* [PATCH 0/2] Fix NULL pointer dereference with virtio-blk-pci and virtual IOMMU
@ 2019-07-22 14:55 Eric Auger
2019-07-22 14:55 ` [PATCH 1/2] dma-mapping: Protect dma_addressing_limited against NULL dma_mask Eric Auger
2019-07-22 14:55 ` [PATCH 2/2] virtio/virtio_ring: Fix the dma_max_mapping_size call Eric Auger
0 siblings, 2 replies; 18+ messages in thread
From: Eric Auger @ 2019-07-22 14:55 UTC (permalink / raw)
To: eric.auger.pro, eric.auger, hch, m.szyprowski, robin.murphy, mst,
jasowang, virtualization, iommu, linux-kernel
When running a guest featuring a virtio-blk-pci protected with a virtual
IOMMU we hit a NULL pointer dereference.
This series removes the dma_max_mapping_size() call in
virtio_max_dma_size when the device does not have any dma_mask set.
A check is also added to early return in dma_addressing_limited()
if the dma_mask is NULL.
Eric Auger (2):
dma-mapping: Protect dma_addressing_limited against NULL dma_mask
virtio/virtio_ring: Fix the dma_max_mapping_size call
drivers/virtio/virtio_ring.c | 2 +-
include/linux/dma-mapping.h | 5 +++--
2 files changed, 4 insertions(+), 3 deletions(-)
--
2.20.1
^ permalink raw reply [flat|nested] 18+ messages in thread
* [PATCH 1/2] dma-mapping: Protect dma_addressing_limited against NULL dma_mask
2019-07-22 14:55 [PATCH 0/2] Fix NULL pointer dereference with virtio-blk-pci and virtual IOMMU Eric Auger
@ 2019-07-22 14:55 ` Eric Auger
2019-07-22 15:26 ` Christoph Hellwig
2019-07-22 14:55 ` [PATCH 2/2] virtio/virtio_ring: Fix the dma_max_mapping_size call Eric Auger
1 sibling, 1 reply; 18+ messages in thread
From: Eric Auger @ 2019-07-22 14:55 UTC (permalink / raw)
To: eric.auger.pro, eric.auger, hch, m.szyprowski, robin.murphy, mst,
jasowang, virtualization, iommu, linux-kernel
dma_addressing_limited() should not be called on a device with
a NULL dma_mask. If this occurs let's WARN_ON_ONCE and immediately
return. Existing call sites are updated separately.
Fixes: b866455423e0 ("dma-mapping: add a dma_addressing_limited helper")
Signed-off-by: Eric Auger <eric.auger@redhat.com>
---
v1 -> v2:
- add a WARN_ON_ONCE()
- reword the commit message
---
include/linux/dma-mapping.h | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/include/linux/dma-mapping.h b/include/linux/dma-mapping.h
index e11b115dd0e4..ef0cf9537abc 100644
--- a/include/linux/dma-mapping.h
+++ b/include/linux/dma-mapping.h
@@ -689,8 +689,9 @@ static inline int dma_coerce_mask_and_coherent(struct device *dev, u64 mask)
*/
static inline bool dma_addressing_limited(struct device *dev)
{
- return min_not_zero(*dev->dma_mask, dev->bus_dma_mask) <
- dma_get_required_mask(dev);
+ return WARN_ON_ONCE(!dev->dma_mask) ? false :
+ min_not_zero(*dev->dma_mask, dev->bus_dma_mask) <
+ dma_get_required_mask(dev);
}
#ifdef CONFIG_ARCH_HAS_SETUP_DMA_OPS
--
2.20.1
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH 2/2] virtio/virtio_ring: Fix the dma_max_mapping_size call
2019-07-22 14:55 [PATCH 0/2] Fix NULL pointer dereference with virtio-blk-pci and virtual IOMMU Eric Auger
2019-07-22 14:55 ` [PATCH 1/2] dma-mapping: Protect dma_addressing_limited against NULL dma_mask Eric Auger
@ 2019-07-22 14:55 ` Eric Auger
2019-07-22 15:27 ` Christoph Hellwig
` (2 more replies)
1 sibling, 3 replies; 18+ messages in thread
From: Eric Auger @ 2019-07-22 14:55 UTC (permalink / raw)
To: eric.auger.pro, eric.auger, hch, m.szyprowski, robin.murphy, mst,
jasowang, virtualization, iommu, linux-kernel
Do not call dma_max_mapping_size for devices that have no DMA
mask set, otherwise we can hit a NULL pointer dereference.
This occurs when a virtio-blk-pci device is protected with
a virtual IOMMU.
Fixes: e6d6dd6c875e ("virtio: Introduce virtio_max_dma_size()")
Signed-off-by: Eric Auger <eric.auger@redhat.com>
Suggested-by: Christoph Hellwig <hch@lst.de>
---
drivers/virtio/virtio_ring.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c
index c8be1c4f5b55..37c143971211 100644
--- a/drivers/virtio/virtio_ring.c
+++ b/drivers/virtio/virtio_ring.c
@@ -262,7 +262,7 @@ size_t virtio_max_dma_size(struct virtio_device *vdev)
{
size_t max_segment_size = SIZE_MAX;
- if (vring_use_dma_api(vdev))
+ if (vring_use_dma_api(vdev) && vdev->dev.dma_mask)
max_segment_size = dma_max_mapping_size(&vdev->dev);
return max_segment_size;
--
2.20.1
^ permalink raw reply related [flat|nested] 18+ messages in thread
* Re: [PATCH 1/2] dma-mapping: Protect dma_addressing_limited against NULL dma_mask
2019-07-22 14:55 ` [PATCH 1/2] dma-mapping: Protect dma_addressing_limited against NULL dma_mask Eric Auger
@ 2019-07-22 15:26 ` Christoph Hellwig
2019-07-22 15:46 ` Auger Eric
0 siblings, 1 reply; 18+ messages in thread
From: Christoph Hellwig @ 2019-07-22 15:26 UTC (permalink / raw)
To: Eric Auger
Cc: eric.auger.pro, hch, m.szyprowski, robin.murphy, mst, jasowang,
virtualization, iommu, linux-kernel
> static inline bool dma_addressing_limited(struct device *dev)
> {
> - return min_not_zero(*dev->dma_mask, dev->bus_dma_mask) <
> - dma_get_required_mask(dev);
> + return WARN_ON_ONCE(!dev->dma_mask) ? false :
> + min_not_zero(*dev->dma_mask, dev->bus_dma_mask) <
> + dma_get_required_mask(dev);
This should really use a separate if statement, but I can fix that
up when applying it.
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH 2/2] virtio/virtio_ring: Fix the dma_max_mapping_size call
2019-07-22 14:55 ` [PATCH 2/2] virtio/virtio_ring: Fix the dma_max_mapping_size call Eric Auger
@ 2019-07-22 15:27 ` Christoph Hellwig
2019-07-22 15:39 ` Michael S. Tsirkin
2019-07-22 15:33 ` Michael S. Tsirkin
2019-07-22 15:36 ` Robin Murphy
2 siblings, 1 reply; 18+ messages in thread
From: Christoph Hellwig @ 2019-07-22 15:27 UTC (permalink / raw)
To: Eric Auger
Cc: eric.auger.pro, hch, m.szyprowski, robin.murphy, mst, jasowang,
virtualization, iommu, linux-kernel
On Mon, Jul 22, 2019 at 04:55:09PM +0200, Eric Auger wrote:
> Do not call dma_max_mapping_size for devices that have no DMA
> mask set, otherwise we can hit a NULL pointer dereference.
>
> This occurs when a virtio-blk-pci device is protected with
> a virtual IOMMU.
>
> Fixes: e6d6dd6c875e ("virtio: Introduce virtio_max_dma_size()")
> Signed-off-by: Eric Auger <eric.auger@redhat.com>
> Suggested-by: Christoph Hellwig <hch@lst.de>
Looks good. virtio maintainers, let me know if you want to queue
it up or if I should pick the patch up through the dma-mapping tree.
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH 2/2] virtio/virtio_ring: Fix the dma_max_mapping_size call
2019-07-22 14:55 ` [PATCH 2/2] virtio/virtio_ring: Fix the dma_max_mapping_size call Eric Auger
2019-07-22 15:27 ` Christoph Hellwig
@ 2019-07-22 15:33 ` Michael S. Tsirkin
2019-07-23 15:38 ` Christoph Hellwig
2019-07-22 15:36 ` Robin Murphy
2 siblings, 1 reply; 18+ messages in thread
From: Michael S. Tsirkin @ 2019-07-22 15:33 UTC (permalink / raw)
To: Eric Auger
Cc: eric.auger.pro, hch, m.szyprowski, robin.murphy, jasowang,
virtualization, iommu, linux-kernel
On Mon, Jul 22, 2019 at 04:55:09PM +0200, Eric Auger wrote:
> Do not call dma_max_mapping_size for devices that have no DMA
> mask set, otherwise we can hit a NULL pointer dereference.
>
> This occurs when a virtio-blk-pci device is protected with
> a virtual IOMMU.
>
> Fixes: e6d6dd6c875e ("virtio: Introduce virtio_max_dma_size()")
> Signed-off-by: Eric Auger <eric.auger@redhat.com>
> Suggested-by: Christoph Hellwig <hch@lst.de>
Christoph, I wonder why did you suggest this?
The connection between dma_mask and dma_max_mapping_size
is far from obvious. The documentation doesn't exist.
Do we really have to teach all users about this hack?
Why not just make dma_max_mapping_size DTRT?
> ---
> drivers/virtio/virtio_ring.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c
> index c8be1c4f5b55..37c143971211 100644
> --- a/drivers/virtio/virtio_ring.c
> +++ b/drivers/virtio/virtio_ring.c
> @@ -262,7 +262,7 @@ size_t virtio_max_dma_size(struct virtio_device *vdev)
> {
> size_t max_segment_size = SIZE_MAX;
>
> - if (vring_use_dma_api(vdev))
> + if (vring_use_dma_api(vdev) && vdev->dev.dma_mask)
> max_segment_size = dma_max_mapping_size(&vdev->dev);
>
> return max_segment_size;
> --
> 2.20.1
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH 2/2] virtio/virtio_ring: Fix the dma_max_mapping_size call
2019-07-22 14:55 ` [PATCH 2/2] virtio/virtio_ring: Fix the dma_max_mapping_size call Eric Auger
2019-07-22 15:27 ` Christoph Hellwig
2019-07-22 15:33 ` Michael S. Tsirkin
@ 2019-07-22 15:36 ` Robin Murphy
2019-07-22 15:45 ` Michael S. Tsirkin
2019-07-23 15:38 ` Christoph Hellwig
2 siblings, 2 replies; 18+ messages in thread
From: Robin Murphy @ 2019-07-22 15:36 UTC (permalink / raw)
To: Eric Auger, eric.auger.pro, hch, m.szyprowski, mst, jasowang,
virtualization, iommu, linux-kernel
On 22/07/2019 15:55, Eric Auger wrote:
> Do not call dma_max_mapping_size for devices that have no DMA
> mask set, otherwise we can hit a NULL pointer dereference.
>
> This occurs when a virtio-blk-pci device is protected with
> a virtual IOMMU.
>
> Fixes: e6d6dd6c875e ("virtio: Introduce virtio_max_dma_size()")
> Signed-off-by: Eric Auger <eric.auger@redhat.com>
> Suggested-by: Christoph Hellwig <hch@lst.de>
> ---
> drivers/virtio/virtio_ring.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c
> index c8be1c4f5b55..37c143971211 100644
> --- a/drivers/virtio/virtio_ring.c
> +++ b/drivers/virtio/virtio_ring.c
> @@ -262,7 +262,7 @@ size_t virtio_max_dma_size(struct virtio_device *vdev)
> {
> size_t max_segment_size = SIZE_MAX;
>
> - if (vring_use_dma_api(vdev))
> + if (vring_use_dma_api(vdev) && vdev->dev.dma_mask)
Hmm, might it make sense to roll that check up into vring_use_dma_api()
itself? After all, if the device has no mask then it's likely that other
DMA API ops wouldn't really work as expected either.
Robin.
> max_segment_size = dma_max_mapping_size(&vdev->dev);
>
> return max_segment_size;
>
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH 2/2] virtio/virtio_ring: Fix the dma_max_mapping_size call
2019-07-22 15:27 ` Christoph Hellwig
@ 2019-07-22 15:39 ` Michael S. Tsirkin
0 siblings, 0 replies; 18+ messages in thread
From: Michael S. Tsirkin @ 2019-07-22 15:39 UTC (permalink / raw)
To: Christoph Hellwig
Cc: Eric Auger, eric.auger.pro, m.szyprowski, robin.murphy, jasowang,
virtualization, iommu, linux-kernel
On Mon, Jul 22, 2019 at 05:27:10PM +0200, Christoph Hellwig wrote:
> On Mon, Jul 22, 2019 at 04:55:09PM +0200, Eric Auger wrote:
> > Do not call dma_max_mapping_size for devices that have no DMA
> > mask set, otherwise we can hit a NULL pointer dereference.
> >
> > This occurs when a virtio-blk-pci device is protected with
> > a virtual IOMMU.
> >
> > Fixes: e6d6dd6c875e ("virtio: Introduce virtio_max_dma_size()")
> > Signed-off-by: Eric Auger <eric.auger@redhat.com>
> > Suggested-by: Christoph Hellwig <hch@lst.de>
>
> Looks good. virtio maintainers, let me know if you want to queue
> it up or if I should pick the patch up through the dma-mapping tree.
Personally I dislike this API because I feel presence of dma mask does
not strictly have to reflect max size. And generally the requirement to
check presence of mask feels like an undocumented hack to me. Even
reading code will not help you avoid the warning, everyone will get it
wrong and get the warning splat in their logs. So I would prefer just
v1 of the patch that makes dma API do the right thing for us.
However, if that's not going to be the case, let's fix it up in virtio.
In any case, for both v1 and v2 of the patches, you can merge them
through your tree:
Acked-by: Michael S. Tsirkin <mst@redhat.com>
--
MST
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH 2/2] virtio/virtio_ring: Fix the dma_max_mapping_size call
2019-07-22 15:36 ` Robin Murphy
@ 2019-07-22 15:45 ` Michael S. Tsirkin
2019-07-23 15:38 ` Christoph Hellwig
1 sibling, 0 replies; 18+ messages in thread
From: Michael S. Tsirkin @ 2019-07-22 15:45 UTC (permalink / raw)
To: Robin Murphy
Cc: Eric Auger, eric.auger.pro, hch, m.szyprowski, jasowang,
virtualization, iommu, linux-kernel
On Mon, Jul 22, 2019 at 04:36:09PM +0100, Robin Murphy wrote:
> On 22/07/2019 15:55, Eric Auger wrote:
> > Do not call dma_max_mapping_size for devices that have no DMA
> > mask set, otherwise we can hit a NULL pointer dereference.
> >
> > This occurs when a virtio-blk-pci device is protected with
> > a virtual IOMMU.
> >
> > Fixes: e6d6dd6c875e ("virtio: Introduce virtio_max_dma_size()")
> > Signed-off-by: Eric Auger <eric.auger@redhat.com>
> > Suggested-by: Christoph Hellwig <hch@lst.de>
> > ---
> > drivers/virtio/virtio_ring.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c
> > index c8be1c4f5b55..37c143971211 100644
> > --- a/drivers/virtio/virtio_ring.c
> > +++ b/drivers/virtio/virtio_ring.c
> > @@ -262,7 +262,7 @@ size_t virtio_max_dma_size(struct virtio_device *vdev)
> > {
> > size_t max_segment_size = SIZE_MAX;
> > - if (vring_use_dma_api(vdev))
> > + if (vring_use_dma_api(vdev) && vdev->dev.dma_mask)
>
> Hmm, might it make sense to roll that check up into vring_use_dma_api()
> itself? After all, if the device has no mask then it's likely that other DMA
> API ops wouldn't really work as expected either.
>
> Robin.
Nope, Eric pointed out it's just dma_addressing_limited that is broken.
Other APIs call dma_get_mask which handles the NULL mask case fine.
> > max_segment_size = dma_max_mapping_size(&vdev->dev);
> > return max_segment_size;
> >
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH 1/2] dma-mapping: Protect dma_addressing_limited against NULL dma_mask
2019-07-22 15:26 ` Christoph Hellwig
@ 2019-07-22 15:46 ` Auger Eric
0 siblings, 0 replies; 18+ messages in thread
From: Auger Eric @ 2019-07-22 15:46 UTC (permalink / raw)
To: Christoph Hellwig
Cc: eric.auger.pro, m.szyprowski, robin.murphy, mst, jasowang,
virtualization, iommu, linux-kernel
Hi Christoph,
On 7/22/19 5:26 PM, Christoph Hellwig wrote:
>> static inline bool dma_addressing_limited(struct device *dev)
>> {
>> - return min_not_zero(*dev->dma_mask, dev->bus_dma_mask) <
>> - dma_get_required_mask(dev);
>> + return WARN_ON_ONCE(!dev->dma_mask) ? false :
>> + min_not_zero(*dev->dma_mask, dev->bus_dma_mask) <
>> + dma_get_required_mask(dev);
>
> This should really use a separate if statement, but I can fix that
> up when applying it.
>
Just wondering why we don't use the dma_get_mask() accessor which
returns DMA_BIT_MASK(32) in case the dma_mask is not set.
Do you foresee any issue and would it still mandate to add dma_mask
checks on each call sites?
Thanks
Eric
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH 2/2] virtio/virtio_ring: Fix the dma_max_mapping_size call
2019-07-22 15:33 ` Michael S. Tsirkin
@ 2019-07-23 15:38 ` Christoph Hellwig
2019-07-23 15:47 ` Michael S. Tsirkin
0 siblings, 1 reply; 18+ messages in thread
From: Christoph Hellwig @ 2019-07-23 15:38 UTC (permalink / raw)
To: Michael S. Tsirkin
Cc: Eric Auger, eric.auger.pro, hch, m.szyprowski, robin.murphy,
jasowang, virtualization, iommu, linux-kernel
On Mon, Jul 22, 2019 at 11:33:35AM -0400, Michael S. Tsirkin wrote:
> On Mon, Jul 22, 2019 at 04:55:09PM +0200, Eric Auger wrote:
> > Do not call dma_max_mapping_size for devices that have no DMA
> > mask set, otherwise we can hit a NULL pointer dereference.
> >
> > This occurs when a virtio-blk-pci device is protected with
> > a virtual IOMMU.
> >
> > Fixes: e6d6dd6c875e ("virtio: Introduce virtio_max_dma_size()")
> > Signed-off-by: Eric Auger <eric.auger@redhat.com>
> > Suggested-by: Christoph Hellwig <hch@lst.de>
>
> Christoph, I wonder why did you suggest this?
> The connection between dma_mask and dma_max_mapping_size
> is far from obvious. The documentation doesn't exist.
> Do we really have to teach all users about this hack?
> Why not just make dma_max_mapping_size DTRT?
Because we should not call into dma API functions for devices that
are not DMA capable.
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH 2/2] virtio/virtio_ring: Fix the dma_max_mapping_size call
2019-07-22 15:36 ` Robin Murphy
2019-07-22 15:45 ` Michael S. Tsirkin
@ 2019-07-23 15:38 ` Christoph Hellwig
2019-07-24 22:10 ` Michael S. Tsirkin
2019-07-25 11:53 ` Auger Eric
1 sibling, 2 replies; 18+ messages in thread
From: Christoph Hellwig @ 2019-07-23 15:38 UTC (permalink / raw)
To: Robin Murphy
Cc: Eric Auger, eric.auger.pro, hch, m.szyprowski, mst, jasowang,
virtualization, iommu, linux-kernel
On Mon, Jul 22, 2019 at 04:36:09PM +0100, Robin Murphy wrote:
>> diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c
>> index c8be1c4f5b55..37c143971211 100644
>> --- a/drivers/virtio/virtio_ring.c
>> +++ b/drivers/virtio/virtio_ring.c
>> @@ -262,7 +262,7 @@ size_t virtio_max_dma_size(struct virtio_device *vdev)
>> {
>> size_t max_segment_size = SIZE_MAX;
>> - if (vring_use_dma_api(vdev))
>> + if (vring_use_dma_api(vdev) && vdev->dev.dma_mask)
>
> Hmm, might it make sense to roll that check up into vring_use_dma_api()
> itself? After all, if the device has no mask then it's likely that other
> DMA API ops wouldn't really work as expected either.
Makes sense to me.
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH 2/2] virtio/virtio_ring: Fix the dma_max_mapping_size call
2019-07-23 15:38 ` Christoph Hellwig
@ 2019-07-23 15:47 ` Michael S. Tsirkin
0 siblings, 0 replies; 18+ messages in thread
From: Michael S. Tsirkin @ 2019-07-23 15:47 UTC (permalink / raw)
To: Christoph Hellwig
Cc: Eric Auger, eric.auger.pro, m.szyprowski, robin.murphy, jasowang,
virtualization, iommu, linux-kernel
On Tue, Jul 23, 2019 at 05:38:30PM +0200, Christoph Hellwig wrote:
> On Mon, Jul 22, 2019 at 11:33:35AM -0400, Michael S. Tsirkin wrote:
> > On Mon, Jul 22, 2019 at 04:55:09PM +0200, Eric Auger wrote:
> > > Do not call dma_max_mapping_size for devices that have no DMA
> > > mask set, otherwise we can hit a NULL pointer dereference.
> > >
> > > This occurs when a virtio-blk-pci device is protected with
> > > a virtual IOMMU.
> > >
> > > Fixes: e6d6dd6c875e ("virtio: Introduce virtio_max_dma_size()")
> > > Signed-off-by: Eric Auger <eric.auger@redhat.com>
> > > Suggested-by: Christoph Hellwig <hch@lst.de>
> >
> > Christoph, I wonder why did you suggest this?
> > The connection between dma_mask and dma_max_mapping_size
> > is far from obvious. The documentation doesn't exist.
> > Do we really have to teach all users about this hack?
> > Why not just make dma_max_mapping_size DTRT?
>
> Because we should not call into dma API functions for devices that
> are not DMA capable.
I'd rather call is_device_dma_capable then, better than poking
at DMA internals.
--
MST
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH 2/2] virtio/virtio_ring: Fix the dma_max_mapping_size call
2019-07-23 15:38 ` Christoph Hellwig
@ 2019-07-24 22:10 ` Michael S. Tsirkin
2019-07-25 5:25 ` Christoph Hellwig
2019-07-25 11:53 ` Auger Eric
1 sibling, 1 reply; 18+ messages in thread
From: Michael S. Tsirkin @ 2019-07-24 22:10 UTC (permalink / raw)
To: Christoph Hellwig
Cc: Robin Murphy, Eric Auger, eric.auger.pro, m.szyprowski, jasowang,
virtualization, iommu, linux-kernel
On Tue, Jul 23, 2019 at 05:38:51PM +0200, Christoph Hellwig wrote:
> On Mon, Jul 22, 2019 at 04:36:09PM +0100, Robin Murphy wrote:
> >> diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c
> >> index c8be1c4f5b55..37c143971211 100644
> >> --- a/drivers/virtio/virtio_ring.c
> >> +++ b/drivers/virtio/virtio_ring.c
> >> @@ -262,7 +262,7 @@ size_t virtio_max_dma_size(struct virtio_device *vdev)
> >> {
> >> size_t max_segment_size = SIZE_MAX;
> >> - if (vring_use_dma_api(vdev))
> >> + if (vring_use_dma_api(vdev) && vdev->dev.dma_mask)
> >
> > Hmm, might it make sense to roll that check up into vring_use_dma_api()
> > itself? After all, if the device has no mask then it's likely that other
> > DMA API ops wouldn't really work as expected either.
>
> Makes sense to me.
Christoph - would a documented API wrapping dma_mask make sense?
With the documentation explaining how users must
desist from using DMA APIs if that returns false ...
--
MST
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH 2/2] virtio/virtio_ring: Fix the dma_max_mapping_size call
2019-07-24 22:10 ` Michael S. Tsirkin
@ 2019-07-25 5:25 ` Christoph Hellwig
0 siblings, 0 replies; 18+ messages in thread
From: Christoph Hellwig @ 2019-07-25 5:25 UTC (permalink / raw)
To: Michael S. Tsirkin
Cc: Christoph Hellwig, Robin Murphy, Eric Auger, eric.auger.pro,
m.szyprowski, jasowang, virtualization, iommu, linux-kernel
On Wed, Jul 24, 2019 at 06:10:53PM -0400, Michael S. Tsirkin wrote:
> Christoph - would a documented API wrapping dma_mask make sense?
> With the documentation explaining how users must
> desist from using DMA APIs if that returns false ...
We have some bigger changes in this are planned, including turning
dma_mask into a scalar instead of a pointer, please stay tuned.
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH 2/2] virtio/virtio_ring: Fix the dma_max_mapping_size call
2019-07-23 15:38 ` Christoph Hellwig
2019-07-24 22:10 ` Michael S. Tsirkin
@ 2019-07-25 11:53 ` Auger Eric
2019-07-25 13:04 ` Christoph Hellwig
1 sibling, 1 reply; 18+ messages in thread
From: Auger Eric @ 2019-07-25 11:53 UTC (permalink / raw)
To: Christoph Hellwig, Robin Murphy
Cc: eric.auger.pro, m.szyprowski, mst, jasowang, virtualization,
iommu, linux-kernel
Hi,
On 7/23/19 5:38 PM, Christoph Hellwig wrote:
> On Mon, Jul 22, 2019 at 04:36:09PM +0100, Robin Murphy wrote:
>>> diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c
>>> index c8be1c4f5b55..37c143971211 100644
>>> --- a/drivers/virtio/virtio_ring.c
>>> +++ b/drivers/virtio/virtio_ring.c
>>> @@ -262,7 +262,7 @@ size_t virtio_max_dma_size(struct virtio_device *vdev)
>>> {
>>> size_t max_segment_size = SIZE_MAX;
>>> - if (vring_use_dma_api(vdev))
>>> + if (vring_use_dma_api(vdev) && vdev->dev.dma_mask)
>>
>> Hmm, might it make sense to roll that check up into vring_use_dma_api()
>> itself? After all, if the device has no mask then it's likely that other
>> DMA API ops wouldn't really work as expected either.
>
> Makes sense to me.
>
I am confused: if vring_use_dma_api() returns false if the dma_mask is
unset (ie. vring_use_dma_api() returns false), the virtio-blk-pci device
will not be able to get translated addresses and won't work properly.
The patch above allows the dma api to be used and only influences the
max_segment_size and it works properly.
So is it normal the dma_mask is unset in my case?
Thanks
Eric
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH 2/2] virtio/virtio_ring: Fix the dma_max_mapping_size call
2019-07-25 11:53 ` Auger Eric
@ 2019-07-25 13:04 ` Christoph Hellwig
2019-07-25 16:32 ` Auger Eric
0 siblings, 1 reply; 18+ messages in thread
From: Christoph Hellwig @ 2019-07-25 13:04 UTC (permalink / raw)
To: Auger Eric
Cc: Christoph Hellwig, Robin Murphy, eric.auger.pro, m.szyprowski,
mst, jasowang, virtualization, iommu, linux-kernel
On Thu, Jul 25, 2019 at 01:53:49PM +0200, Auger Eric wrote:
> I am confused: if vring_use_dma_api() returns false if the dma_mask is
> unset (ie. vring_use_dma_api() returns false), the virtio-blk-pci device
> will not be able to get translated addresses and won't work properly.
>
> The patch above allows the dma api to be used and only influences the
> max_segment_size and it works properly.
>
> So is it normal the dma_mask is unset in my case?
Its not normal. I assume you use virtio-nmio? Due to the mess with
the dma_mask being a pointer a lot of subsystems forgot to set a dma
mask up, and oddly enough seem to mostly get away with it.
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH 2/2] virtio/virtio_ring: Fix the dma_max_mapping_size call
2019-07-25 13:04 ` Christoph Hellwig
@ 2019-07-25 16:32 ` Auger Eric
0 siblings, 0 replies; 18+ messages in thread
From: Auger Eric @ 2019-07-25 16:32 UTC (permalink / raw)
To: Christoph Hellwig
Cc: Robin Murphy, eric.auger.pro, m.szyprowski, mst, jasowang,
virtualization, iommu, linux-kernel
Hi Christoph, Michael,
On 7/25/19 3:04 PM, Christoph Hellwig wrote:
> On Thu, Jul 25, 2019 at 01:53:49PM +0200, Auger Eric wrote:
>> I am confused: if vring_use_dma_api() returns false if the dma_mask is
>> unset (ie. vring_use_dma_api() returns false), the virtio-blk-pci device
>> will not be able to get translated addresses and won't work properly.
>>
>> The patch above allows the dma api to be used and only influences the
>> max_segment_size and it works properly.
>>
>> So is it normal the dma_mask is unset in my case?
>
> Its not normal. I assume you use virtio-nmio? Due to the mess with
> the dma_mask being a pointer a lot of subsystems forgot to set a dma
> mask up, and oddly enough seem to mostly get away with it.
>
No the issue is encountered with virtio-blk-pci
I think the problem is virtio_max_dma_size() is called from
virtblk_probe (virtio_blk.c) on the virtio<n> device and not the actual
virtio_pci_device which has a dma_mask set. I don't think the virtio<n>
device ever has a dma_mask set.
We do not hit the guest crash on the virtio-net-pci device as the
virtio-net driver does not call virtio_max_dma_size() on the virtio<n>
device.
Does fd1068e1860e ("virtio-blk: Consider virtio_max_dma_size() for
maximum segment size") call virtio_max_dma_size() on the right device?
Thanks
Eric
^ permalink raw reply [flat|nested] 18+ messages in thread
end of thread, other threads:[~2019-07-25 16:32 UTC | newest]
Thread overview: 18+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-07-22 14:55 [PATCH 0/2] Fix NULL pointer dereference with virtio-blk-pci and virtual IOMMU Eric Auger
2019-07-22 14:55 ` [PATCH 1/2] dma-mapping: Protect dma_addressing_limited against NULL dma_mask Eric Auger
2019-07-22 15:26 ` Christoph Hellwig
2019-07-22 15:46 ` Auger Eric
2019-07-22 14:55 ` [PATCH 2/2] virtio/virtio_ring: Fix the dma_max_mapping_size call Eric Auger
2019-07-22 15:27 ` Christoph Hellwig
2019-07-22 15:39 ` Michael S. Tsirkin
2019-07-22 15:33 ` Michael S. Tsirkin
2019-07-23 15:38 ` Christoph Hellwig
2019-07-23 15:47 ` Michael S. Tsirkin
2019-07-22 15:36 ` Robin Murphy
2019-07-22 15:45 ` Michael S. Tsirkin
2019-07-23 15:38 ` Christoph Hellwig
2019-07-24 22:10 ` Michael S. Tsirkin
2019-07-25 5:25 ` Christoph Hellwig
2019-07-25 11:53 ` Auger Eric
2019-07-25 13:04 ` Christoph Hellwig
2019-07-25 16:32 ` Auger Eric
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).