From: "Michael S. Tsirkin" <mst@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Peter Maydell" <peter.maydell@linaro.org>,
"Jason Wang" <jasowang@redhat.com>,
"Stefano Garzarella" <sgarzare@redhat.com>,
"Eugenio Pérez" <eperezma@redhat.com>
Subject: [PULL v2 18/44] vdpa: Check for iova range at mappings changes
Date: Wed, 20 Oct 2021 06:20:03 -0400 [thread overview]
Message-ID: <20211020101844.988480-19-mst@redhat.com> (raw)
In-Reply-To: <20211020101844.988480-1-mst@redhat.com>
From: Eugenio Pérez <eperezma@redhat.com>
Check vdpa device range before updating memory regions so we don't add
any outside of it, and report the invalid change if any.
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
Message-Id: <20211014141236.923287-4-eperezma@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
---
include/hw/virtio/vhost-vdpa.h | 2 ++
hw/virtio/vhost-vdpa.c | 62 ++++++++++++++++++++++++++--------
hw/virtio/trace-events | 1 +
3 files changed, 50 insertions(+), 15 deletions(-)
diff --git a/include/hw/virtio/vhost-vdpa.h b/include/hw/virtio/vhost-vdpa.h
index a8963da2d9..c288cf7ecb 100644
--- a/include/hw/virtio/vhost-vdpa.h
+++ b/include/hw/virtio/vhost-vdpa.h
@@ -13,6 +13,7 @@
#define HW_VIRTIO_VHOST_VDPA_H
#include "hw/virtio/virtio.h"
+#include "standard-headers/linux/vhost_types.h"
typedef struct VhostVDPAHostNotifier {
MemoryRegion mr;
@@ -24,6 +25,7 @@ typedef struct vhost_vdpa {
uint32_t msg_type;
bool iotlb_batch_begin_sent;
MemoryListener listener;
+ struct vhost_vdpa_iova_range iova_range;
struct vhost_dev *dev;
VhostVDPAHostNotifier notifier[VIRTIO_QUEUE_MAX];
} VhostVDPA;
diff --git a/hw/virtio/vhost-vdpa.c b/hw/virtio/vhost-vdpa.c
index be7c63b4ba..47c48f4ba8 100644
--- a/hw/virtio/vhost-vdpa.c
+++ b/hw/virtio/vhost-vdpa.c
@@ -37,20 +37,36 @@ static Int128 vhost_vdpa_section_end(const MemoryRegionSection *section)
return llend;
}
-static bool vhost_vdpa_listener_skipped_section(MemoryRegionSection *section)
+static bool vhost_vdpa_listener_skipped_section(MemoryRegionSection *section,
+ uint64_t iova_min,
+ uint64_t iova_max)
{
- return (!memory_region_is_ram(section->mr) &&
- !memory_region_is_iommu(section->mr)) ||
- memory_region_is_protected(section->mr) ||
- /* vhost-vDPA doesn't allow MMIO to be mapped */
- memory_region_is_ram_device(section->mr) ||
- /*
- * Sizing an enabled 64-bit BAR can cause spurious mappings to
- * addresses in the upper part of the 64-bit address space. These
- * are never accessed by the CPU and beyond the address width of
- * some IOMMU hardware. TODO: VDPA should tell us the IOMMU width.
- */
- section->offset_within_address_space & (1ULL << 63);
+ Int128 llend;
+
+ if ((!memory_region_is_ram(section->mr) &&
+ !memory_region_is_iommu(section->mr)) ||
+ memory_region_is_protected(section->mr) ||
+ /* vhost-vDPA doesn't allow MMIO to be mapped */
+ memory_region_is_ram_device(section->mr)) {
+ return true;
+ }
+
+ if (section->offset_within_address_space < iova_min) {
+ error_report("RAM section out of device range (min=0x%" PRIx64
+ ", addr=0x%" HWADDR_PRIx ")",
+ iova_min, section->offset_within_address_space);
+ return true;
+ }
+
+ llend = vhost_vdpa_section_end(section);
+ if (int128_gt(llend, int128_make64(iova_max))) {
+ error_report("RAM section out of device range (max=0x%" PRIx64
+ ", end addr=0x%" PRIx64 ")",
+ iova_max, int128_get64(llend));
+ return true;
+ }
+
+ return false;
}
static int vhost_vdpa_dma_map(struct vhost_vdpa *v, hwaddr iova, hwaddr size,
@@ -162,7 +178,8 @@ static void vhost_vdpa_listener_region_add(MemoryListener *listener,
void *vaddr;
int ret;
- if (vhost_vdpa_listener_skipped_section(section)) {
+ if (vhost_vdpa_listener_skipped_section(section, v->iova_range.first,
+ v->iova_range.last)) {
return;
}
@@ -220,7 +237,8 @@ static void vhost_vdpa_listener_region_del(MemoryListener *listener,
Int128 llend, llsize;
int ret;
- if (vhost_vdpa_listener_skipped_section(section)) {
+ if (vhost_vdpa_listener_skipped_section(section, v->iova_range.first,
+ v->iova_range.last)) {
return;
}
@@ -288,6 +306,19 @@ static void vhost_vdpa_add_status(struct vhost_dev *dev, uint8_t status)
vhost_vdpa_call(dev, VHOST_VDPA_SET_STATUS, &s);
}
+static void vhost_vdpa_get_iova_range(struct vhost_vdpa *v)
+{
+ int ret = vhost_vdpa_call(v->dev, VHOST_VDPA_GET_IOVA_RANGE,
+ &v->iova_range);
+ if (ret != 0) {
+ v->iova_range.first = 0;
+ v->iova_range.last = UINT64_MAX;
+ }
+
+ trace_vhost_vdpa_get_iova_range(v->dev, v->iova_range.first,
+ v->iova_range.last);
+}
+
static int vhost_vdpa_init(struct vhost_dev *dev, void *opaque, Error **errp)
{
struct vhost_vdpa *v;
@@ -300,6 +331,7 @@ static int vhost_vdpa_init(struct vhost_dev *dev, void *opaque, Error **errp)
v->listener = vhost_vdpa_memory_listener;
v->msg_type = VHOST_IOTLB_MSG_V2;
+ vhost_vdpa_get_iova_range(v);
vhost_vdpa_add_status(dev, VIRTIO_CONFIG_S_ACKNOWLEDGE |
VIRTIO_CONFIG_S_DRIVER);
diff --git a/hw/virtio/trace-events b/hw/virtio/trace-events
index 8ed19e9d0c..650e521e35 100644
--- a/hw/virtio/trace-events
+++ b/hw/virtio/trace-events
@@ -52,6 +52,7 @@ vhost_vdpa_set_vring_call(void *dev, unsigned int index, int fd) "dev: %p index:
vhost_vdpa_get_features(void *dev, uint64_t features) "dev: %p features: 0x%"PRIx64
vhost_vdpa_set_owner(void *dev) "dev: %p"
vhost_vdpa_vq_get_addr(void *dev, void *vq, uint64_t desc_user_addr, uint64_t avail_user_addr, uint64_t used_user_addr) "dev: %p vq: %p desc_user_addr: 0x%"PRIx64" avail_user_addr: 0x%"PRIx64" used_user_addr: 0x%"PRIx64
+vhost_vdpa_get_iova_range(void *dev, uint64_t first, uint64_t last) "dev: %p first: 0x%"PRIx64" last: 0x%"PRIx64
# virtio.c
virtqueue_alloc_element(void *elem, size_t sz, unsigned in_num, unsigned out_num) "elem %p size %zd in_num %u out_num %u"
--
MST
next prev parent reply other threads:[~2021-10-20 11:06 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-20 10:19 [PULL v2 00/44] pc,pci,virtio: features, fixes, tests Michael S. Tsirkin
2021-10-20 10:19 ` [PULL v2 01/44] tests: acpi: dump table with failed checksum Michael S. Tsirkin
2021-10-20 10:19 ` [PULL v2 02/44] tests: qtest: add qtest_has_accel() to check if tested binary supports accelerator Michael S. Tsirkin
2021-10-22 13:04 ` Jason Andryuk
2021-10-26 13:41 ` Igor Mammedov
2021-10-20 10:19 ` [PULL v2 03/44] tests: acpi: whitelist expected tables for acpi/q35/xapic testcase Michael S. Tsirkin
2021-10-20 10:19 ` [PULL v2 04/44] tests: acpi: q35: test for x2APIC entries in SRAT Michael S. Tsirkin
2021-10-20 10:19 ` [PULL v2 05/44] tests: acpi: update expected tables blobs Michael S. Tsirkin
2021-10-20 10:19 ` [PULL v2 06/44] tests: acpi: whitelist new expected table tests/data/acpi/q35/DMAR.dmar Michael S. Tsirkin
2021-10-20 10:19 ` [PULL v2 07/44] tests: acpi: add testcase for intel_iommu (DMAR table) Michael S. Tsirkin
2021-10-20 10:19 ` [PULL v2 08/44] tests: acpi: add expected blob for DMAR table Michael S. Tsirkin
2021-10-20 10:19 ` [PULL v2 09/44] tests: acpi: whitelist expected blobs for new acpi/q35/ivrs testcase Michael S. Tsirkin
2021-10-20 10:19 ` [PULL v2 10/44] tests: acpi: add testcase for amd-iommu (IVRS table) Michael S. Tsirkin
2021-10-20 10:19 ` [PULL v2 11/44] tests: acpi: update expected blobs Michael S. Tsirkin
2021-10-20 10:19 ` [PULL v2 12/44] tests: acpi: arm/virt: drop redundant test_acpi_one() in test_acpi_virt_tcg() Michael S. Tsirkin
2021-10-20 10:19 ` [PULL v2 13/44] tests: arm-cpu-features: use qtest_has_kvm() API Michael S. Tsirkin
2021-10-20 10:19 ` [PULL v2 14/44] tests: migration-test: use qtest_has_accel() API Michael S. Tsirkin
2021-10-20 10:19 ` [PULL v2 15/44] tests: bios-tables-test: use qtest_has_accel() API to register TCG only tests Michael S. Tsirkin
2021-10-20 10:19 ` [PULL v2 16/44] vdpa: Skip protected ram IOMMU mappings Michael S. Tsirkin
2021-10-20 10:19 ` [PULL v2 17/44] vdpa: Add vhost_vdpa_section_end Michael S. Tsirkin
2021-10-20 10:20 ` Michael S. Tsirkin [this message]
2021-10-20 10:20 ` [PULL v2 19/44] virtio-iommu: Remove the non transitional name Michael S. Tsirkin
2021-10-20 10:20 ` [PULL v2 20/44] virtio-iommu: Drop base_name and change generic_name Michael S. Tsirkin
2021-10-20 10:20 ` [PULL v2 21/44] libvhost-user: fix VHOST_USER_REM_MEM_REG skipping mmap_addr Michael S. Tsirkin
2021-10-20 10:20 ` [PULL v2 22/44] vhost-user-rng: Add vhost-user-rng implementation Michael S. Tsirkin
2021-10-20 10:20 ` [PULL v2 23/44] vhost-user-rng-pci: Add vhost-user-rng-pci implementation Michael S. Tsirkin
2021-10-20 10:20 ` [PULL v2 24/44] docs: Add documentation for vhost based RNG implementation Michael S. Tsirkin
2021-10-20 10:20 ` [PULL v2 25/44] vhost-user: fix duplicated notifier MR init Michael S. Tsirkin
2021-10-20 10:20 ` [PULL v2 26/44] failover: fix a regression introduced by JSON'ification of -device Michael S. Tsirkin
2021-10-20 10:20 ` [PULL v2 27/44] vhost-user-blk-test: pass vhost-user socket fds to QSD Michael S. Tsirkin
2021-10-20 10:20 ` [PULL v2 28/44] qdev/qbus: remove failover specific code Michael S. Tsirkin
2021-10-20 10:20 ` [PULL v2 29/44] rebuild-expected-aml.sh: allow partial target list Michael S. Tsirkin
2021-10-20 10:20 ` [PULL v2 30/44] bios-tables-test: don't disassemble empty files Michael S. Tsirkin
2021-10-20 10:20 ` [PULL v2 31/44] vhost-vdpa: open device fd in net_init_vhost_vdpa() Michael S. Tsirkin
2021-10-20 10:20 ` [PULL v2 32/44] vhost-vdpa: classify one time request Michael S. Tsirkin
2021-10-20 10:20 ` [PULL v2 33/44] vhost-vdpa: prepare for the multiqueue support Michael S. Tsirkin
2021-10-20 10:20 ` [PULL v2 34/44] vhost-vdpa: let net_vhost_vdpa_init() returns NetClientState * Michael S. Tsirkin
2021-10-20 10:20 ` [PULL v2 35/44] net: introduce control client Michael S. Tsirkin
2021-10-20 10:20 ` [PULL v2 36/44] vhost-net: control virtqueue support Michael S. Tsirkin
2021-10-20 10:20 ` [PULL v2 37/44] virtio-net: use "queue_pairs" instead of "queues" when possible Michael S. Tsirkin
2021-10-20 10:20 ` [PULL v2 38/44] vhost: record the last virtqueue index for the virtio device Michael S. Tsirkin
2021-10-20 10:21 ` [PULL v2 39/44] virtio-net: vhost control virtqueue support Michael S. Tsirkin
2021-10-20 10:21 ` [PULL v2 40/44] vhost-vdpa: multiqueue support Michael S. Tsirkin
2021-10-20 10:21 ` [PULL v2 41/44] pci: fix PCI resource reserve capability on BE Michael S. Tsirkin
2021-10-20 10:21 ` [PULL v2 42/44] tests/acpi/bios-tables-test: add and allow changes to a new q35 DSDT table blob Michael S. Tsirkin
2021-10-20 10:21 ` [PULL v2 43/44] tests/acpi/pcihp: add unit tests for hotplug on multifunction bridges for q35 Michael S. Tsirkin
2021-10-20 10:21 ` [PULL v2 44/44] tests/acpi/bios-tables-test: update DSDT blob for multifunction bridge test Michael S. Tsirkin
2021-10-20 17:56 ` [PULL v2 00/44] pc,pci,virtio: features, fixes, tests Richard Henderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211020101844.988480-19-mst@redhat.com \
--to=mst@redhat.com \
--cc=eperezma@redhat.com \
--cc=jasowang@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=sgarzare@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).