01:04, Stefano Stabellini wrote:
> >> Rather than constructing a local structure instance on the stack, fill
> >> the fields directly on the shared ring, just like other (Linux)
> >> backends do. Build on the fact that all response structure flavors are
> >> actually identical (aside from alignment and padding at the end).
> >>
> >> This is XSA-216.
> >>
> >> Reported by: Anthony Perard <anthony.perard@citrix.com>
> >> Signed-off-by: Jan Beulich <jbeulich@suse.com>
> >> Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
> >> Acked-by: Anthony PERARD <anthony.perard@citrix.com>
> >
> > Reportedly, after this patch, HVM DomUs running with qemu-system-i386
> > (note i386, not x86_64), are leaking memory and host is running out of
> > memory rather fast. See for example https://bugs.debian.org/871702
>
> Looks like this is a false alarm, the problem actually is with
> 04bf2526ce87f21b32c9acba1c5518708c243ad0 (exec: use qemu_ram_ptr_length
> to access guest ram) without f5aa69bdc3418773f26747ca282c291519626ece
> (exec: Add lock parameter to qemu_ram_ptr_length).
>
> I applied only 04bf2526ce87f to 2.8, without realizing that we also
> need f5aa69bdc3418).
>
> Now when I try to backport f5aa69bdc3418 to 2.8 (on top of 04bf2526ce87f),
> I face an interesting logic without also applying 1ff7c5986a515d2d936eba0
> (xen/mapcache: store dma information in revmapcache entries for debugging),
> the arguments for xen_map_cache in qemu_ram_ptr_length() in these two patches
> are quite fun.. :)
Sorry about that. Let me know if you need any help with those backport.
Thank you!
- Stefano
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 20+ messages in thread
end of thread, other threads:[~2017-09-25 22:49 UTC | newest]
Thread overview: 20+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-06-27 22:04 [Qemu-devel] [PATCH 0/3] please pull xen-20170627-tag Stefano Stabellini
2017-06-27 22:04 ` Stefano Stabellini
2017-06-27 22:04 ` [Qemu-devel] [PULL 1/3] xen/disk: don't leak stack data via response ring Stefano Stabellini
2017-06-27 22:04 ` Stefano Stabellini
2017-06-27 22:04 ` [Qemu-devel] [PULL 2/3] xen-disk: only advertize feature-persistent if grant copy is not available Stefano Stabellini
2017-06-27 22:04 ` Stefano Stabellini
2017-06-27 22:04 ` [Qemu-devel] [PULL 3/3] xen-disk: add support for multi-page shared rings Stefano Stabellini
2017-06-27 22:04 ` Stefano Stabellini
2017-07-27 6:02 ` [Qemu-devel] [Xen-devel] " Olaf Hering
2017-07-27 6:02 ` Olaf Hering
2017-07-27 19:14 ` [Qemu-devel] [Xen-devel] " Stefano Stabellini
2017-07-27 19:14 ` [Qemu-devel] " Stefano Stabellini
2017-09-23 16:05 ` [Qemu-devel] xen/disk: don't leak stack data via response ring Michael Tokarev
2017-09-23 16:05 ` Michael Tokarev
2017-09-24 9:18 ` Michael Tokarev
2017-09-24 9:18 ` Michael Tokarev
2017-09-25 22:48 ` Stefano Stabellini
2017-09-25 22:48 ` Stefano Stabellini
2017-06-29 12:12 ` [Qemu-devel] [PATCH 0/3] please pull xen-20170627-tag Peter Maydell
2017-06-29 12:12 ` Peter Maydell
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.