From: "Michael S. Tsirkin" <mst@redhat.com>
To: Rusty Russell <rusty@rustcorp.com.au>
Cc: "Sjur Brændeland" <sjurbren@gmail.com>,
"Amit Shah" <amit.shah@redhat.com>,
linux-kernel@vger.kernel.org, "Ohad Ben-Cohen" <ohad@wizery.com>,
"Linus Walleij" <linus.walleij@linaro.org>,
virtualization@lists.linux-foundation.org
Subject: Re: [RFC 1/2] virtio_console: Add support for DMA memory allocation
Date: Tue, 11 Sep 2012 01:11:11 +0300 [thread overview]
Message-ID: <20120910221111.GA21854@redhat.com> (raw)
In-Reply-To: <20120906052735.GB17656@redhat.com>
On Thu, Sep 06, 2012 at 08:27:35AM +0300, Michael S. Tsirkin wrote:
> On Thu, Sep 06, 2012 at 11:34:25AM +0930, Rusty Russell wrote:
> > "Michael S. Tsirkin" <mst@redhat.com> writes:
> > > On Tue, Sep 04, 2012 at 06:58:47PM +0200, Sjur Brændeland wrote:
> > >> Hi Michael,
> > >>
> > >> > Exactly. Though if we just fail load it will be much less code.
> > >> >
> > >> > Generally, using a feature bit for this is a bit of a problem though:
> > >> > normally driver is expected to be able to simply ignore
> > >> > a feature bit. In this case driver is required to
> > >> > do something so a feature bit is not a good fit.
> > >> > I am not sure what the right thing to do is.
> > >>
> > >> I see - so in order to avoid the binding between driver and device
> > >> there are two options I guess. Either make virtio_dev_match() or
> > >> virtcons_probe() fail. Neither of them seems like the obvious choice.
> > >>
> > >> Maybe adding a check for VIRTIO_CONSOLE_F_DMA_MEM match
> > >> between device and driver in virtcons_probe() is the lesser evil?
> > >>
> > >> Regards,
> > >> Sjur
> > >
> > > A simplest thing to do is change dev id. rusty?
> >
> > For generic usage, this is correct. But my opinion is that fallback on
> > feature non-ack is quality-of-implementation issue: great to have, but
> > there are cases where you just want to fail with "you're too old".
> >
> > And in this case, an old system simply will never work. So it's a
> > question of how graceful the failure is.
> >
> > Can your userspace loader can refuse to proceed if the driver doesn't
> > ack the bits? If so, it's simpler than a whole new ID.
> >
> > Cheers,
> > Rusty.
>
> Yes but how can it signal guest that it will never proceed?
>
> Also grep for BUG_ON in core found this:
>
> drv->remove(dev);
>
> /* Driver should have reset device. */
> BUG_ON(dev->config->get_status(dev));
>
> I think below is what Sjur refers to.
> I think below is a good idea for 3.6. Thoughts?
>
> --->
>
> virtio: don't crash when device is buggy
>
> Because of a sanity check in virtio_dev_remove, a buggy device can crash
> kernel. And in case of rproc it's userspace so it's not a good idea.
> We are unloading a driver so how bad can it be?
> Be less aggressive in handling this error: if it's a driver bug,
> warning once should be enough.
>
> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
>
> --
Rusty?
> diff --git a/drivers/virtio/virtio.c b/drivers/virtio/virtio.c
> index c3b3f7f..1e8659c 100644
> --- a/drivers/virtio/virtio.c
> +++ b/drivers/virtio/virtio.c
> @@ -159,7 +159,7 @@ static int virtio_dev_remove(struct device *_d)
> drv->remove(dev);
>
> /* Driver should have reset device. */
> - BUG_ON(dev->config->get_status(dev));
> + WARN_ON_ONCE(dev->config->get_status(dev));
>
> /* Acknowledge the device's existence again. */
> add_status(dev, VIRTIO_CONFIG_S_ACKNOWLEDGE);
>
> --
> MST
next prev parent reply other threads:[~2012-09-10 22:09 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-09-03 13:51 [RFC 1/2] virtio_console: Add support for DMA memory allocation sjur.brandeland
2012-09-03 13:51 ` [RFC 2/2] virtio_console: Add feature to disable console port sjur.brandeland
2012-09-03 14:30 ` [RFC 1/2] virtio_console: Add support for DMA memory allocation Michael S. Tsirkin
2012-09-03 14:57 ` Sjur Brændeland
2012-09-03 20:27 ` Michael S. Tsirkin
2012-09-04 6:07 ` Rusty Russell
2012-09-05 13:00 ` Sjur Brændeland
2012-09-05 14:35 ` Michael S. Tsirkin
2012-09-05 18:15 ` Sjur Brændeland
2012-09-05 19:16 ` Michael S. Tsirkin
2012-09-07 9:24 ` Sjur Brændeland
2012-09-04 11:28 ` Sjur Brændeland
2012-09-04 13:50 ` Michael S. Tsirkin
2012-09-04 16:58 ` Sjur Brændeland
2012-09-04 18:55 ` Michael S. Tsirkin
2012-09-06 2:04 ` Rusty Russell
2012-09-06 5:27 ` Michael S. Tsirkin
2012-09-10 22:11 ` Michael S. Tsirkin [this message]
2012-09-12 6:24 ` Rusty Russell
2012-09-07 8:35 ` Sjur Brændeland
2012-09-16 9:44 ` [PATCH repost] virtio: don't crash when device is buggy Michael S. Tsirkin
2012-09-17 4:27 ` Rusty Russell
2012-09-18 22:24 ` Michael S. Tsirkin
2012-09-19 4:10 ` Rusty Russell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120910221111.GA21854@redhat.com \
--to=mst@redhat.com \
--cc=amit.shah@redhat.com \
--cc=linus.walleij@linaro.org \
--cc=linux-kernel@vger.kernel.org \
--cc=ohad@wizery.com \
--cc=rusty@rustcorp.com.au \
--cc=sjurbren@gmail.com \
--cc=virtualization@lists.linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).