From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id A0C33A0524; Fri, 31 Jan 2020 15:46:38 +0100 (CET) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 5EE421C0CD; Fri, 31 Jan 2020 15:46:37 +0100 (CET) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by dpdk.org (Postfix) with ESMTP id 90FC51C0CC for ; Fri, 31 Jan 2020 15:46:36 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1580481996; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:autocrypt:autocrypt; bh=mvWgqGDpzp22iuTF9Cedr5mV0nbrVhJiYnW8wxZA/9s=; b=XeUQf5FMJcfapwCus54ycX/cRCRHQebtEZz1V6ts9iXGe/xFQgi9jyQkrTP02Kty7XCyyN z7aaZLdJMCtBlh/7zmyIFGTVqiOLtxMtaZnikAQa23v6KuRsAwu62lF2bAKY2mydDHO3Ja w/cwxt9QmIyWwQWCqCV5bUO3EwTThu8= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-273-jNhFBFcfM0el5fAQpc5m3g-1; Fri, 31 Jan 2020 09:46:33 -0500 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id CF064800D5B; Fri, 31 Jan 2020 14:46:32 +0000 (UTC) Received: from [10.36.112.51] (ovpn-112-51.ams2.redhat.com [10.36.112.51]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2EF855C54A; Fri, 31 Jan 2020 14:46:30 +0000 (UTC) To: Matan Azrad , "dev@dpdk.org" , Slava Ovsiienko References: <1579539790-3882-1-git-send-email-matan@mellanox.com> <1580292549-27439-1-git-send-email-matan@mellanox.com> <1580292549-27439-7-git-send-email-matan@mellanox.com> <2bdf2495-6d48-9d03-aa6a-a8a40507a020@redhat.com> From: Maxime Coquelin Autocrypt: addr=maxime.coquelin@redhat.com; keydata= mQINBFOEQQIBEADjNLYZZqghYuWv1nlLisptPJp+TSxE/KuP7x47e1Gr5/oMDJ1OKNG8rlNg kLgBQUki3voWhUbMb69ybqdMUHOl21DGCj0BTU3lXwapYXOAnsh8q6RRM+deUpasyT+Jvf3a gU35dgZcomRh5HPmKMU4KfeA38cVUebsFec1HuJAWzOb/UdtQkYyZR4rbzw8SbsOemtMtwOx YdXodneQD7KuRU9IhJKiEfipwqk2pufm2VSGl570l5ANyWMA/XADNhcEXhpkZ1Iwj3TWO7XR uH4xfvPl8nBsLo/EbEI7fbuUULcAnHfowQslPUm6/yaGv6cT5160SPXT1t8U9QDO6aTSo59N jH519JS8oeKZB1n1eLDslCfBpIpWkW8ZElGkOGWAN0vmpLfdyiqBNNyS3eGAfMkJ6b1A24un /TKc6j2QxM0QK4yZGfAxDxtvDv9LFXec8ENJYsbiR6WHRHq7wXl/n8guyh5AuBNQ3LIK44x0 KjGXP1FJkUhUuruGyZsMrDLBRHYi+hhDAgRjqHgoXi5XGETA1PAiNBNnQwMf5aubt+mE2Q5r qLNTgwSo2dpTU3+mJ3y3KlsIfoaxYI7XNsPRXGnZi4hbxmeb2NSXgdCXhX3nELUNYm4ArKBP LugOIT/zRwk0H0+RVwL2zHdMO1Tht1UOFGfOZpvuBF60jhMzbQARAQABtCxNYXhpbWUgQ29x dWVsaW4gPG1heGltZS5jb3F1ZWxpbkByZWRoYXQuY29tPokCOAQTAQIAIgUCV3u/5QIbAwYL CQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQyjiNKEaHD4ma2g/+P+Hg9WkONPaY1J4AR7Uf kBneosS4NO3CRy0x4WYmUSLYMLx1I3VH6SVjqZ6uBoYy6Fs6TbF6SHNc7QbB6Qjo3neqnQR1 71Ua1MFvIob8vUEl3jAR/+oaE1UJKrxjWztpppQTukIk4oJOmXbL0nj3d8dA2QgHdTyttZ1H xzZJWWz6vqxCrUqHU7RSH9iWg9R2iuTzii4/vk1oi4Qz7y/q8ONOq6ffOy/t5xSZOMtZCspu Mll2Szzpc/trFO0pLH4LZZfz/nXh2uuUbk8qRIJBIjZH3ZQfACffgfNefLe2PxMqJZ8mFJXc RQO0ONZvwoOoHL6CcnFZp2i0P5ddduzwPdGsPq1bnIXnZqJSl3dUfh3xG5ArkliZ/++zGF1O wvpGvpIuOgLqjyCNNRoR7cP7y8F24gWE/HqJBXs1qzdj/5Hr68NVPV1Tu/l2D1KMOcL5sOrz 2jLXauqDWn1Okk9hkXAP7+0Cmi6QwAPuBT3i6t2e8UdtMtCE4sLesWS/XohnSFFscZR6Vaf3 gKdWiJ/fW64L6b9gjkWtHd4jAJBAIAx1JM6xcA1xMbAFsD8gA2oDBWogHGYcScY/4riDNKXi lw92d6IEHnSf6y7KJCKq8F+Jrj2BwRJiFKTJ6ChbOpyyR6nGTckzsLgday2KxBIyuh4w+hMq TGDSp2rmWGJjASq5Ag0EVPSbkwEQAMkaNc084Qvql+XW+wcUIY+Dn9A2D1gMr2BVwdSfVDN7 0ZYxo9PvSkzh6eQmnZNQtl8WSHl3VG3IEDQzsMQ2ftZn2sxjcCadexrQQv3Lu60Tgj7YVYRM H+fLYt9W5YuWduJ+FPLbjIKynBf6JCRMWr75QAOhhhaI0tsie3eDsKQBA0w7WCuPiZiheJaL 4MDe9hcH4rM3ybnRW7K2dLszWNhHVoYSFlZGYh+MGpuODeQKDS035+4H2rEWgg+iaOwqD7bg CQXwTZ1kSrm8NxIRVD3MBtzp9SZdUHLfmBl/tLVwDSZvHZhhvJHC6Lj6VL4jPXF5K2+Nn/Su CQmEBisOmwnXZhhu8ulAZ7S2tcl94DCo60ReheDoPBU8PR2TLg8rS5f9w6mLYarvQWL7cDtT d2eX3Z6TggfNINr/RTFrrAd7NHl5h3OnlXj7PQ1f0kfufduOeCQddJN4gsQfxo/qvWVB7PaE 1WTIggPmWS+Xxijk7xG6x9McTdmGhYaPZBpAxewK8ypl5+yubVsE9yOOhKMVo9DoVCjh5To5 aph7CQWfQsV7cd9PfSJjI2lXI0dhEXhQ7lRCFpf3V3mD6CyrhpcJpV6XVGjxJvGUale7+IOp sQIbPKUHpB2F+ZUPWds9yyVxGwDxD8WLqKKy0WLIjkkSsOb9UBNzgRyzrEC9lgQ/ABEBAAGJ Ah8EGAECAAkFAlT0m5MCGwwACgkQyjiNKEaHD4nU8hAAtt0xFJAy0sOWqSmyxTc7FUcX+pbD KVyPlpl6urKKMk1XtVMUPuae/+UwvIt0urk1mXi6DnrAN50TmQqvdjcPTQ6uoZ8zjgGeASZg jj0/bJGhgUr9U7oG7Hh2F8vzpOqZrdd65MRkxmc7bWj1k81tOU2woR/Gy8xLzi0k0KUa8ueB iYOcZcIGTcs9CssVwQjYaXRoeT65LJnTxYZif2pfNxfINFzCGw42s3EtZFteczClKcVSJ1+L +QUY/J24x0/ocQX/M1PwtZbB4c/2Pg/t5FS+s6UB1Ce08xsJDcwyOPIH6O3tccZuriHgvqKP yKz/Ble76+NFlTK1mpUlfM7PVhD5XzrDUEHWRTeTJSvJ8TIPL4uyfzhjHhlkCU0mw7Pscyxn DE8G0UYMEaNgaZap8dcGMYH/96EfE5s/nTX0M6MXV0yots7U2BDb4soLCxLOJz4tAFDtNFtA wLBhXRSvWhdBJZiig/9CG3dXmKfi2H+wdUCSvEFHRpgo7GK8/Kh3vGhgKmnnxhl8ACBaGy9n fxjSxjSO6rj4/MeenmlJw1yebzkX8ZmaSi8BHe+n6jTGEFNrbiOdWpJgc5yHIZZnwXaW54QT UhhSjDL1rV2B4F28w30jYmlRmm2RdN7iCZfbyP3dvFQTzQ4ySquuPkIGcOOHrvZzxbRjzMx1 Mwqu3GQ= Message-ID: <222d8092-d9e6-9669-9018-4fb602974d2d@redhat.com> Date: Fri, 31 Jan 2020 15:46:27 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.4.1 MIME-Version: 1.0 In-Reply-To: Content-Language: en-US X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-MC-Unique: jNhFBFcfM0el5fAQpc5m3g-1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Subject: Re: [dpdk-dev] [PATCH v2 06/13] vdpa/mlx5: prepare virtio queues X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" On 1/31/20 8:34 AM, Matan Azrad wrote: > > > From: Maxime Coquelin >> On 1/29/20 11:09 AM, Matan Azrad wrote: >>> The HW virtq object represents an emulated context for a VIRTIO_NET >>> virtqueue which was created and managed by a VIRTIO_NET driver as >>> defined in VIRTIO Specification. >>> >>> Add support to prepare and release all the basic HW resources needed >>> the user virtqs emulation according to the rte_vhost configurations. >>> >>> This patch prepares the basic configurations needed by DevX commands >>> to create a virtq. >>> >>> Add new file mlx5_vdpa_virtq.c to manage virtq operations. >>> >>> Signed-off-by: Matan Azrad >>> Acked-by: Viacheslav Ovsiienko >>> --- >>> drivers/vdpa/mlx5/Makefile | 1 + >>> drivers/vdpa/mlx5/meson.build | 1 + >>> drivers/vdpa/mlx5/mlx5_vdpa.c | 1 + >>> drivers/vdpa/mlx5/mlx5_vdpa.h | 36 ++++++ >>> drivers/vdpa/mlx5/mlx5_vdpa_virtq.c | 212 >>> ++++++++++++++++++++++++++++++++++++ >>> 5 files changed, 251 insertions(+) >>> create mode 100644 drivers/vdpa/mlx5/mlx5_vdpa_virtq.c >>> >>> diff --git a/drivers/vdpa/mlx5/Makefile b/drivers/vdpa/mlx5/Makefile >>> index 7f13756..353e262 100644 >>> --- a/drivers/vdpa/mlx5/Makefile >>> +++ b/drivers/vdpa/mlx5/Makefile >>> @@ -10,6 +10,7 @@ LIB = librte_pmd_mlx5_vdpa.a >>> SRCS-$(CONFIG_RTE_LIBRTE_MLX5_VDPA_PMD) += mlx5_vdpa.c >>> SRCS-$(CONFIG_RTE_LIBRTE_MLX5_VDPA_PMD) += mlx5_vdpa_mem.c >>> SRCS-$(CONFIG_RTE_LIBRTE_MLX5_VDPA_PMD) += mlx5_vdpa_event.c >>> +SRCS-$(CONFIG_RTE_LIBRTE_MLX5_VDPA_PMD) += mlx5_vdpa_virtq.c >>> >>> # Basic CFLAGS. >>> CFLAGS += -O3 >>> diff --git a/drivers/vdpa/mlx5/meson.build >>> b/drivers/vdpa/mlx5/meson.build index c609f7c..e017f95 100644 >>> --- a/drivers/vdpa/mlx5/meson.build >>> +++ b/drivers/vdpa/mlx5/meson.build >>> @@ -14,6 +14,7 @@ sources = files( >>> 'mlx5_vdpa.c', >>> 'mlx5_vdpa_mem.c', >>> 'mlx5_vdpa_event.c', >>> + 'mlx5_vdpa_virtq.c', >>> ) >>> cflags_options = [ >>> '-std=c11', >>> diff --git a/drivers/vdpa/mlx5/mlx5_vdpa.c >>> b/drivers/vdpa/mlx5/mlx5_vdpa.c index c67f93d..4d30b35 100644 >>> --- a/drivers/vdpa/mlx5/mlx5_vdpa.c >>> +++ b/drivers/vdpa/mlx5/mlx5_vdpa.c >>> @@ -229,6 +229,7 @@ >>> goto error; >>> } >>> SLIST_INIT(&priv->mr_list); >>> + SLIST_INIT(&priv->virtq_list); >>> pthread_mutex_lock(&priv_list_lock); >>> TAILQ_INSERT_TAIL(&priv_list, priv, next); >>> pthread_mutex_unlock(&priv_list_lock); >>> diff --git a/drivers/vdpa/mlx5/mlx5_vdpa.h >>> b/drivers/vdpa/mlx5/mlx5_vdpa.h index 30030b7..a7e2185 100644 >>> --- a/drivers/vdpa/mlx5/mlx5_vdpa.h >>> +++ b/drivers/vdpa/mlx5/mlx5_vdpa.h >>> @@ -53,6 +53,19 @@ struct mlx5_vdpa_query_mr { >>> int is_indirect; >>> }; >>> >>> +struct mlx5_vdpa_virtq { >>> + SLIST_ENTRY(mlx5_vdpa_virtq) next; >>> + uint16_t index; >>> + uint16_t vq_size; >>> + struct mlx5_devx_obj *virtq; >>> + struct mlx5_vdpa_event_qp eqp; >>> + struct { >>> + struct mlx5dv_devx_umem *obj; >>> + void *buf; >>> + uint32_t size; >>> + } umems[3]; >>> +}; >>> + >>> struct mlx5_vdpa_priv { >>> TAILQ_ENTRY(mlx5_vdpa_priv) next; >>> int id; /* vDPA device id. */ >>> @@ -69,6 +82,10 @@ struct mlx5_vdpa_priv { >>> struct mlx5dv_devx_event_channel *eventc; >>> struct mlx5dv_devx_uar *uar; >>> struct rte_intr_handle intr_handle; >>> + struct mlx5_devx_obj *td; >>> + struct mlx5_devx_obj *tis; >>> + uint16_t nr_virtqs; >>> + SLIST_HEAD(virtq_list, mlx5_vdpa_virtq) virtq_list; >>> SLIST_HEAD(mr_list, mlx5_vdpa_query_mr) mr_list; }; >>> >>> @@ -146,4 +163,23 @@ int mlx5_vdpa_event_qp_create(struct >> mlx5_vdpa_priv *priv, uint16_t desc_n, >>> */ >>> void mlx5_vdpa_cqe_event_unset(struct mlx5_vdpa_priv *priv); >>> >>> +/** >>> + * Release a virtq and all its related resources. >>> + * >>> + * @param[in] priv >>> + * The vdpa driver private structure. >>> + */ >>> +void mlx5_vdpa_virtqs_release(struct mlx5_vdpa_priv *priv); >>> + >>> +/** >>> + * Create all the HW virtqs resources and all their related resources. >>> + * >>> + * @param[in] priv >>> + * The vdpa driver private structure. >>> + * >>> + * @return >>> + * 0 on success, a negative errno value otherwise and rte_errno is set. >>> + */ >>> +int mlx5_vdpa_virtqs_prepare(struct mlx5_vdpa_priv *priv); >>> + >>> #endif /* RTE_PMD_MLX5_VDPA_H_ */ >>> diff --git a/drivers/vdpa/mlx5/mlx5_vdpa_virtq.c >>> b/drivers/vdpa/mlx5/mlx5_vdpa_virtq.c >>> new file mode 100644 >>> index 0000000..781bccf >>> --- /dev/null >>> +++ b/drivers/vdpa/mlx5/mlx5_vdpa_virtq.c >>> @@ -0,0 +1,212 @@ >>> +/* SPDX-License-Identifier: BSD-3-Clause >>> + * Copyright 2019 Mellanox Technologies, Ltd */ #include >>> + >>> +#include >>> +#include >>> + >>> +#include >>> + >>> +#include "mlx5_vdpa_utils.h" >>> +#include "mlx5_vdpa.h" >>> + >>> + >>> +static int >>> +mlx5_vdpa_virtq_unset(struct mlx5_vdpa_virtq *virtq) { >>> + int i; >>> + >>> + if (virtq->virtq) { >>> + claim_zero(mlx5_devx_cmd_destroy(virtq->virtq)); >>> + virtq->virtq = NULL; >>> + } >>> + for (i = 0; i < 3; ++i) { >>> + if (virtq->umems[i].obj) >>> + claim_zero(mlx5_glue->devx_umem_dereg >>> + (virtq- >>> umems[i].obj)); >>> + if (virtq->umems[i].buf) >>> + rte_free(virtq->umems[i].buf); >>> + } >>> + memset(&virtq->umems, 0, sizeof(virtq->umems)); >>> + if (virtq->eqp.fw_qp) >>> + mlx5_vdpa_event_qp_destroy(&virtq->eqp); >>> + return 0; >>> +} >>> + >>> +void >>> +mlx5_vdpa_virtqs_release(struct mlx5_vdpa_priv *priv) { >>> + struct mlx5_vdpa_virtq *entry; >>> + struct mlx5_vdpa_virtq *next; >>> + >>> + entry = SLIST_FIRST(&priv->virtq_list); >>> + while (entry) { >>> + next = SLIST_NEXT(entry, next); >>> + mlx5_vdpa_virtq_unset(entry); >>> + SLIST_REMOVE(&priv->virtq_list, entry, mlx5_vdpa_virtq, >> next); >>> + rte_free(entry); >>> + entry = next; >>> + } >>> + SLIST_INIT(&priv->virtq_list); >>> + if (priv->tis) { >>> + claim_zero(mlx5_devx_cmd_destroy(priv->tis)); >>> + priv->tis = NULL; >>> + } >>> + if (priv->td) { >>> + claim_zero(mlx5_devx_cmd_destroy(priv->td)); >>> + priv->td = NULL; >>> + } >>> +} >>> + >>> +static uint64_t >>> +mlx5_vdpa_hva_to_gpa(struct rte_vhost_memory *mem, uint64_t hva) { >>> + struct rte_vhost_mem_region *reg; >>> + uint32_t i; >>> + uint64_t gpa = 0; >>> + >>> + for (i = 0; i < mem->nregions; i++) { >>> + reg = &mem->regions[i]; >>> + if (hva >= reg->host_user_addr && >>> + hva < reg->host_user_addr + reg->size) { >>> + gpa = hva - reg->host_user_addr + reg- >>> guest_phys_addr; >>> + break; >>> + } >>> + } >>> + return gpa; >>> +} >> >> I think you may need a third parameter for the size to map. >> Otherwise, you would be vulnerable to CVE-2018-1059. > > Yes, I just read it and understood that the virtio descriptor queues\packets data may be non continues in the guest physical memory and even maybe undefined here in the rte_vhost library, Is it? > > Don't you think that the rte_vhost should validate it? at least, that all the queues memory are mapped? I just checked vhost lib again, and you're right, it already does the check. Basically, if translate_ring_addresses() fail because the rings aren't fully mapped, then virtio_is_ready() will return false and so the vdpa .dev_conf() callback won't be called. > Can you extend more why it may happen? QEMU bug? It could happen with a malicious or compromised vhost-user master, like Qemu or Virtio-user based application. > In any case, > From Mellanox perspective, at least for the packet data, it is OK since if the guest will try to access physical address which is not mapped the packet will be ignored by the HW. Ok! Thanks, Maxime