Re: [PATCH v3 1/1] s390: virtio: let arch accept devices without IOMMU feature

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 6 Jul 2020 15:37:37 +0200
Pierre Morel <pmorel@xxxxxxxxxxxxx> wrote:

> On 2020-07-02 15:03, Pierre Morel wrote:
> > 
> > 
> > On 2020-06-29 18:05, Cornelia Huck wrote:  
> >> On Mon, 29 Jun 2020 11:57:14 -0400
> >> "Michael S. Tsirkin" <mst@xxxxxxxxxx> wrote:
> >>  
> >>> On Wed, Jun 17, 2020 at 12:43:57PM +0200, Pierre Morel wrote:  
> >>>> An architecture protecting the guest memory against unauthorized host
> >>>> access may want to enforce VIRTIO I/O device protection through the
> >>>> use of VIRTIO_F_IOMMU_PLATFORM.
> >>>>
> >>>> Let's give a chance to the architecture to accept or not devices
> >>>> without VIRTIO_F_IOMMU_PLATFORM.
> >>>>
> >>>> Signed-off-by: Pierre Morel <pmorel@xxxxxxxxxxxxx>
> >>>> Acked-by: Jason Wang <jasowang@xxxxxxxxxx>
> >>>> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx>
> >>>> ---
> >>>>   arch/s390/mm/init.c     |  6 ++++++
> >>>>   drivers/virtio/virtio.c | 22 ++++++++++++++++++++++
> >>>>   include/linux/virtio.h  |  2 ++
> >>>>   3 files changed, 30 insertions(+)  
> >>  
> >>>> @@ -179,6 +194,13 @@ int virtio_finalize_features(struct 
> >>>> virtio_device *dev)
> >>>>       if (!virtio_has_feature(dev, VIRTIO_F_VERSION_1))
> >>>>           return 0;
> >>>> +    if (arch_needs_virtio_iommu_platform(dev) &&
> >>>> +        !virtio_has_feature(dev, VIRTIO_F_IOMMU_PLATFORM)) {
> >>>> +        dev_warn(&dev->dev,
> >>>> +             "virtio: device must provide VIRTIO_F_IOMMU_PLATFORM\n");
> >>>> +        return -ENODEV;
> >>>> +    }
> >>>> +
> >>>>       virtio_add_status(dev, VIRTIO_CONFIG_S_FEATURES_OK);
> >>>>       status = dev->config->get_status(dev);
> >>>>       if (!(status & VIRTIO_CONFIG_S_FEATURES_OK)) {  
> >>>
> >>> Well don't you need to check it *before* VIRTIO_F_VERSION_1, not after?  
> >>
> >> But it's only available with VERSION_1 anyway, isn't it? So it probably
> >> also needs to fail when this feature is needed if VERSION_1 has not been
> >> negotiated, I think.  
> 
> 
> would be something like:
> 
> -       if (!virtio_has_feature(dev, VIRTIO_F_VERSION_1))
> -               return 0;
> +       if (!virtio_has_feature(dev, VIRTIO_F_VERSION_1)) {
> +               ret = arch_accept_virtio_features(dev);
> +               if (ret)
> +                       dev_warn(&dev->dev,
> +                                "virtio: device must provide 
> VIRTIO_F_VERSION_1\n");
> +               return ret;
> +       }

That looks wrong; I think we want to validate in all cases. What about:

ret = arch_accept_virtio_features(dev); // this can include checking for
                                        // older or newer features
if (ret)
	// assume that the arch callback moaned already
	return ret;

if (!virtio_has_feature(dev, VIRTIO_F_VERSION_1))
	return 0;

// do the virtio-1 only FEATURES_OK dance

> 
> 
> just a thought on the function name:
> It becomes more general than just IOMMU_PLATFORM related.
> 
> What do you think of:
> 
> arch_accept_virtio_features()

Or maybe arch_validate_virtio_features()?

> 
> ?
> 
> Regards,
> Pierre
> 
> 





[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux