X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=lib%2Flibrte_vhost%2Fvhost_user.c;h=3405cd8c0b4fe4797e1dbf4340fc184e66ba7267;hb=2263f13941a10989d141e73529fa1b0fe356608b;hp=3f649c802cc83db22ff4ed27dfc23a54b4c35b41;hpb=3939255eeda47d9f70d5d54729ef94a27ae8b803;p=dpdk.git diff --git a/lib/librte_vhost/vhost_user.c b/lib/librte_vhost/vhost_user.c index 3f649c802c..3405cd8c0b 100644 --- a/lib/librte_vhost/vhost_user.c +++ b/lib/librte_vhost/vhost_user.c @@ -92,6 +92,36 @@ static const char *vhost_message_str[VHOST_USER_MAX] = { static int send_vhost_reply(int sockfd, struct VhostUserMsg *msg); static int read_vhost_message(int sockfd, struct VhostUserMsg *msg); +static void +close_msg_fds(struct VhostUserMsg *msg) +{ + int i; + + for (i = 0; i < msg->fd_num; i++) + close(msg->fds[i]); +} + +/* + * Ensure the expected number of FDs is received, + * close all FDs and return an error if this is not the case. + */ +static int +validate_msg_fds(struct VhostUserMsg *msg, int expected_fds) +{ + if (msg->fd_num == expected_fds) + return 0; + + VHOST_LOG_CONFIG(ERR, + " Expect %d FDs for request %s, received %d\n", + expected_fds, + vhost_message_str[msg->request.master], + msg->fd_num); + + close_msg_fds(msg); + + return -1; +} + static uint64_t get_blk_size(int fd) { @@ -161,7 +191,7 @@ vhost_backend_cleanup(struct virtio_net *dev) dev->mem = NULL; } - free(dev->guest_pages); + rte_free(dev->guest_pages); dev->guest_pages = NULL; if (dev->log_addr) { @@ -176,7 +206,7 @@ vhost_backend_cleanup(struct virtio_net *dev) dev->inflight_info->addr = NULL; } - if (dev->inflight_info->fd > 0) { + if (dev->inflight_info->fd >= 0) { close(dev->inflight_info->fd); dev->inflight_info->fd = -1; } @@ -204,18 +234,25 @@ vhost_backend_cleanup(struct virtio_net *dev) */ static int vhost_user_set_owner(struct virtio_net **pdev __rte_unused, - struct VhostUserMsg *msg __rte_unused, + struct VhostUserMsg *msg, int main_fd __rte_unused) { + if (validate_msg_fds(msg, 0) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + return RTE_VHOST_MSG_RESULT_OK; } static int vhost_user_reset_owner(struct virtio_net **pdev, - struct VhostUserMsg *msg __rte_unused, + struct VhostUserMsg *msg, int main_fd __rte_unused) { struct virtio_net *dev = *pdev; + + if (validate_msg_fds(msg, 0) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + vhost_destroy_device_notify(dev); cleanup_device(dev, 0); @@ -233,6 +270,9 @@ vhost_user_get_features(struct virtio_net **pdev, struct VhostUserMsg *msg, struct virtio_net *dev = *pdev; uint64_t features = 0; + if (validate_msg_fds(msg, 0) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + rte_vhost_driver_get_features(dev->ifname, &features); msg->payload.u64 = features; @@ -252,6 +292,9 @@ vhost_user_get_queue_num(struct virtio_net **pdev, struct VhostUserMsg *msg, struct virtio_net *dev = *pdev; uint32_t queue_num = 0; + if (validate_msg_fds(msg, 0) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + rte_vhost_driver_get_queue_num(dev->ifname, &queue_num); msg->payload.u64 = (uint64_t)queue_num; @@ -272,11 +315,13 @@ vhost_user_set_features(struct virtio_net **pdev, struct VhostUserMsg *msg, uint64_t features = msg->payload.u64; uint64_t vhost_features = 0; struct rte_vdpa_device *vdpa_dev; - int did = -1; + + if (validate_msg_fds(msg, 0) != 0) + return RTE_VHOST_MSG_RESULT_ERR; rte_vhost_driver_get_features(dev->ifname, &vhost_features); if (features & ~vhost_features) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "(%d) received invalid negotiated features.\n", dev->vid); return RTE_VHOST_MSG_RESULT_ERR; @@ -292,7 +337,7 @@ vhost_user_set_features(struct virtio_net **pdev, struct VhostUserMsg *msg, * is enabled when the live-migration starts. */ if ((dev->features ^ features) & ~(1ULL << VHOST_F_LOG_ALL)) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "(%d) features changed while device is running.\n", dev->vid); return RTE_VHOST_MSG_RESULT_ERR; @@ -309,9 +354,9 @@ vhost_user_set_features(struct virtio_net **pdev, struct VhostUserMsg *msg, } else { dev->vhost_hlen = sizeof(struct virtio_net_hdr); } - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "negotiated Virtio features: 0x%" PRIx64 "\n", dev->features); - VHOST_LOG_DEBUG(VHOST_CONFIG, + VHOST_LOG_CONFIG(DEBUG, "(%d) mergeable RX buffers %s, virtio 1 %s\n", dev->vid, (dev->features & (1 << VIRTIO_NET_F_MRG_RXBUF)) ? "on" : "off", @@ -338,8 +383,7 @@ vhost_user_set_features(struct virtio_net **pdev, struct VhostUserMsg *msg, } } - did = dev->vdpa_dev_id; - vdpa_dev = rte_vdpa_get_device(did); + vdpa_dev = dev->vdpa_dev; if (vdpa_dev && vdpa_dev->ops->set_features) vdpa_dev->ops->set_features(dev->vid); @@ -357,6 +401,9 @@ vhost_user_set_vring_num(struct virtio_net **pdev, struct virtio_net *dev = *pdev; struct vhost_virtqueue *vq = dev->virtqueue[msg->payload.state.index]; + if (validate_msg_fds(msg, 0) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + vq->size = msg->payload.state.num; /* VIRTIO 1.0, 2.4 Virtqueues says: @@ -370,14 +417,14 @@ vhost_user_set_vring_num(struct virtio_net **pdev, */ if (!vq_is_packed(dev)) { if (vq->size & (vq->size - 1)) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "invalid virtqueue size %u\n", vq->size); return RTE_VHOST_MSG_RESULT_ERR; } } if (vq->size > 32768) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "invalid virtqueue size %u\n", vq->size); return RTE_VHOST_MSG_RESULT_ERR; } @@ -386,10 +433,12 @@ vhost_user_set_vring_num(struct virtio_net **pdev, vq->nr_zmbuf = 0; vq->last_zmbuf_idx = 0; vq->zmbuf_size = vq->size; + if (vq->zmbufs) + rte_free(vq->zmbufs); vq->zmbufs = rte_zmalloc(NULL, vq->zmbuf_size * sizeof(struct zcopy_mbuf), 0); if (vq->zmbufs == NULL) { - RTE_LOG(WARNING, VHOST_CONFIG, + VHOST_LOG_CONFIG(WARNING, "failed to allocate mem for zero copy; " "zero copy is force disabled\n"); dev->dequeue_zero_copy = 0; @@ -398,32 +447,38 @@ vhost_user_set_vring_num(struct virtio_net **pdev, } if (vq_is_packed(dev)) { + if (vq->shadow_used_packed) + rte_free(vq->shadow_used_packed); vq->shadow_used_packed = rte_malloc(NULL, vq->size * sizeof(struct vring_used_elem_packed), RTE_CACHE_LINE_SIZE); if (!vq->shadow_used_packed) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "failed to allocate memory for shadow used ring.\n"); return RTE_VHOST_MSG_RESULT_ERR; } } else { + if (vq->shadow_used_split) + rte_free(vq->shadow_used_split); vq->shadow_used_split = rte_malloc(NULL, vq->size * sizeof(struct vring_used_elem), RTE_CACHE_LINE_SIZE); if (!vq->shadow_used_split) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "failed to allocate memory for shadow used ring.\n"); return RTE_VHOST_MSG_RESULT_ERR; } } + if (vq->batch_copy_elems) + rte_free(vq->batch_copy_elems); vq->batch_copy_elems = rte_malloc(NULL, vq->size * sizeof(struct batch_copy_elem), RTE_CACHE_LINE_SIZE); if (!vq->batch_copy_elems) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "failed to allocate memory for batching copy.\n"); return RTE_VHOST_MSG_RESULT_ERR; } @@ -461,12 +516,12 @@ numa_realloc(struct virtio_net *dev, int index) ret |= get_mempolicy(&oldnode, NULL, 0, old_vq, MPOL_F_NODE | MPOL_F_ADDR); if (ret) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "Unable to get vq numa information.\n"); return dev; } if (oldnode != newnode) { - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "reallocate vq from %d to %d node\n", oldnode, newnode); vq = rte_malloc_socket(NULL, sizeof(*vq), 0, newnode); if (!vq) @@ -522,12 +577,12 @@ numa_realloc(struct virtio_net *dev, int index) ret = get_mempolicy(&oldnode, NULL, 0, old_dev, MPOL_F_NODE | MPOL_F_ADDR); if (ret) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "Unable to get dev numa information.\n"); goto out; } if (oldnode != newnode) { - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "reallocate dev from %d to %d node\n", oldnode, newnode); dev = rte_malloc_socket(NULL, sizeof(*dev), 0, newnode); @@ -599,13 +654,11 @@ ring_addr_to_vva(struct virtio_net *dev, struct vhost_virtqueue *vq, { if (dev->features & (1ULL << VIRTIO_F_IOMMU_PLATFORM)) { uint64_t vva; - uint64_t req_size = *size; - vva = vhost_user_iotlb_cache_find(vq, ra, + vhost_user_iotlb_rd_lock(vq); + vva = vhost_iova_to_vva(dev, vq, ra, size, VHOST_ACCESS_RW); - if (req_size != *size) - vhost_user_iotlb_miss(dev, (ra + *size), - VHOST_ACCESS_RW); + vhost_user_iotlb_rd_unlock(vq); return vva; } @@ -613,37 +666,16 @@ ring_addr_to_vva(struct virtio_net *dev, struct vhost_virtqueue *vq, return qva_to_vva(dev, ra, size); } -/* - * Converts vring log address to GPA - * If IOMMU is enabled, the log address is IOVA - * If IOMMU not enabled, the log address is already GPA - */ static uint64_t -translate_log_addr(struct virtio_net *dev, struct vhost_virtqueue *vq, - uint64_t log_addr) +log_addr_to_gpa(struct virtio_net *dev, struct vhost_virtqueue *vq) { - if (dev->features & (1ULL << VIRTIO_F_IOMMU_PLATFORM)) { - const uint64_t exp_size = sizeof(struct vring_used) + - sizeof(struct vring_used_elem) * vq->size; - uint64_t hva, gpa; - uint64_t size = exp_size; - - hva = vhost_iova_to_vva(dev, vq, log_addr, - &size, VHOST_ACCESS_RW); - if (size != exp_size) - return 0; + uint64_t log_gpa; - gpa = hva_to_gpa(dev, hva, exp_size); - if (!gpa) { - RTE_LOG(ERR, VHOST_CONFIG, - "VQ: Failed to find GPA for log_addr: 0x%" PRIx64 " hva: 0x%" PRIx64 "\n", - log_addr, hva); - return 0; - } - return gpa; + vhost_user_iotlb_rd_lock(vq); + log_gpa = translate_log_addr(dev, vq, vq->ring_addrs.log_guest_addr); + vhost_user_iotlb_rd_unlock(vq); - } else - return log_addr; + return log_gpa; } static struct virtio_net * @@ -653,15 +685,25 @@ translate_ring_addresses(struct virtio_net *dev, int vq_index) struct vhost_vring_addr *addr = &vq->ring_addrs; uint64_t len, expected_len; + if (addr->flags & (1 << VHOST_VRING_F_LOG)) { + vq->log_guest_addr = + log_addr_to_gpa(dev, vq); + if (vq->log_guest_addr == 0) { + VHOST_LOG_CONFIG(DEBUG, + "(%d) failed to map log_guest_addr.\n", + dev->vid); + return dev; + } + } + if (vq_is_packed(dev)) { len = sizeof(struct vring_packed_desc) * vq->size; vq->desc_packed = (struct vring_packed_desc *)(uintptr_t) ring_addr_to_vva(dev, vq, addr->desc_user_addr, &len); - vq->log_guest_addr = 0; if (vq->desc_packed == NULL || len != sizeof(struct vring_packed_desc) * vq->size) { - RTE_LOG(DEBUG, VHOST_CONFIG, + VHOST_LOG_CONFIG(DEBUG, "(%d) failed to map desc_packed ring.\n", dev->vid); return dev; @@ -677,7 +719,7 @@ translate_ring_addresses(struct virtio_net *dev, int vq_index) vq, addr->avail_user_addr, &len); if (vq->driver_event == NULL || len != sizeof(struct vring_packed_desc_event)) { - RTE_LOG(DEBUG, VHOST_CONFIG, + VHOST_LOG_CONFIG(DEBUG, "(%d) failed to find driver area address.\n", dev->vid); return dev; @@ -689,7 +731,7 @@ translate_ring_addresses(struct virtio_net *dev, int vq_index) vq, addr->used_user_addr, &len); if (vq->device_event == NULL || len != sizeof(struct vring_packed_desc_event)) { - RTE_LOG(DEBUG, VHOST_CONFIG, + VHOST_LOG_CONFIG(DEBUG, "(%d) failed to find device area address.\n", dev->vid); return dev; @@ -707,7 +749,7 @@ translate_ring_addresses(struct virtio_net *dev, int vq_index) vq->desc = (struct vring_desc *)(uintptr_t)ring_addr_to_vva(dev, vq, addr->desc_user_addr, &len); if (vq->desc == 0 || len != sizeof(struct vring_desc) * vq->size) { - RTE_LOG(DEBUG, VHOST_CONFIG, + VHOST_LOG_CONFIG(DEBUG, "(%d) failed to map desc ring.\n", dev->vid); return dev; @@ -724,7 +766,7 @@ translate_ring_addresses(struct virtio_net *dev, int vq_index) vq->avail = (struct vring_avail *)(uintptr_t)ring_addr_to_vva(dev, vq, addr->avail_user_addr, &len); if (vq->avail == 0 || len != expected_len) { - RTE_LOG(DEBUG, VHOST_CONFIG, + VHOST_LOG_CONFIG(DEBUG, "(%d) failed to map avail ring.\n", dev->vid); return dev; @@ -738,14 +780,14 @@ translate_ring_addresses(struct virtio_net *dev, int vq_index) vq->used = (struct vring_used *)(uintptr_t)ring_addr_to_vva(dev, vq, addr->used_user_addr, &len); if (vq->used == 0 || len != expected_len) { - RTE_LOG(DEBUG, VHOST_CONFIG, + VHOST_LOG_CONFIG(DEBUG, "(%d) failed to map used ring.\n", dev->vid); return dev; } if (vq->last_used_idx != vq->used->idx) { - RTE_LOG(WARNING, VHOST_CONFIG, + VHOST_LOG_CONFIG(WARNING, "last_used_idx (%u) and vq->used->idx (%u) mismatches; " "some packets maybe resent for Tx and dropped for Rx\n", vq->last_used_idx, vq->used->idx); @@ -753,23 +795,15 @@ translate_ring_addresses(struct virtio_net *dev, int vq_index) vq->last_avail_idx = vq->used->idx; } - vq->log_guest_addr = - translate_log_addr(dev, vq, addr->log_guest_addr); - if (vq->log_guest_addr == 0) { - RTE_LOG(DEBUG, VHOST_CONFIG, - "(%d) failed to map log_guest_addr .\n", - dev->vid); - return dev; - } vq->access_ok = 1; - VHOST_LOG_DEBUG(VHOST_CONFIG, "(%d) mapped address desc: %p\n", + VHOST_LOG_CONFIG(DEBUG, "(%d) mapped address desc: %p\n", dev->vid, vq->desc); - VHOST_LOG_DEBUG(VHOST_CONFIG, "(%d) mapped address avail: %p\n", + VHOST_LOG_CONFIG(DEBUG, "(%d) mapped address avail: %p\n", dev->vid, vq->avail); - VHOST_LOG_DEBUG(VHOST_CONFIG, "(%d) mapped address used: %p\n", + VHOST_LOG_CONFIG(DEBUG, "(%d) mapped address used: %p\n", dev->vid, vq->used); - VHOST_LOG_DEBUG(VHOST_CONFIG, "(%d) log_guest_addr: %" PRIx64 "\n", + VHOST_LOG_CONFIG(DEBUG, "(%d) log_guest_addr: %" PRIx64 "\n", dev->vid, vq->log_guest_addr); return dev; @@ -788,6 +822,9 @@ vhost_user_set_vring_addr(struct virtio_net **pdev, struct VhostUserMsg *msg, struct vhost_vring_addr *addr = &msg->payload.addr; bool access_ok; + if (validate_msg_fds(msg, 0) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + if (dev->mem == NULL) return RTE_VHOST_MSG_RESULT_ERR; @@ -829,6 +866,9 @@ vhost_user_set_vring_base(struct virtio_net **pdev, struct vhost_virtqueue *vq = dev->virtqueue[msg->payload.state.index]; uint64_t val = msg->payload.state.num; + if (validate_msg_fds(msg, 0) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + if (vq_is_packed(dev)) { /* * Bit[0:14]: avail index @@ -861,11 +901,12 @@ add_one_guest_page(struct virtio_net *dev, uint64_t guest_phys_addr, if (dev->nr_guest_pages == dev->max_guest_pages) { dev->max_guest_pages *= 2; old_pages = dev->guest_pages; - dev->guest_pages = realloc(dev->guest_pages, - dev->max_guest_pages * sizeof(*page)); - if (!dev->guest_pages) { - RTE_LOG(ERR, VHOST_CONFIG, "cannot realloc guest_pages\n"); - free(old_pages); + dev->guest_pages = rte_realloc(dev->guest_pages, + dev->max_guest_pages * sizeof(*page), + RTE_CACHE_LINE_SIZE); + if (dev->guest_pages == NULL) { + VHOST_LOG_CONFIG(ERR, "cannot realloc guest_pages\n"); + rte_free(old_pages); return -1; } } @@ -922,6 +963,12 @@ add_guest_pages(struct virtio_net *dev, struct rte_vhost_mem_region *reg, reg_size -= size; } + /* sort guest page array if over binary search threshold */ + if (dev->nr_guest_pages >= VHOST_BINARY_SEARCH_THRESH) { + qsort((void *)dev->guest_pages, dev->nr_guest_pages, + sizeof(struct guest_page), guest_page_addrcmp); + } + return 0; } @@ -936,7 +983,7 @@ dump_guest_pages(struct virtio_net *dev) for (i = 0; i < dev->nr_guest_pages; i++) { page = &dev->guest_pages[i]; - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "guest physical page region %u\n" "\t guest_phys_addr: %" PRIx64 "\n" "\t host_phys_addr : %" PRIx64 "\n" @@ -990,18 +1037,20 @@ vhost_user_set_mem_table(struct virtio_net **pdev, struct VhostUserMsg *msg, int populate; int fd; + if (validate_msg_fds(msg, memory->nregions) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + if (memory->nregions > VHOST_MEMORY_MAX_NREGIONS) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "too many memory regions (%u)\n", memory->nregions); return RTE_VHOST_MSG_RESULT_ERR; } if (dev->mem && !vhost_memory_changed(memory, dev->mem)) { - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "(%d) memory regions not changed\n", dev->vid); - for (i = 0; i < memory->nregions; i++) - close(msg->fds[i]); + close_msg_fds(msg); return RTE_VHOST_MSG_RESULT_OK; } @@ -1018,12 +1067,14 @@ vhost_user_set_mem_table(struct virtio_net **pdev, struct VhostUserMsg *msg, vhost_user_iotlb_flush_all(dev->virtqueue[i]); dev->nr_guest_pages = 0; - if (!dev->guest_pages) { + if (dev->guest_pages == NULL) { dev->max_guest_pages = 8; - dev->guest_pages = malloc(dev->max_guest_pages * - sizeof(struct guest_page)); + dev->guest_pages = rte_zmalloc(NULL, + dev->max_guest_pages * + sizeof(struct guest_page), + RTE_CACHE_LINE_SIZE); if (dev->guest_pages == NULL) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "(%d) failed to allocate memory " "for dev->guest_pages\n", dev->vid); @@ -1034,7 +1085,7 @@ vhost_user_set_mem_table(struct virtio_net **pdev, struct VhostUserMsg *msg, dev->mem = rte_zmalloc("vhost-mem-table", sizeof(struct rte_vhost_memory) + sizeof(struct rte_vhost_mem_region) * memory->nregions, 0); if (dev->mem == NULL) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "(%d) failed to allocate memory for dev->mem\n", dev->vid); return RTE_VHOST_MSG_RESULT_ERR; @@ -1054,7 +1105,7 @@ vhost_user_set_mem_table(struct virtio_net **pdev, struct VhostUserMsg *msg, /* Check for memory_size + mmap_offset overflow */ if (mmap_offset >= -reg->size) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "mmap_offset (%#"PRIx64") and memory_size " "(%#"PRIx64") overflow\n", mmap_offset, reg->size); @@ -1073,18 +1124,33 @@ vhost_user_set_mem_table(struct virtio_net **pdev, struct VhostUserMsg *msg, */ alignment = get_blk_size(fd); if (alignment == (uint64_t)-1) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "couldn't get hugepage size through fstat\n"); goto err_mmap; } mmap_size = RTE_ALIGN_CEIL(mmap_size, alignment); + if (mmap_size == 0) { + /* + * It could happen if initial mmap_size + alignment + * overflows the sizeof uint64, which could happen if + * either mmap_size or alignment value is wrong. + * + * mmap() kernel implementation would return an error, + * but better catch it before and provide useful info + * in the logs. + */ + VHOST_LOG_CONFIG(ERR, "mmap size (0x%" PRIx64 ") " + "or alignment (0x%" PRIx64 ") is invalid\n", + reg->size + mmap_offset, alignment); + goto err_mmap; + } populate = (dev->dequeue_zero_copy) ? MAP_POPULATE : 0; mmap_addr = mmap(NULL, mmap_size, PROT_READ | PROT_WRITE, MAP_SHARED | populate, fd, 0); if (mmap_addr == MAP_FAILED) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "mmap region %u failed.\n", i); goto err_mmap; } @@ -1096,13 +1162,13 @@ vhost_user_set_mem_table(struct virtio_net **pdev, struct VhostUserMsg *msg, if (dev->dequeue_zero_copy) if (add_guest_pages(dev, reg, alignment) < 0) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "adding guest pages to region %u failed.\n", i); goto err_mmap; } - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "guest memory region %u, size: 0x%" PRIx64 "\n" "\t guest physical addr: 0x%" PRIx64 "\n" "\t guest virtual addr: 0x%" PRIx64 "\n" @@ -1140,12 +1206,16 @@ vhost_user_set_mem_table(struct virtio_net **pdev, struct VhostUserMsg *msg, */ VhostUserMsg ack_msg; if (read_vhost_message(main_fd, &ack_msg) <= 0) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "Failed to read qemu ack on postcopy set-mem-table\n"); goto err_mmap; } + + if (validate_msg_fds(&ack_msg, 0) != 0) + goto err_mmap; + if (ack_msg.request.master != VHOST_USER_SET_MEM_TABLE) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "Bad qemu ack on postcopy set-mem-table (%d)\n", ack_msg.request.master); goto err_mmap; @@ -1168,13 +1238,13 @@ vhost_user_set_mem_table(struct virtio_net **pdev, struct VhostUserMsg *msg, if (ioctl(dev->postcopy_ufd, UFFDIO_REGISTER, ®_struct)) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "Failed to register ufd for region %d: (ufd = %d) %s\n", i, dev->postcopy_ufd, strerror(errno)); goto err_mmap; } - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "\t userfaultfd registered for range : " "%" PRIx64 " - %" PRIx64 "\n", (uint64_t)reg_struct.range.start, @@ -1227,7 +1297,8 @@ vq_is_ready(struct virtio_net *dev, struct vhost_virtqueue *vq) return false; if (vq_is_packed(dev)) - rings_ok = !!vq->desc_packed; + rings_ok = vq->desc_packed && vq->driver_event && + vq->device_event; else rings_ok = vq->desc && vq->avail && vq->used; @@ -1252,7 +1323,7 @@ virtio_is_ready(struct virtio_net *dev) return 0; } - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "virtio is now ready for processing.\n"); return 1; } @@ -1273,7 +1344,7 @@ inflight_mem_alloc(const char *name, size_t size, int *fd) if (mfd == -1) { mfd = mkstemp(fname); if (mfd == -1) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "failed to get inflight buffer fd\n"); return NULL; } @@ -1282,7 +1353,7 @@ inflight_mem_alloc(const char *name, size_t size, int *fd) } if (ftruncate(mfd, size) == -1) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "failed to alloc inflight buffer\n"); close(mfd); return NULL; @@ -1290,7 +1361,7 @@ inflight_mem_alloc(const char *name, size_t size, int *fd) ptr = mmap(0, size, PROT_READ | PROT_WRITE, MAP_SHARED, mfd, 0); if (ptr == MAP_FAILED) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "failed to mmap inflight buffer\n"); close(mfd); return NULL; @@ -1330,7 +1401,7 @@ vhost_user_get_inflight_fd(struct virtio_net **pdev, void *addr; if (msg->size != sizeof(msg->payload.inflight)) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "invalid get_inflight_fd message size is %d\n", msg->size); return RTE_VHOST_MSG_RESULT_ERR; @@ -1340,18 +1411,19 @@ vhost_user_get_inflight_fd(struct virtio_net **pdev, dev->inflight_info = calloc(1, sizeof(struct inflight_mem_info)); if (!dev->inflight_info) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "failed to alloc dev inflight area\n"); return RTE_VHOST_MSG_RESULT_ERR; } + dev->inflight_info->fd = -1; } num_queues = msg->payload.inflight.num_queues; queue_size = msg->payload.inflight.queue_size; - RTE_LOG(INFO, VHOST_CONFIG, "get_inflight_fd num_queues: %u\n", + VHOST_LOG_CONFIG(INFO, "get_inflight_fd num_queues: %u\n", msg->payload.inflight.num_queues); - RTE_LOG(INFO, VHOST_CONFIG, "get_inflight_fd queue_size: %u\n", + VHOST_LOG_CONFIG(INFO, "get_inflight_fd queue_size: %u\n", msg->payload.inflight.queue_size); if (vq_is_packed(dev)) @@ -1362,13 +1434,23 @@ vhost_user_get_inflight_fd(struct virtio_net **pdev, mmap_size = num_queues * pervq_inflight_size; addr = inflight_mem_alloc("vhost-inflight", mmap_size, &fd); if (!addr) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "failed to alloc vhost inflight area\n"); msg->payload.inflight.mmap_size = 0; return RTE_VHOST_MSG_RESULT_ERR; } memset(addr, 0, mmap_size); + if (dev->inflight_info->addr) { + munmap(dev->inflight_info->addr, dev->inflight_info->size); + dev->inflight_info->addr = NULL; + } + + if (dev->inflight_info->fd >= 0) { + close(dev->inflight_info->fd); + dev->inflight_info->fd = -1; + } + dev->inflight_info->addr = addr; dev->inflight_info->size = msg->payload.inflight.mmap_size = mmap_size; dev->inflight_info->fd = msg->fds[0] = fd; @@ -1387,13 +1469,13 @@ vhost_user_get_inflight_fd(struct virtio_net **pdev, } } - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "send inflight mmap_size: %"PRIu64"\n", msg->payload.inflight.mmap_size); - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "send inflight mmap_offset: %"PRIu64"\n", msg->payload.inflight.mmap_offset); - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "send inflight fd: %d\n", msg->fds[0]); return RTE_VHOST_MSG_RESULT_REPLY; @@ -1413,7 +1495,7 @@ vhost_user_set_inflight_fd(struct virtio_net **pdev, VhostUserMsg *msg, fd = msg->fds[0]; if (msg->size != sizeof(msg->payload.inflight) || fd < 0) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "invalid set_inflight_fd message size is %d,fd is %d\n", msg->size, fd); return RTE_VHOST_MSG_RESULT_ERR; @@ -1429,17 +1511,17 @@ vhost_user_set_inflight_fd(struct virtio_net **pdev, VhostUserMsg *msg, else pervq_inflight_size = get_pervq_shm_size_split(queue_size); - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "set_inflight_fd mmap_size: %"PRIu64"\n", mmap_size); - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "set_inflight_fd mmap_offset: %"PRIu64"\n", mmap_offset); - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "set_inflight_fd num_queues: %u\n", num_queues); - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "set_inflight_fd queue_size: %u\n", queue_size); - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "set_inflight_fd fd: %d\n", fd); - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "set_inflight_fd pervq_inflight_size: %d\n", pervq_inflight_size); @@ -1447,24 +1529,29 @@ vhost_user_set_inflight_fd(struct virtio_net **pdev, VhostUserMsg *msg, dev->inflight_info = calloc(1, sizeof(struct inflight_mem_info)); if (dev->inflight_info == NULL) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "failed to alloc dev inflight area\n"); return RTE_VHOST_MSG_RESULT_ERR; } + dev->inflight_info->fd = -1; } - if (dev->inflight_info->addr) + if (dev->inflight_info->addr) { munmap(dev->inflight_info->addr, dev->inflight_info->size); + dev->inflight_info->addr = NULL; + } addr = mmap(0, mmap_size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, mmap_offset); if (addr == MAP_FAILED) { - RTE_LOG(ERR, VHOST_CONFIG, "failed to mmap share memory.\n"); + VHOST_LOG_CONFIG(ERR, "failed to mmap share memory.\n"); return RTE_VHOST_MSG_RESULT_ERR; } - if (dev->inflight_info->fd) + if (dev->inflight_info->fd >= 0) { close(dev->inflight_info->fd); + dev->inflight_info->fd = -1; + } dev->inflight_info->fd = fd; dev->inflight_info->addr = addr; @@ -1492,13 +1579,18 @@ vhost_user_set_vring_call(struct virtio_net **pdev, struct VhostUserMsg *msg, struct virtio_net *dev = *pdev; struct vhost_vring_file file; struct vhost_virtqueue *vq; + int expected_fds; + + expected_fds = (msg->payload.u64 & VHOST_USER_VRING_NOFD_MASK) ? 0 : 1; + if (validate_msg_fds(msg, expected_fds) != 0) + return RTE_VHOST_MSG_RESULT_ERR; file.index = msg->payload.u64 & VHOST_USER_VRING_IDX_MASK; if (msg->payload.u64 & VHOST_USER_VRING_NOFD_MASK) file.fd = VIRTIO_INVALID_EVENTFD; else file.fd = msg->fds[0]; - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "vring call idx:%d file:%d\n", file.index, file.fd); vq = dev->virtqueue[file.index]; @@ -1514,9 +1606,15 @@ static int vhost_user_set_vring_err(struct virtio_net **pdev __rte_unused, struct VhostUserMsg *msg, int main_fd __rte_unused) { + int expected_fds; + + expected_fds = (msg->payload.u64 & VHOST_USER_VRING_NOFD_MASK) ? 0 : 1; + if (validate_msg_fds(msg, expected_fds) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + if (!(msg->payload.u64 & VHOST_USER_VRING_NOFD_MASK)) close(msg->fds[0]); - RTE_LOG(INFO, VHOST_CONFIG, "not implemented\n"); + VHOST_LOG_CONFIG(INFO, "not implemented\n"); return RTE_VHOST_MSG_RESULT_OK; } @@ -1547,8 +1645,11 @@ vhost_check_queue_inflights_split(struct virtio_net *dev, (1ULL << VHOST_USER_PROTOCOL_F_INFLIGHT_SHMFD))) return RTE_VHOST_MSG_RESULT_OK; + /* The frontend may still not support the inflight feature + * although we negotiate the protocol feature. + */ if ((!vq->inflight_split)) - return RTE_VHOST_MSG_RESULT_ERR; + return RTE_VHOST_MSG_RESULT_OK; if (!vq->inflight_split->version) { vq->inflight_split->version = INFLIGHT_VERSION; @@ -1578,7 +1679,7 @@ vhost_check_queue_inflights_split(struct virtio_net *dev, if (resubmit_num) { resubmit = calloc(1, sizeof(struct rte_vhost_resubmit_info)); if (!resubmit) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "failed to allocate memory for resubmit info.\n"); return RTE_VHOST_MSG_RESULT_ERR; } @@ -1586,7 +1687,7 @@ vhost_check_queue_inflights_split(struct virtio_net *dev, resubmit->resubmit_list = calloc(resubmit_num, sizeof(struct rte_vhost_resubmit_desc)); if (!resubmit->resubmit_list) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "failed to allocate memory for inflight desc.\n"); free(resubmit); return RTE_VHOST_MSG_RESULT_ERR; @@ -1628,8 +1729,11 @@ vhost_check_queue_inflights_packed(struct virtio_net *dev, (1ULL << VHOST_USER_PROTOCOL_F_INFLIGHT_SHMFD))) return RTE_VHOST_MSG_RESULT_OK; + /* The frontend may still not support the inflight feature + * although we negotiate the protocol feature. + */ if ((!vq->inflight_packed)) - return RTE_VHOST_MSG_RESULT_ERR; + return RTE_VHOST_MSG_RESULT_OK; if (!vq->inflight_packed->version) { vq->inflight_packed->version = INFLIGHT_VERSION; @@ -1669,7 +1773,7 @@ vhost_check_queue_inflights_packed(struct virtio_net *dev, if (resubmit_num) { resubmit = calloc(1, sizeof(struct rte_vhost_resubmit_info)); if (resubmit == NULL) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "failed to allocate memory for resubmit info.\n"); return RTE_VHOST_MSG_RESULT_ERR; } @@ -1677,7 +1781,7 @@ vhost_check_queue_inflights_packed(struct virtio_net *dev, resubmit->resubmit_list = calloc(resubmit_num, sizeof(struct rte_vhost_resubmit_desc)); if (resubmit->resubmit_list == NULL) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "failed to allocate memory for resubmit desc.\n"); free(resubmit); return RTE_VHOST_MSG_RESULT_ERR; @@ -1713,13 +1817,18 @@ vhost_user_set_vring_kick(struct virtio_net **pdev, struct VhostUserMsg *msg, struct virtio_net *dev = *pdev; struct vhost_vring_file file; struct vhost_virtqueue *vq; + int expected_fds; + + expected_fds = (msg->payload.u64 & VHOST_USER_VRING_NOFD_MASK) ? 0 : 1; + if (validate_msg_fds(msg, expected_fds) != 0) + return RTE_VHOST_MSG_RESULT_ERR; file.index = msg->payload.u64 & VHOST_USER_VRING_IDX_MASK; if (msg->payload.u64 & VHOST_USER_VRING_NOFD_MASK) file.fd = VIRTIO_INVALID_EVENTFD; else file.fd = msg->fds[0]; - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "vring kick idx:%d file:%d\n", file.index, file.fd); /* Interpret ring addresses only when ring is started. */ @@ -1749,13 +1858,13 @@ vhost_user_set_vring_kick(struct virtio_net **pdev, struct VhostUserMsg *msg, if (vq_is_packed(dev)) { if (vhost_check_queue_inflights_packed(dev, vq)) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "failed to inflights for vq: %d\n", file.index); return RTE_VHOST_MSG_RESULT_ERR; } } else { if (vhost_check_queue_inflights_split(dev, vq)) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "failed to inflights for vq: %d\n", file.index); return RTE_VHOST_MSG_RESULT_ERR; } @@ -1784,6 +1893,9 @@ vhost_user_get_vring_base(struct virtio_net **pdev, struct vhost_virtqueue *vq = dev->virtqueue[msg->payload.state.index]; uint64_t val; + if (validate_msg_fds(msg, 0) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + /* We have to stop the queue (virtio) if it is running. */ vhost_destroy_device_notify(dev); @@ -1803,7 +1915,7 @@ vhost_user_get_vring_base(struct virtio_net **pdev, msg->payload.state.num = vq->last_avail_idx; } - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "vring base idx:%d file:%d\n", msg->payload.state.index, msg->payload.state.num); /* @@ -1857,14 +1969,15 @@ vhost_user_set_vring_enable(struct virtio_net **pdev, int enable = (int)msg->payload.state.num; int index = (int)msg->payload.state.index; struct rte_vdpa_device *vdpa_dev; - int did = -1; - RTE_LOG(INFO, VHOST_CONFIG, + if (validate_msg_fds(msg, 0) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + + VHOST_LOG_CONFIG(INFO, "set queue enable: %d to qp idx: %d\n", enable, index); - did = dev->vdpa_dev_id; - vdpa_dev = rte_vdpa_get_device(did); + vdpa_dev = dev->vdpa_dev; if (vdpa_dev && vdpa_dev->ops->set_vring_state) vdpa_dev->ops->set_vring_state(dev->vid, index, enable); @@ -1889,18 +2002,12 @@ vhost_user_get_protocol_features(struct virtio_net **pdev, struct virtio_net *dev = *pdev; uint64_t features, protocol_features; + if (validate_msg_fds(msg, 0) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + rte_vhost_driver_get_features(dev->ifname, &features); rte_vhost_driver_get_protocol_features(dev->ifname, &protocol_features); - /* - * REPLY_ACK protocol feature is only mandatory for now - * for IOMMU feature. If IOMMU is explicitly disabled by the - * application, disable also REPLY_ACK feature for older buggy - * Qemu versions (from v2.7.0 to v2.9.0). - */ - if (!(features & (1ULL << VIRTIO_F_IOMMU_PLATFORM))) - protocol_features &= ~(1ULL << VHOST_USER_PROTOCOL_F_REPLY_ACK); - msg->payload.u64 = protocol_features; msg->size = sizeof(msg->payload.u64); msg->fd_num = 0; @@ -1917,17 +2024,20 @@ vhost_user_set_protocol_features(struct virtio_net **pdev, uint64_t protocol_features = msg->payload.u64; uint64_t slave_protocol_features = 0; + if (validate_msg_fds(msg, 0) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + rte_vhost_driver_get_protocol_features(dev->ifname, &slave_protocol_features); if (protocol_features & ~slave_protocol_features) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "(%d) received invalid protocol features.\n", dev->vid); return RTE_VHOST_MSG_RESULT_ERR; } dev->protocol_features = protocol_features; - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "negotiated Vhost-user protocol features: 0x%" PRIx64 "\n", dev->protocol_features); @@ -1943,13 +2053,16 @@ vhost_user_set_log_base(struct virtio_net **pdev, struct VhostUserMsg *msg, uint64_t size, off; void *addr; + if (validate_msg_fds(msg, 1) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + if (fd < 0) { - RTE_LOG(ERR, VHOST_CONFIG, "invalid log fd: %d\n", fd); + VHOST_LOG_CONFIG(ERR, "invalid log fd: %d\n", fd); return RTE_VHOST_MSG_RESULT_ERR; } if (msg->size != sizeof(VhostUserLog)) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "invalid log base msg size: %"PRId32" != %d\n", msg->size, (int)sizeof(VhostUserLog)); return RTE_VHOST_MSG_RESULT_ERR; @@ -1958,15 +2071,15 @@ vhost_user_set_log_base(struct virtio_net **pdev, struct VhostUserMsg *msg, size = msg->payload.log.mmap_size; off = msg->payload.log.mmap_offset; - /* Don't allow mmap_offset to point outside the mmap region */ - if (off > size) { - RTE_LOG(ERR, VHOST_CONFIG, - "log offset %#"PRIx64" exceeds log size %#"PRIx64"\n", + /* Check for mmap size and offset overflow. */ + if (off >= -size) { + VHOST_LOG_CONFIG(ERR, + "log offset %#"PRIx64" and log size %#"PRIx64" overflow\n", off, size); return RTE_VHOST_MSG_RESULT_ERR; } - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "log mmap size: %"PRId64", offset: %"PRId64"\n", size, off); @@ -1977,7 +2090,7 @@ vhost_user_set_log_base(struct virtio_net **pdev, struct VhostUserMsg *msg, addr = mmap(0, size + off, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); close(fd); if (addr == MAP_FAILED) { - RTE_LOG(ERR, VHOST_CONFIG, "mmap log base failed!\n"); + VHOST_LOG_CONFIG(ERR, "mmap log base failed!\n"); return RTE_VHOST_MSG_RESULT_ERR; } @@ -2006,8 +2119,11 @@ static int vhost_user_set_log_fd(struct virtio_net **pdev __rte_unused, struct VhostUserMsg *msg, int main_fd __rte_unused) { + if (validate_msg_fds(msg, 1) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + close(msg->fds[0]); - RTE_LOG(INFO, VHOST_CONFIG, "not implemented.\n"); + VHOST_LOG_CONFIG(INFO, "not implemented.\n"); return RTE_VHOST_MSG_RESULT_OK; } @@ -2027,9 +2143,11 @@ vhost_user_send_rarp(struct virtio_net **pdev, struct VhostUserMsg *msg, struct virtio_net *dev = *pdev; uint8_t *mac = (uint8_t *)&msg->payload.u64; struct rte_vdpa_device *vdpa_dev; - int did = -1; - RTE_LOG(DEBUG, VHOST_CONFIG, + if (validate_msg_fds(msg, 0) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + + VHOST_LOG_CONFIG(DEBUG, ":: mac: %02x:%02x:%02x:%02x:%02x:%02x\n", mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]); memcpy(dev->mac.addr_bytes, mac, 6); @@ -2038,13 +2156,11 @@ vhost_user_send_rarp(struct virtio_net **pdev, struct VhostUserMsg *msg, * Set the flag to inject a RARP broadcast packet at * rte_vhost_dequeue_burst(). * - * rte_smp_wmb() is for making sure the mac is copied - * before the flag is set. + * __ATOMIC_RELEASE ordering is for making sure the mac is + * copied before the flag is set. */ - rte_smp_wmb(); - rte_atomic16_set(&dev->broadcast_rarp, 1); - did = dev->vdpa_dev_id; - vdpa_dev = rte_vdpa_get_device(did); + __atomic_store_n(&dev->broadcast_rarp, 1, __ATOMIC_RELEASE); + vdpa_dev = dev->vdpa_dev; if (vdpa_dev && vdpa_dev->ops->migration_done) vdpa_dev->ops->migration_done(dev->vid); @@ -2056,9 +2172,13 @@ vhost_user_net_set_mtu(struct virtio_net **pdev, struct VhostUserMsg *msg, int main_fd __rte_unused) { struct virtio_net *dev = *pdev; + + if (validate_msg_fds(msg, 0) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + if (msg->payload.u64 < VIRTIO_MIN_MTU || msg->payload.u64 > VIRTIO_MAX_MTU) { - RTE_LOG(ERR, VHOST_CONFIG, "Invalid MTU size (%"PRIu64")\n", + VHOST_LOG_CONFIG(ERR, "Invalid MTU size (%"PRIu64")\n", msg->payload.u64); return RTE_VHOST_MSG_RESULT_ERR; @@ -2076,8 +2196,11 @@ vhost_user_set_req_fd(struct virtio_net **pdev, struct VhostUserMsg *msg, struct virtio_net *dev = *pdev; int fd = msg->fds[0]; + if (validate_msg_fds(msg, 1) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + if (fd < 0) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "Invalid file descriptor for slave channel (%d)\n", fd); return RTE_VHOST_MSG_RESULT_ERR; @@ -2114,6 +2237,13 @@ is_vring_iotlb_split(struct vhost_virtqueue *vq, struct vhost_iotlb_msg *imsg) if (ra->used_user_addr < end && (ra->used_user_addr + len) > start) return 1; + if (ra->flags & (1 << VHOST_VRING_F_LOG)) { + len = sizeof(uint64_t); + if (ra->log_guest_addr < end && + (ra->log_guest_addr + len) > start) + return 1; + } + return 0; } @@ -2139,6 +2269,13 @@ is_vring_iotlb_packed(struct vhost_virtqueue *vq, struct vhost_iotlb_msg *imsg) if (ra->used_user_addr < end && (ra->used_user_addr + len) > start) return 1; + if (ra->flags & (1 << VHOST_VRING_F_LOG)) { + len = sizeof(uint64_t); + if (ra->log_guest_addr < end && + (ra->log_guest_addr + len) > start) + return 1; + } + return 0; } @@ -2161,6 +2298,9 @@ vhost_user_iotlb_msg(struct virtio_net **pdev, struct VhostUserMsg *msg, uint16_t i; uint64_t vva, len; + if (validate_msg_fds(msg, 0) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + switch (imsg->type) { case VHOST_IOTLB_UPDATE: len = imsg->size; @@ -2190,7 +2330,7 @@ vhost_user_iotlb_msg(struct virtio_net **pdev, struct VhostUserMsg *msg, } break; default: - RTE_LOG(ERR, VHOST_CONFIG, "Invalid IOTLB message type (%d)\n", + VHOST_LOG_CONFIG(ERR, "Invalid IOTLB message type (%d)\n", imsg->type); return RTE_VHOST_MSG_RESULT_ERR; } @@ -2207,17 +2347,20 @@ vhost_user_set_postcopy_advise(struct virtio_net **pdev, #ifdef RTE_LIBRTE_VHOST_POSTCOPY struct uffdio_api api_struct; + if (validate_msg_fds(msg, 0) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + dev->postcopy_ufd = syscall(__NR_userfaultfd, O_CLOEXEC | O_NONBLOCK); if (dev->postcopy_ufd == -1) { - RTE_LOG(ERR, VHOST_CONFIG, "Userfaultfd not available: %s\n", + VHOST_LOG_CONFIG(ERR, "Userfaultfd not available: %s\n", strerror(errno)); return RTE_VHOST_MSG_RESULT_ERR; } api_struct.api = UFFD_API; api_struct.features = 0; if (ioctl(dev->postcopy_ufd, UFFDIO_API, &api_struct)) { - RTE_LOG(ERR, VHOST_CONFIG, "UFFDIO_API ioctl failure: %s\n", + VHOST_LOG_CONFIG(ERR, "UFFDIO_API ioctl failure: %s\n", strerror(errno)); close(dev->postcopy_ufd); dev->postcopy_ufd = -1; @@ -2242,8 +2385,11 @@ vhost_user_set_postcopy_listen(struct virtio_net **pdev, { struct virtio_net *dev = *pdev; + if (validate_msg_fds(msg, 0) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + if (dev->mem && dev->mem->nregions) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "Regions already registered at postcopy-listen\n"); return RTE_VHOST_MSG_RESULT_ERR; } @@ -2258,6 +2404,9 @@ vhost_user_postcopy_end(struct virtio_net **pdev, struct VhostUserMsg *msg, { struct virtio_net *dev = *pdev; + if (validate_msg_fds(msg, 0) != 0) + return RTE_VHOST_MSG_RESULT_ERR; + dev->postcopy_listening = 0; if (dev->postcopy_ufd >= 0) { close(dev->postcopy_ufd); @@ -2313,12 +2462,17 @@ read_vhost_message(int sockfd, struct VhostUserMsg *msg) ret = read_fd_message(sockfd, (char *)msg, VHOST_USER_HDR_SIZE, msg->fds, VHOST_MEMORY_MAX_NREGIONS, &msg->fd_num); - if (ret <= 0) + if (ret <= 0) { return ret; + } else if (ret != VHOST_USER_HDR_SIZE) { + VHOST_LOG_CONFIG(ERR, "Unexpected header size read\n"); + close_msg_fds(msg); + return -1; + } if (msg->size) { if (msg->size > sizeof(msg->payload)) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "invalid msg size: %d\n", msg->size); return -1; } @@ -2326,7 +2480,7 @@ read_vhost_message(int sockfd, struct VhostUserMsg *msg) if (ret <= 0) return ret; if (ret != (int)msg->size) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "read control message failed\n"); return -1; } @@ -2381,7 +2535,7 @@ static int vhost_user_check_and_alloc_queue_pair(struct virtio_net *dev, struct VhostUserMsg *msg) { - uint16_t vring_idx; + uint32_t vring_idx; switch (msg->request.master) { case VHOST_USER_SET_VRING_KICK: @@ -2402,7 +2556,7 @@ vhost_user_check_and_alloc_queue_pair(struct virtio_net *dev, } if (vring_idx >= VHOST_MAX_VRING) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "invalid vring index: %u\n", vring_idx); return -1; } @@ -2453,7 +2607,6 @@ vhost_user_msg_handler(int vid, int fd) struct virtio_net *dev; struct VhostUserMsg msg; struct rte_vdpa_device *vdpa_dev; - int did = -1; int ret; int unlock_required = 0; bool handled; @@ -2466,7 +2619,7 @@ vhost_user_msg_handler(int vid, int fd) if (!dev->notify_ops) { dev->notify_ops = vhost_driver_callback_get(dev->ifname); if (!dev->notify_ops) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "failed to get callback ops for driver %s\n", dev->ifname); return -1; @@ -2476,10 +2629,10 @@ vhost_user_msg_handler(int vid, int fd) ret = read_vhost_message(fd, &msg); if (ret <= 0) { if (ret < 0) - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "vhost read message failed\n"); else - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "vhost peer closed\n"); return -1; @@ -2490,18 +2643,18 @@ vhost_user_msg_handler(int vid, int fd) if (request > VHOST_USER_NONE && request < VHOST_USER_MAX && vhost_message_str[request]) { if (request != VHOST_USER_IOTLB_MSG) - RTE_LOG(INFO, VHOST_CONFIG, "read message %s\n", + VHOST_LOG_CONFIG(INFO, "read message %s\n", vhost_message_str[request]); else - RTE_LOG(DEBUG, VHOST_CONFIG, "read message %s\n", + VHOST_LOG_CONFIG(DEBUG, "read message %s\n", vhost_message_str[request]); } else { - RTE_LOG(DEBUG, VHOST_CONFIG, "External request %d\n", request); + VHOST_LOG_CONFIG(DEBUG, "External request %d\n", request); } ret = vhost_user_check_and_alloc_queue_pair(dev, &msg); if (ret < 0) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "failed to alloc queue\n"); return -1; } @@ -2563,19 +2716,19 @@ vhost_user_msg_handler(int vid, int fd) switch (ret) { case RTE_VHOST_MSG_RESULT_ERR: - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "Processing %s failed.\n", vhost_message_str[request]); handled = true; break; case RTE_VHOST_MSG_RESULT_OK: - RTE_LOG(DEBUG, VHOST_CONFIG, + VHOST_LOG_CONFIG(DEBUG, "Processing %s succeeded.\n", vhost_message_str[request]); handled = true; break; case RTE_VHOST_MSG_RESULT_REPLY: - RTE_LOG(DEBUG, VHOST_CONFIG, + VHOST_LOG_CONFIG(DEBUG, "Processing %s succeeded and needs reply.\n", vhost_message_str[request]); send_vhost_reply(fd, &msg); @@ -2609,8 +2762,9 @@ skip_to_post_handle: /* If message was not handled at this stage, treat it as an error */ if (!handled) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "vhost message (req: %d) was not handled.\n", request); + close_msg_fds(&msg); ret = RTE_VHOST_MSG_RESULT_ERR; } @@ -2625,7 +2779,7 @@ skip_to_post_handle: msg.fd_num = 0; send_vhost_reply(fd, &msg); } else if (ret == RTE_VHOST_MSG_RESULT_ERR) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "vhost message handling failed.\n"); return -1; } @@ -2635,7 +2789,7 @@ skip_to_post_handle: if (!(dev->flags & VIRTIO_DEV_RUNNING)) { if (dev->dequeue_zero_copy) { - RTE_LOG(INFO, VHOST_CONFIG, + VHOST_LOG_CONFIG(INFO, "dequeue zero copy is enabled\n"); } @@ -2644,8 +2798,7 @@ skip_to_post_handle: } } - did = dev->vdpa_dev_id; - vdpa_dev = rte_vdpa_get_device(did); + vdpa_dev = dev->vdpa_dev; if (vdpa_dev && virtio_is_ready(dev) && !(dev->flags & VIRTIO_DEV_VDPA_CONFIGURED) && msg.request.master == VHOST_USER_SET_VRING_CALL) { @@ -2666,13 +2819,21 @@ static int process_slave_message_reply(struct virtio_net *dev, if ((msg->flags & VHOST_USER_NEED_REPLY) == 0) return 0; - if (read_vhost_message(dev->slave_req_fd, &msg_reply) < 0) { + ret = read_vhost_message(dev->slave_req_fd, &msg_reply); + if (ret <= 0) { + if (ret < 0) + VHOST_LOG_CONFIG(ERR, + "vhost read slave message reply failed\n"); + else + VHOST_LOG_CONFIG(INFO, + "vhost peer closed\n"); ret = -1; goto out; } + ret = 0; if (msg_reply.request.slave != msg->request.slave) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "Received unexpected msg type (%u), expected %u\n", msg_reply.request.slave, msg->request.slave); ret = -1; @@ -2703,7 +2864,7 @@ vhost_user_iotlb_miss(struct virtio_net *dev, uint64_t iova, uint8_t perm) ret = send_vhost_message(dev->slave_req_fd, &msg); if (ret < 0) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "Failed to send IOTLB miss message (%d)\n", ret); return ret; @@ -2712,6 +2873,42 @@ vhost_user_iotlb_miss(struct virtio_net *dev, uint64_t iova, uint8_t perm) return 0; } +static int +vhost_user_slave_config_change(struct virtio_net *dev, bool need_reply) +{ + int ret; + struct VhostUserMsg msg = { + .request.slave = VHOST_USER_SLAVE_CONFIG_CHANGE_MSG, + .flags = VHOST_USER_VERSION, + .size = 0, + }; + + if (need_reply) + msg.flags |= VHOST_USER_NEED_REPLY; + + ret = send_vhost_slave_message(dev, &msg); + if (ret < 0) { + VHOST_LOG_CONFIG(ERR, + "Failed to send config change (%d)\n", + ret); + return ret; + } + + return process_slave_message_reply(dev, &msg); +} + +int +rte_vhost_slave_config_change(int vid, bool need_reply) +{ + struct virtio_net *dev; + + dev = get_device(vid); + if (!dev) + return -ENODEV; + + return vhost_user_slave_config_change(dev, need_reply); +} + static int vhost_user_slave_set_vring_host_notifier(struct virtio_net *dev, int index, int fd, uint64_t offset, @@ -2738,7 +2935,7 @@ static int vhost_user_slave_set_vring_host_notifier(struct virtio_net *dev, ret = send_vhost_slave_message(dev, &msg); if (ret < 0) { - RTE_LOG(ERR, VHOST_CONFIG, + VHOST_LOG_CONFIG(ERR, "Failed to set host notifier (%d)\n", ret); return ret; } @@ -2750,7 +2947,7 @@ int rte_vhost_host_notifier_ctrl(int vid, bool enable) { struct virtio_net *dev; struct rte_vdpa_device *vdpa_dev; - int vfio_device_fd, did, ret = 0; + int vfio_device_fd, ret = 0; uint64_t offset, size; unsigned int i; @@ -2758,9 +2955,9 @@ int rte_vhost_host_notifier_ctrl(int vid, bool enable) if (!dev) return -ENODEV; - did = dev->vdpa_dev_id; - if (did < 0) - return -EINVAL; + vdpa_dev = dev->vdpa_dev; + if (vdpa_dev == NULL) + return -ENODEV; if (!(dev->features & (1ULL << VIRTIO_F_VERSION_1)) || !(dev->features & (1ULL << VHOST_USER_F_PROTOCOL_FEATURES)) || @@ -2772,10 +2969,6 @@ int rte_vhost_host_notifier_ctrl(int vid, bool enable) (1ULL << VHOST_USER_PROTOCOL_F_HOST_NOTIFIER))) return -ENOTSUP; - vdpa_dev = rte_vdpa_get_device(did); - if (!vdpa_dev) - return -ENODEV; - RTE_FUNC_PTR_OR_ERR_RET(vdpa_dev->ops->get_vfio_device_fd, -ENOTSUP); RTE_FUNC_PTR_OR_ERR_RET(vdpa_dev->ops->get_notify_area, -ENOTSUP);