From: Alex Williamson <alex.williamson@redhat.com>
To: Yishai Hadas <yishaih@nvidia.com>
Cc: <bhelgaas@google.com>, <jgg@nvidia.com>, <saeedm@nvidia.com>,
<linux-pci@vger.kernel.org>, <kvm@vger.kernel.org>,
<netdev@vger.kernel.org>, <kuba@kernel.org>, <leonro@nvidia.com>,
<kwankhede@nvidia.com>, <mgurtovoy@nvidia.com>,
<maorg@nvidia.com>
Subject: Re: [PATCH V6 mlx5-next 07/15] vfio: Have the core code decode the VFIO_DEVICE_FEATURE ioctl
Date: Mon, 31 Jan 2022 16:41:43 -0700 [thread overview]
Message-ID: <20220131164143.6c145fdb.alex.williamson@redhat.com> (raw)
In-Reply-To: <20220130160826.32449-8-yishaih@nvidia.com>
On Sun, 30 Jan 2022 18:08:18 +0200
Yishai Hadas <yishaih@nvidia.com> wrote:
> From: Jason Gunthorpe <jgg@nvidia.com>
>
> Invoke a new device op 'device_feature' to handle just the data array
> portion of the command. This lifts the ioctl validation to the core code
> and makes it simpler for either the core code, or layered drivers, to
> implement their own feature values.
>
> Provide vfio_check_feature() to consolidate checking the flags/etc against
> what the driver supports.
>
> Signed-off-by: Jason Gunthorpe <jgg@nvidia.com>
> Signed-off-by: Yishai Hadas <yishaih@nvidia.com>
> ---
> drivers/vfio/pci/vfio_pci.c | 1 +
> drivers/vfio/pci/vfio_pci_core.c | 90 ++++++++++++--------------------
> drivers/vfio/vfio.c | 46 ++++++++++++++--
> include/linux/vfio.h | 32 ++++++++++++
> include/linux/vfio_pci_core.h | 2 +
> 5 files changed, 109 insertions(+), 62 deletions(-)
>
> diff --git a/drivers/vfio/pci/vfio_pci.c b/drivers/vfio/pci/vfio_pci.c
> index a5ce92beb655..2b047469e02f 100644
> --- a/drivers/vfio/pci/vfio_pci.c
> +++ b/drivers/vfio/pci/vfio_pci.c
> @@ -130,6 +130,7 @@ static const struct vfio_device_ops vfio_pci_ops = {
> .open_device = vfio_pci_open_device,
> .close_device = vfio_pci_core_close_device,
> .ioctl = vfio_pci_core_ioctl,
> + .device_feature = vfio_pci_core_ioctl_feature,
> .read = vfio_pci_core_read,
> .write = vfio_pci_core_write,
> .mmap = vfio_pci_core_mmap,
> diff --git a/drivers/vfio/pci/vfio_pci_core.c b/drivers/vfio/pci/vfio_pci_core.c
> index f948e6cd2993..14a22ff20ef8 100644
> --- a/drivers/vfio/pci/vfio_pci_core.c
> +++ b/drivers/vfio/pci/vfio_pci_core.c
> @@ -1114,70 +1114,44 @@ long vfio_pci_core_ioctl(struct vfio_device *core_vdev, unsigned int cmd,
>
> return vfio_pci_ioeventfd(vdev, ioeventfd.offset,
> ioeventfd.data, count, ioeventfd.fd);
> - } else if (cmd == VFIO_DEVICE_FEATURE) {
> - struct vfio_device_feature feature;
> - uuid_t uuid;
> -
> - minsz = offsetofend(struct vfio_device_feature, flags);
> -
> - if (copy_from_user(&feature, (void __user *)arg, minsz))
> - return -EFAULT;
> -
> - if (feature.argsz < minsz)
> - return -EINVAL;
> -
> - /* Check unknown flags */
> - if (feature.flags & ~(VFIO_DEVICE_FEATURE_MASK |
> - VFIO_DEVICE_FEATURE_SET |
> - VFIO_DEVICE_FEATURE_GET |
> - VFIO_DEVICE_FEATURE_PROBE))
> - return -EINVAL;
> -
> - /* GET & SET are mutually exclusive except with PROBE */
> - if (!(feature.flags & VFIO_DEVICE_FEATURE_PROBE) &&
> - (feature.flags & VFIO_DEVICE_FEATURE_SET) &&
> - (feature.flags & VFIO_DEVICE_FEATURE_GET))
> - return -EINVAL;
> -
> - switch (feature.flags & VFIO_DEVICE_FEATURE_MASK) {
> - case VFIO_DEVICE_FEATURE_PCI_VF_TOKEN:
> - if (!vdev->vf_token)
> - return -ENOTTY;
> -
> - /*
> - * We do not support GET of the VF Token UUID as this
> - * could expose the token of the previous device user.
> - */
> - if (feature.flags & VFIO_DEVICE_FEATURE_GET)
> - return -EINVAL;
> -
> - if (feature.flags & VFIO_DEVICE_FEATURE_PROBE)
> - return 0;
> -
> - /* Don't SET unless told to do so */
> - if (!(feature.flags & VFIO_DEVICE_FEATURE_SET))
> - return -EINVAL;
> + }
> + return -ENOTTY;
> +}
> +EXPORT_SYMBOL_GPL(vfio_pci_core_ioctl);
>
> - if (feature.argsz < minsz + sizeof(uuid))
> - return -EINVAL;
> +int vfio_pci_core_ioctl_feature(struct vfio_device *device, u32 flags,
> + void __user *arg, size_t argsz)
> +{
> + struct vfio_pci_core_device *vdev =
> + container_of(device, struct vfio_pci_core_device, vdev);
> + uuid_t uuid;
> + int ret;
Nit, should uuid at least be scoped within the token code? Or token
code pushed to a separate function?
>
> - if (copy_from_user(&uuid, (void __user *)(arg + minsz),
> - sizeof(uuid)))
> - return -EFAULT;
> + switch (flags & VFIO_DEVICE_FEATURE_MASK) {
> + case VFIO_DEVICE_FEATURE_PCI_VF_TOKEN:
> + if (!vdev->vf_token)
> + return -ENOTTY;
> + /*
> + * We do not support GET of the VF Token UUID as this could
> + * expose the token of the previous device user.
> + */
> + ret = vfio_check_feature(flags, argsz, VFIO_DEVICE_FEATURE_SET,
> + sizeof(uuid));
> + if (ret != 1)
> + return ret;
>
> - mutex_lock(&vdev->vf_token->lock);
> - uuid_copy(&vdev->vf_token->uuid, &uuid);
> - mutex_unlock(&vdev->vf_token->lock);
> + if (copy_from_user(&uuid, arg, sizeof(uuid)))
> + return -EFAULT;
>
> - return 0;
> - default:
> - return -ENOTTY;
> - }
> + mutex_lock(&vdev->vf_token->lock);
> + uuid_copy(&vdev->vf_token->uuid, &uuid);
> + mutex_unlock(&vdev->vf_token->lock);
> + return 0;
> + default:
> + return -ENOTTY;
> }
> -
> - return -ENOTTY;
> }
> -EXPORT_SYMBOL_GPL(vfio_pci_core_ioctl);
> +EXPORT_SYMBOL_GPL(vfio_pci_core_ioctl_feature);
...
> diff --git a/include/linux/vfio.h b/include/linux/vfio.h
> index 76191d7abed1..ca69516f869d 100644
> --- a/include/linux/vfio.h
> +++ b/include/linux/vfio.h
> @@ -55,6 +55,7 @@ struct vfio_device {
> * @match: Optional device name match callback (return: 0 for no-match, >0 for
> * match, -errno for abort (ex. match with insufficient or incorrect
> * additional args)
> + * @device_feature: Fill in the VFIO_DEVICE_FEATURE ioctl
> */
> struct vfio_device_ops {
> char *name;
> @@ -69,8 +70,39 @@ struct vfio_device_ops {
> int (*mmap)(struct vfio_device *vdev, struct vm_area_struct *vma);
> void (*request)(struct vfio_device *vdev, unsigned int count);
> int (*match)(struct vfio_device *vdev, char *buf);
> + int (*device_feature)(struct vfio_device *device, u32 flags,
> + void __user *arg, size_t argsz);
> };
>
> +/**
> + * vfio_check_feature - Validate user input for the VFIO_DEVICE_FEATURE ioctl
> + * @flags: Arg from the device_feature op
> + * @argsz: Arg from the device_feature op
> + * @supported_ops: Combination of VFIO_DEVICE_FEATURE_GET and SET the driver
> + * supports
> + * @minsz: Minimum data size the driver accepts
> + *
> + * For use in a driver's device_feature op. Checks that the inputs to the
> + * VFIO_DEVICE_FEATURE ioctl are correct for the driver's feature. Returns 1 if
> + * the driver should execute the get or set, otherwise the relevant
> + * value should be returned.
> + */
> +static inline int vfio_check_feature(u32 flags, size_t argsz, u32 supported_ops,
> + size_t minsz)
> +{
> + if ((flags & (VFIO_DEVICE_FEATURE_GET | VFIO_DEVICE_FEATURE_SET)) &
> + ~supported_ops)
> + return -EINVAL;
These look like cases where it would be useful for userspace debugging
to differentiate errnos.
-EOPNOTSUPP?
> + if (flags & VFIO_DEVICE_FEATURE_PROBE)
> + return 0;
> + /* Without PROBE one of GET or SET must be requested */
> + if (!(flags & (VFIO_DEVICE_FEATURE_GET | VFIO_DEVICE_FEATURE_SET)))
> + return -EINVAL;
> + if (argsz < minsz)
> + return -EINVAL;
-ENOSPC?
Thanks,
Alex
next prev parent reply other threads:[~2022-01-31 23:41 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-30 16:08 [PATCH V6 mlx5-next 00/15] Add mlx5 live migration driver and v2 migration protocol Yishai Hadas
2022-01-30 16:08 ` [PATCH V6 mlx5-next 01/15] PCI/IOV: Add pci_iov_vf_id() to get VF index Yishai Hadas
2022-01-30 16:08 ` [PATCH V6 mlx5-next 02/15] net/mlx5: Reuse exported virtfn index function call Yishai Hadas
2022-01-30 16:08 ` [PATCH V6 mlx5-next 03/15] net/mlx5: Disable SRIOV before PF removal Yishai Hadas
2022-01-30 16:08 ` [PATCH V6 mlx5-next 04/15] PCI/IOV: Add pci_iov_get_pf_drvdata() to allow VF reaching the drvdata of a PF Yishai Hadas
2022-01-30 16:08 ` [PATCH V6 mlx5-next 05/15] net/mlx5: Expose APIs to get/put the mlx5 core device Yishai Hadas
2022-01-30 16:08 ` [PATCH V6 mlx5-next 06/15] net/mlx5: Introduce migration bits and structures Yishai Hadas
2022-01-30 16:08 ` [PATCH V6 mlx5-next 07/15] vfio: Have the core code decode the VFIO_DEVICE_FEATURE ioctl Yishai Hadas
2022-01-31 23:41 ` Alex Williamson [this message]
2022-02-01 0:11 ` Jason Gunthorpe
2022-02-01 15:47 ` Alex Williamson
2022-02-01 15:49 ` Jason Gunthorpe
2022-01-30 16:08 ` [PATCH V6 mlx5-next 08/15] vfio: Define device migration protocol v2 Yishai Hadas
2022-01-31 23:43 ` Alex Williamson
2022-02-01 0:31 ` Jason Gunthorpe
2022-02-01 17:04 ` Alex Williamson
2022-02-01 18:36 ` Jason Gunthorpe
2022-02-01 21:49 ` Alex Williamson
2022-02-02 0:24 ` Jason Gunthorpe
2022-02-02 23:36 ` Alex Williamson
2022-02-03 14:17 ` Jason Gunthorpe
2022-02-04 12:12 ` Cornelia Huck
2022-02-03 15:51 ` Tarun Gupta (SW-GPU)
2022-02-01 12:06 ` Cornelia Huck
2022-02-01 12:10 ` Jason Gunthorpe
2022-02-01 12:18 ` Cornelia Huck
2022-02-01 12:27 ` Jason Gunthorpe
2022-01-30 16:08 ` [PATCH V6 mlx5-next 09/15] vfio: Extend the device migration protocol with RUNNING_P2P Yishai Hadas
2022-02-01 11:54 ` Cornelia Huck
2022-02-01 12:13 ` Jason Gunthorpe
2022-02-01 18:31 ` Alex Williamson
2022-02-01 18:53 ` Jason Gunthorpe
2022-02-01 19:13 ` Alex Williamson
2022-02-01 19:50 ` Jason Gunthorpe
2022-02-02 23:54 ` Alex Williamson
2022-02-03 14:22 ` Jason Gunthorpe
2022-01-30 16:08 ` [PATCH V6 mlx5-next 10/15] vfio: Remove migration protocol v1 Yishai Hadas
2022-02-01 11:23 ` Cornelia Huck
2022-02-01 12:13 ` Jason Gunthorpe
2022-02-01 12:39 ` Cornelia Huck
2022-02-01 12:54 ` Jason Gunthorpe
2022-02-01 13:26 ` Cornelia Huck
2022-02-01 13:52 ` Jason Gunthorpe
2022-02-01 14:19 ` Cornelia Huck
2022-02-01 14:29 ` Jason Gunthorpe
2022-02-02 11:34 ` Cornelia Huck
2022-02-02 12:22 ` Jason Gunthorpe
2022-02-01 23:01 ` Alex Williamson
2022-02-02 0:28 ` Jason Gunthorpe
2022-02-02 11:38 ` Cornelia Huck
2022-01-30 16:08 ` [PATCH V6 mlx5-next 11/15] vfio/mlx5: Expose migration commands over mlx5 device Yishai Hadas
2022-01-30 16:08 ` [PATCH V6 mlx5-next 12/15] vfio/mlx5: Implement vfio_pci driver for mlx5 devices Yishai Hadas
2022-01-30 16:08 ` [PATCH V6 mlx5-next 13/15] vfio/pci: Expose vfio_pci_core_aer_err_detected() Yishai Hadas
2022-01-30 16:08 ` [PATCH V6 mlx5-next 14/15] vfio/mlx5: Use its own PCI reset_done error handler Yishai Hadas
2022-01-30 16:08 ` [PATCH V6 mlx5-next 15/15] vfio: Extend the device migration protocol with PRE_COPY Yishai Hadas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220131164143.6c145fdb.alex.williamson@redhat.com \
--to=alex.williamson@redhat.com \
--cc=bhelgaas@google.com \
--cc=jgg@nvidia.com \
--cc=kuba@kernel.org \
--cc=kvm@vger.kernel.org \
--cc=kwankhede@nvidia.com \
--cc=leonro@nvidia.com \
--cc=linux-pci@vger.kernel.org \
--cc=maorg@nvidia.com \
--cc=mgurtovoy@nvidia.com \
--cc=netdev@vger.kernel.org \
--cc=saeedm@nvidia.com \
--cc=yishaih@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.