From: Stefan Hajnoczi <stefanha@redhat.com>
To: elena.ufimtseva@oracle.com
Cc: fam@euphon.net, john.g.johnson@oracle.com,
swapnil.ingle@nutanix.com, mst@redhat.com, qemu-devel@nongnu.org,
kraxel@redhat.com, jag.raman@oracle.com, quintela@redhat.com,
armbru@redhat.com, kanth.ghatraju@oracle.com, felipe@nutanix.com,
thuth@redhat.com, ehabkost@redhat.com, konrad.wilk@oracle.com,
dgilbert@redhat.com, liran.alon@oracle.com,
thanos.makatos@nutanix.com, rth@twiddle.net, kwolf@redhat.com,
berrange@redhat.com, mreitz@redhat.com,
ross.lagerwall@citrix.com, marcandre.lureau@gmail.com,
pbonzini@redhat.com
Subject: Re: [PATCH v7 12/21] multi-process: Connect Proxy Object with device in the remote process
Date: Wed, 1 Jul 2020 10:20:43 +0100 [thread overview]
Message-ID: <20200701092043.GE126613@stefanha-x1.localdomain> (raw)
In-Reply-To: <20f42fce1b701586a23c9abdb3b53d080845e94a.1593273671.git.elena.ufimtseva@oracle.com>
[-- Attachment #1: Type: text/plain, Size: 3637 bytes --]
On Sat, Jun 27, 2020 at 10:09:34AM -0700, elena.ufimtseva@oracle.com wrote:
> From: Jagannathan Raman <jag.raman@oracle.com>
>
> Send a message to the remote process to connect PCI device with the
> corresponding Proxy object in QEMU
I thought the protocol was simplified to a 1:1 device:socket model, but
this patch seems to implement an N:1 model?
In a 1:1 model the CONNECT_DEV message is not necessary because each
socket is already associated with a specific remote device (e.g. qemu -M
remote -object mplink,dev=lsi-scsi-1,sockpath=/tmp/lsi-scsi-1.sock).
Connecting to the socket already indicates which device we are talking
to.
The N:1 model will work but it's more complex. There is a main socket
that is used for CONNECT_DEV (anything else?) and we need to worry about
the lifecycle of the per-device sockets that are passed over the main
socket.
> @@ -50,3 +58,34 @@ gboolean mpqemu_process_msg(QIOChannel *ioc, GIOCondition cond,
>
> return TRUE;
> }
> +
> +static void process_connect_dev_msg(MPQemuMsg *msg, QIOChannel *com,
> + Error **errp)
> +{
> + char *devid = (char *)msg->data2;
> + QIOChannel *dioc = NULL;
> + DeviceState *dev = NULL;
> + MPQemuMsg ret = { 0 };
> + int rc = 0;
> +
> + g_assert(devid && (devid[msg->size - 1] == '\0'));
Asserts are not suitable for external input validation since a failure
aborts the program and lets the client cause a denial-of-service. When
there are multiple clients, one misbehaved client shouldn't be able to
kill the server. Please validate devid using an if statement and set
errp on failure.
Can msg->size be 0? If yes, this code accesses before the beginning of
the buffer.
> +
> + dev = qdev_find_recursive(sysbus_get_default(), devid);
> + if (!dev || !object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
> + rc = 0xff;
> + goto exit;
> + }
> +
> + dioc = qio_channel_new_fd(msg->fds[0], errp);
Missing error handling if qio_channel_new_fd() fails. We need to
close(msg->fds[0]) ourselves in this case.
> +
> + qio_channel_add_watch(dioc, G_IO_IN | G_IO_HUP, mpqemu_process_msg,
> + (void *)dev, NULL);
> +
> +exit:
> + ret.cmd = RET_MSG;
> + ret.bytestream = 0;
> + ret.data1.u64 = rc;
> + ret.size = sizeof(ret.data1);
> +
> + mpqemu_msg_send(&ret, com);
> +}
> diff --git a/hw/pci/proxy.c b/hw/pci/proxy.c
> index 6d62399c52..16649ed0ec 100644
> --- a/hw/pci/proxy.c
> +++ b/hw/pci/proxy.c
> @@ -15,10 +15,38 @@
> #include "io/channel-util.h"
> #include "hw/qdev-properties.h"
> #include "monitor/monitor.h"
> +#include "io/mpqemu-link.h"
>
> static void proxy_set_socket(PCIProxyDev *pdev, int fd, Error **errp)
> {
> + DeviceState *dev = DEVICE(pdev);
> + MPQemuMsg msg = { 0 };
> + int fds[2];
> + Error *local_err = NULL;
> +
> pdev->com = qio_channel_new_fd(fd, errp);
> +
> + if (socketpair(AF_UNIX, SOCK_STREAM, 0, fds)) {
> + error_setg(errp, "Failed to create proxy channel with fd %d", fd);
> + return;
pdev->com needs to be cleaned up.
> diff --git a/io/mpqemu-link.c b/io/mpqemu-link.c
> index 5887c8c6c0..54df3b254e 100644
> --- a/io/mpqemu-link.c
> +++ b/io/mpqemu-link.c
> @@ -234,6 +234,14 @@ bool mpqemu_msg_valid(MPQemuMsg *msg)
> return false;
> }
> break;
> + case CONNECT_DEV:
> + if ((msg->num_fds != 1) ||
> + (msg->fds[0] == -1) ||
> + (msg->fds[0] == -1) ||
This line is duplicated.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
next prev parent reply other threads:[~2020-07-01 9:21 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-27 17:09 [PATCH v7 00/21] Initial support for multi-process qemu elena.ufimtseva
2020-06-27 17:09 ` [PATCH v7 01/21] memory: alloc RAM from file at offset elena.ufimtseva
2020-06-30 14:59 ` Stefan Hajnoczi
2020-06-27 17:09 ` [PATCH v7 02/21] multi-process: Add config option for multi-process QEMU elena.ufimtseva
2020-06-30 14:57 ` Stefan Hajnoczi
2020-06-27 17:09 ` [PATCH v7 03/21] multi-process: setup PCI host bridge for remote device elena.ufimtseva
2020-06-30 15:17 ` Stefan Hajnoczi
2020-07-09 14:23 ` Jag Raman
2020-06-27 17:09 ` [PATCH v7 04/21] multi-process: setup a machine object for remote device process elena.ufimtseva
2020-06-30 15:26 ` Stefan Hajnoczi
2020-06-27 17:09 ` [PATCH v7 05/21] multi-process: add qio channel function to transmit elena.ufimtseva
2020-06-30 15:29 ` Stefan Hajnoczi
2020-06-27 17:09 ` [PATCH v7 06/21] multi-process: define MPQemuMsg format and transmission functions elena.ufimtseva
2020-06-30 15:53 ` Stefan Hajnoczi
2020-06-27 17:09 ` [PATCH v7 07/21] multi-process: add co-routines to communicate with remote elena.ufimtseva
2020-06-30 18:31 ` Stefan Hajnoczi
2020-06-27 17:09 ` [PATCH v7 08/21] multi-process: Initialize communication channel at the remote end elena.ufimtseva
2020-07-01 6:44 ` Stefan Hajnoczi
2020-06-27 17:09 ` [PATCH v7 09/21] multi-process: Initialize message handler in remote device elena.ufimtseva
2020-07-01 6:53 ` Stefan Hajnoczi
2020-06-27 17:09 ` [PATCH v7 10/21] multi-process: setup memory manager for " elena.ufimtseva
2020-07-01 7:58 ` Stefan Hajnoczi
2020-06-27 17:09 ` [PATCH v7 11/21] multi-process: introduce proxy object elena.ufimtseva
2020-07-01 8:58 ` Stefan Hajnoczi
2020-06-27 17:09 ` [PATCH v7 12/21] multi-process: Connect Proxy Object with device in the remote process elena.ufimtseva
2020-07-01 9:20 ` Stefan Hajnoczi [this message]
2020-07-24 16:57 ` Jag Raman
2020-07-27 13:18 ` Stefan Hajnoczi
2020-07-27 13:22 ` Michael S. Tsirkin
2020-07-31 18:31 ` Jag Raman
2020-06-27 17:09 ` [PATCH v7 13/21] multi-process: Forward PCI config space acceses to " elena.ufimtseva
2020-07-01 9:40 ` Stefan Hajnoczi
2020-06-27 17:09 ` [PATCH v7 14/21] multi-process: PCI BAR read/write handling for proxy & remote endpoints elena.ufimtseva
2020-07-01 10:41 ` Stefan Hajnoczi
2020-06-27 17:09 ` [PATCH v7 15/21] multi-process: Synchronize remote memory elena.ufimtseva
2020-07-01 10:55 ` Stefan Hajnoczi
2020-06-27 17:09 ` [PATCH v7 16/21] multi-process: create IOHUB object to handle irq elena.ufimtseva
2020-07-02 12:09 ` Stefan Hajnoczi
2020-06-27 17:09 ` [PATCH v7 17/21] multi-process: Retrieve PCI info from remote process elena.ufimtseva
2020-07-02 12:59 ` Stefan Hajnoczi
2020-06-27 17:09 ` [PATCH v7 18/21] multi-process: heartbeat messages to remote elena.ufimtseva
2020-07-02 13:16 ` Stefan Hajnoczi
2020-06-27 17:09 ` [PATCH v7 19/21] multi-process: perform device reset in the remote process elena.ufimtseva
2020-07-02 13:19 ` Stefan Hajnoczi
2020-06-27 17:09 ` [PATCH v7 20/21] multi-process: add the concept description to docs/devel/qemu-multiprocess elena.ufimtseva
2020-07-02 13:31 ` Stefan Hajnoczi
2020-06-27 17:09 ` [PATCH v7 21/21] multi-process: add configure and usage information elena.ufimtseva
2020-07-02 13:26 ` Stefan Hajnoczi
2020-07-02 13:40 ` [PATCH v7 00/21] Initial support for multi-process qemu Stefan Hajnoczi
2020-07-09 14:16 ` Jag Raman
2020-07-13 11:21 ` Stefan Hajnoczi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200701092043.GE126613@stefanha-x1.localdomain \
--to=stefanha@redhat.com \
--cc=armbru@redhat.com \
--cc=berrange@redhat.com \
--cc=dgilbert@redhat.com \
--cc=ehabkost@redhat.com \
--cc=elena.ufimtseva@oracle.com \
--cc=fam@euphon.net \
--cc=felipe@nutanix.com \
--cc=jag.raman@oracle.com \
--cc=john.g.johnson@oracle.com \
--cc=kanth.ghatraju@oracle.com \
--cc=konrad.wilk@oracle.com \
--cc=kraxel@redhat.com \
--cc=kwolf@redhat.com \
--cc=liran.alon@oracle.com \
--cc=marcandre.lureau@gmail.com \
--cc=mreitz@redhat.com \
--cc=mst@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=quintela@redhat.com \
--cc=ross.lagerwall@citrix.com \
--cc=rth@twiddle.net \
--cc=swapnil.ingle@nutanix.com \
--cc=thanos.makatos@nutanix.com \
--cc=thuth@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).