RE: [PATCH v2 1/6] mdev: Introduce sha1 based mdev alias

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




> -----Original Message-----
> From: Yunsheng Lin <linyunsheng@xxxxxxxxxx>
> Sent: Thursday, August 29, 2019 5:57 PM
> To: Parav Pandit <parav@xxxxxxxxxxxx>; alex.williamson@xxxxxxxxxx; Jiri
> Pirko <jiri@xxxxxxxxxxxx>; kwankhede@xxxxxxxxxx; cohuck@xxxxxxxxxx;
> davem@xxxxxxxxxxxxx
> Cc: kvm@xxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx;
> netdev@xxxxxxxxxxxxxxx
> Subject: Re: [PATCH v2 1/6] mdev: Introduce sha1 based mdev alias
> 
> On 2019/8/29 19:18, Parav Pandit wrote:
> > Some vendor drivers want an identifier for an mdev device that is
> > shorter than the UUID, due to length restrictions in the consumers of
> > that identifier.
> >
> > Add a callback that allows a vendor driver to request an alias of a
> > specified length to be generated for an mdev device. If generated,
> > that alias is checked for collisions.
> >
> > It is an optional attribute.
> > mdev alias is generated using sha1 from the mdev name.
> >
> > Signed-off-by: Parav Pandit <parav@xxxxxxxxxxxx>
> >
> > ---
> > Changelog:
> > v1->v2:
> >  - Kept mdev_device naturally aligned
> >  - Added error checking for crypt_*() calls
> >  - Corrected a typo from 'and' to 'an'
> >  - Changed return type of generate_alias() from int to char*
> > v0->v1:
> >  - Moved alias length check outside of the parent lock
> >  - Moved alias and digest allocation from kvzalloc to kzalloc
> >  - &alias[0] changed to alias
> >  - alias_length check is nested under get_alias_length callback check
> >  - Changed comments to start with an empty line
> >  - Fixed cleaunup of hash if mdev_bus_register() fails
> >  - Added comment where alias memory ownership is handed over to mdev
> > device
> >  - Updated commit log to indicate motivation for this feature
> > ---
> >  drivers/vfio/mdev/mdev_core.c    | 123
> ++++++++++++++++++++++++++++++-
> >  drivers/vfio/mdev/mdev_private.h |   5 +-
> >  drivers/vfio/mdev/mdev_sysfs.c   |  13 ++--
> >  include/linux/mdev.h             |   4 +
> >  4 files changed, 135 insertions(+), 10 deletions(-)
> >
> > diff --git a/drivers/vfio/mdev/mdev_core.c
> > b/drivers/vfio/mdev/mdev_core.c index b558d4cfd082..3bdff0469607
> > 100644
> > --- a/drivers/vfio/mdev/mdev_core.c
> > +++ b/drivers/vfio/mdev/mdev_core.c
> > @@ -10,9 +10,11 @@
> >  #include <linux/module.h>
> >  #include <linux/device.h>
> >  #include <linux/slab.h>
> > +#include <linux/mm.h>
> >  #include <linux/uuid.h>
> >  #include <linux/sysfs.h>
> >  #include <linux/mdev.h>
> > +#include <crypto/hash.h>
> >
> >  #include "mdev_private.h"
> >
> > @@ -27,6 +29,8 @@ static struct class_compat *mdev_bus_compat_class;
> > static LIST_HEAD(mdev_list);  static DEFINE_MUTEX(mdev_list_lock);
> >
> > +static struct crypto_shash *alias_hash;
> > +
> >  struct device *mdev_parent_dev(struct mdev_device *mdev)  {
> >  	return mdev->parent->dev;
> > @@ -150,6 +154,16 @@ int mdev_register_device(struct device *dev, const
> struct mdev_parent_ops *ops)
> >  	if (!ops || !ops->create || !ops->remove || !ops-
> >supported_type_groups)
> >  		return -EINVAL;
> >
> > +	if (ops->get_alias_length) {
> > +		unsigned int digest_size;
> > +		unsigned int aligned_len;
> > +
> > +		aligned_len = roundup(ops->get_alias_length(), 2);
> > +		digest_size = crypto_shash_digestsize(alias_hash);
> > +		if (aligned_len / 2 > digest_size)
> > +			return -EINVAL;
> > +	}
> > +
> >  	dev = get_device(dev);
> >  	if (!dev)
> >  		return -EINVAL;
> > @@ -259,6 +273,7 @@ static void mdev_device_free(struct mdev_device
> *mdev)
> >  	mutex_unlock(&mdev_list_lock);
> >
> >  	dev_dbg(&mdev->dev, "MDEV: destroying\n");
> > +	kfree(mdev->alias);
> >  	kfree(mdev);
> >  }
> >
> > @@ -269,18 +284,101 @@ static void mdev_device_release(struct device
> *dev)
> >  	mdev_device_free(mdev);
> >  }
> >
> > -int mdev_device_create(struct kobject *kobj,
> > -		       struct device *dev, const guid_t *uuid)
> > +static const char *
> > +generate_alias(const char *uuid, unsigned int max_alias_len) {
> > +	struct shash_desc *hash_desc;
> > +	unsigned int digest_size;
> > +	unsigned char *digest;
> > +	unsigned int alias_len;
> > +	char *alias;
> > +	int ret;
> > +
> > +	/*
> > +	 * Align to multiple of 2 as bin2hex will generate
> > +	 * even number of bytes.
> > +	 */
> > +	alias_len = roundup(max_alias_len, 2);
> > +	alias = kzalloc(alias_len + 1, GFP_KERNEL);
> 
> It seems the mtty_alias_length in mtty.c can be set from module parameter,
> and user can set a very large number, maybe limit the max of the alias_len
> before calling kzalloc?
This is already guarded in mdev_register_device().
User cannot request alias length bigger than the digest size of sha1 (which is 20 bytes).




[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux