From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 58180E7D0A7 for ; Thu, 21 Sep 2023 20:00:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230232AbjIUUAz (ORCPT ); Thu, 21 Sep 2023 16:00:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47570 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231511AbjIUUA2 (ORCPT ); Thu, 21 Sep 2023 16:00:28 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3946658C07 for ; Thu, 21 Sep 2023 10:19:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1695316773; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=mYFUdBslfSemlERse4Us5f4NKymG/+Lupcjrt0UUg2s=; b=Hn26/kUwVxoEIfM2R98owlgqEQVRfgNSjsastGbCD6CaNLdWGvs0dbPhDW7PvYwZbFHJoF Fjo0Cbta/E5pN0IZlzxxRCAr9eAsgxjk1hfkqAHLazWvJlUEv2q9MsrlDNOnWEEwuhuARu 37mKLPiFGGDX7TYqps/0rnksrPKTIdQ= Received: from mail-ej1-f71.google.com (mail-ej1-f71.google.com [209.85.218.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-504-z-doGtHoPBqqdIlrrRd-HQ-1; Thu, 21 Sep 2023 10:03:09 -0400 X-MC-Unique: z-doGtHoPBqqdIlrrRd-HQ-1 Received: by mail-ej1-f71.google.com with SMTP id a640c23a62f3a-9ae686dafedso46169166b.3 for ; Thu, 21 Sep 2023 07:03:01 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1695304980; x=1695909780; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=mYFUdBslfSemlERse4Us5f4NKymG/+Lupcjrt0UUg2s=; b=NRaRR8L/5Cby/q+9bQKDYNOfsZIW41/mjuNJA1upCP7FcTkVxra4Q6Zg+g13WkEIDL ucUAqg9fTh1KKjH3Mwlg5Lo6qOPQRzRaWbGs9tVYJZr3fhHIpDZzCPhLQgiqRf8CCt5W qbfJtOsgWwIYX1KY7m4dWX5ZtSHCGCBL7ovuc6XD/Uj83D+p/IoH90HUocqi1rAojfU+ XtobiyLezArxyOZw6639y1BK+mJcqfj07Tk761CgxcpySz2mmQueEIlVXycJ65Jsc3Um r9PNpbIoIlfgf7PDBXK9Xd++5Wub2/CLgGrbEyGFetoZer0mafxbORXngr5BbGZVJkRg N9Yw== X-Gm-Message-State: AOJu0YxmKGmCjOJZ6fikvoPBO3gu5c3P6ejnF1n6qQkTGGTXWtOCZJme yg8yFr+p7s/TXvk+nAvO/nC+PC07thGW4bM7tUIofynhBf7Z2YdknK4H80tRiQ6Gdxry0l+Mi3X visMC1KY4Zqmx555ibmIcEGlbqd5z9nLEMg== X-Received: by 2002:a17:906:13:b0:9a5:7e63:2e0 with SMTP id 19-20020a170906001300b009a57e6302e0mr5496762eja.30.1695304980532; Thu, 21 Sep 2023 07:03:00 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEGDrtu0JFw6590Ay/MhiYHIEI6g5Txx1wcLitr4s1+bWtmtSPAeMYJ5QGJ2kmybduZxOWLIA== X-Received: by 2002:a17:906:13:b0:9a5:7e63:2e0 with SMTP id 19-20020a170906001300b009a57e6302e0mr5496721eja.30.1695304980143; Thu, 21 Sep 2023 07:03:00 -0700 (PDT) Received: from redhat.com ([2.52.150.187]) by smtp.gmail.com with ESMTPSA id dt11-20020a170906b78b00b009ae482d70besm1079598ejb.134.2023.09.21.07.02.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Sep 2023 07:02:59 -0700 (PDT) Date: Thu, 21 Sep 2023 10:02:53 -0400 From: "Michael S. Tsirkin" To: Xuan Zhuo Cc: virtualization@lists.linux-foundation.org, Richard Weinberger , Anton Ivanov , Johannes Berg , Jason Wang , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Hans de Goede , Mark Gross , Vadim Pasternak , Bjorn Andersson , Mathieu Poirier , Cornelia Huck , Halil Pasic , Eric Farman , Heiko Carstens , Vasily Gorbik , Alexander Gordeev , Christian Borntraeger , Sven Schnelle , Alexei Starovoitov , Daniel Borkmann , Jesper Dangaard Brouer , John Fastabend , Vincent Whitchurch , linux-um@lists.infradead.org, netdev@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-remoteproc@vger.kernel.org, linux-s390@vger.kernel.org, kvm@vger.kernel.org, bpf@vger.kernel.org, kangjie.xu@linux.alibaba.com Subject: Re: [PATCH v14 30/42] virtio_pci: introduce helper to get/set queue reset Message-ID: <20230921100112-mutt-send-email-mst@kernel.org> References: <20220801063902.129329-1-xuanzhuo@linux.alibaba.com> <20220801063902.129329-31-xuanzhuo@linux.alibaba.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20220801063902.129329-31-xuanzhuo@linux.alibaba.com> Precedence: bulk List-ID: X-Mailing-List: platform-driver-x86@vger.kernel.org On Mon, Aug 01, 2022 at 02:38:50PM +0800, Xuan Zhuo wrote: > Introduce new helpers to implement queue reset and get queue reset > status. > > https://github.com/oasis-tcs/virtio-spec/issues/124 > https://github.com/oasis-tcs/virtio-spec/issues/139 > > Signed-off-by: Xuan Zhuo > Acked-by: Jason Wang > --- > drivers/virtio/virtio_pci_modern_dev.c | 39 ++++++++++++++++++++++++++ > include/linux/virtio_pci_modern.h | 2 ++ > 2 files changed, 41 insertions(+) > > diff --git a/drivers/virtio/virtio_pci_modern_dev.c b/drivers/virtio/virtio_pci_modern_dev.c > index fa2a9445bb18..869cb46bef96 100644 > --- a/drivers/virtio/virtio_pci_modern_dev.c > +++ b/drivers/virtio/virtio_pci_modern_dev.c > @@ -3,6 +3,7 @@ > #include > #include > #include > +#include > > /* > * vp_modern_map_capability - map a part of virtio pci capability > @@ -474,6 +475,44 @@ void vp_modern_set_status(struct virtio_pci_modern_device *mdev, > } > EXPORT_SYMBOL_GPL(vp_modern_set_status); > > +/* > + * vp_modern_get_queue_reset - get the queue reset status > + * @mdev: the modern virtio-pci device > + * @index: queue index > + */ > +int vp_modern_get_queue_reset(struct virtio_pci_modern_device *mdev, u16 index) > +{ > + struct virtio_pci_modern_common_cfg __iomem *cfg; > + > + cfg = (struct virtio_pci_modern_common_cfg __iomem *)mdev->common; > + > + vp_iowrite16(index, &cfg->cfg.queue_select); > + return vp_ioread16(&cfg->queue_reset); > +} > +EXPORT_SYMBOL_GPL(vp_modern_get_queue_reset); > + Actually, this does not validate that the config structure is big enough. So it can access some unrelated memory. Don't know whether that's exploitable e.g. for CoCo but not nice, anyway. Need to validate the size and disable reset if it's too small. > +/* > + * vp_modern_set_queue_reset - reset the queue > + * @mdev: the modern virtio-pci device > + * @index: queue index > + */ > +void vp_modern_set_queue_reset(struct virtio_pci_modern_device *mdev, u16 index) > +{ > + struct virtio_pci_modern_common_cfg __iomem *cfg; > + > + cfg = (struct virtio_pci_modern_common_cfg __iomem *)mdev->common; > + > + vp_iowrite16(index, &cfg->cfg.queue_select); > + vp_iowrite16(1, &cfg->queue_reset); > + > + while (vp_ioread16(&cfg->queue_reset)) > + msleep(1); > + > + while (vp_ioread16(&cfg->cfg.queue_enable)) > + msleep(1); > +} > +EXPORT_SYMBOL_GPL(vp_modern_set_queue_reset); > + > /* > * vp_modern_queue_vector - set the MSIX vector for a specific virtqueue > * @mdev: the modern virtio-pci device > diff --git a/include/linux/virtio_pci_modern.h b/include/linux/virtio_pci_modern.h > index 05123b9a606f..c4eeb79b0139 100644 > --- a/include/linux/virtio_pci_modern.h > +++ b/include/linux/virtio_pci_modern.h > @@ -113,4 +113,6 @@ void __iomem * vp_modern_map_vq_notify(struct virtio_pci_modern_device *mdev, > u16 index, resource_size_t *pa); > int vp_modern_probe(struct virtio_pci_modern_device *mdev); > void vp_modern_remove(struct virtio_pci_modern_device *mdev); > +int vp_modern_get_queue_reset(struct virtio_pci_modern_device *mdev, u16 index); > +void vp_modern_set_queue_reset(struct virtio_pci_modern_device *mdev, u16 index); > #endif > -- > 2.31.0