On Mon, 18 Oct 2021 16:26:16 +0300
Yishai Hadas <yishaih@xxxxxxxxxx> wrote:
> On 10/18/2021 2:51 PM, Jason Gunthorpe wrote:
> > On Sun, Oct 17, 2021 at 05:03:28PM +0300, Yishai Hadas wrote:
> >> On 10/15/2021 11:59 PM, Alex Williamson wrote:
> >>> On Fri, 15 Oct 2021 17:16:54 -0300
> >>> Jason Gunthorpe <jgg@xxxxxxxxxx> wrote:
> >>>
> >>>> On Fri, Oct 15, 2021 at 02:12:01PM -0600, Alex Williamson wrote:
> >>>>> On Fri, 15 Oct 2021 16:59:37 -0300
> >>>>> Jason Gunthorpe <jgg@xxxxxxxxxx> wrote:
> >>>>>> On Fri, Oct 15, 2021 at 01:48:20PM -0600, Alex Williamson wrote:
> >>>>>>>> +static int mlx5vf_pci_set_device_state(struct mlx5vf_pci_core_device *mvdev,
> >>>>>>>> + u32 state)
> >>>>>>>> +{
> >>>>>>>> + struct mlx5vf_pci_migration_info *vmig = &mvdev->vmig;
> >>>>>>>> + u32 old_state = vmig->vfio_dev_state;
> >>>>>>>> + int ret = 0;
> >>>>>>>> +
> >>>>>>>> + if (vfio_is_state_invalid(state) || vfio_is_state_invalid(old_state))
> >>>>>>>> + return -EINVAL;
> >>>>>>> if (!VFIO_DEVICE_STATE_VALID(old_state) || !VFIO_DEVICE_STATE_VALID(state))
> >>>>>> AFAICT this macro doesn't do what is needed, eg
> >>>>>>
> >>>>>> VFIO_DEVICE_STATE_VALID(0xF000) == true
> >>>>>>
> >>>>>> What Yishai implemented is at least functionally correct - states this
> >>>>>> driver does not support are rejected.
> >>>>> if (!VFIO_DEVICE_STATE_VALID(old_state) || !VFIO_DEVICE_STATE_VALID(state)) || (state & ~VFIO_DEVICE_STATE_MASK))
> >>>>>
> >>>>> old_state is controlled by the driver and can never have random bits
> >>>>> set, user state should be sanitized to prevent setting undefined bits.
> >>>> In that instance let's just write
> >>>>
> >>>> old_state != VFIO_DEVICE_STATE_ERROR
> >>>>
> >>>> ?
> >>> Not quite, the user can't set either of the other invalid states
> >>> either.
> >>
> >> OK so let's go with below as you suggested.
> >> if (!VFIO_DEVICE_STATE_VALID(old_state) ||
> >> !VFIO_DEVICE_STATE_VALID(state) ||
> >> (state & ~VFIO_DEVICE_STATE_MASK))
> >>
> > This is my preference:
> >
> > if (vmig->vfio_dev_state != VFIO_DEVICE_STATE_ERROR ||
> > !vfio_device_state_valid(state) ||
> > (state & !MLX5VF_SUPPORTED_DEVICE_STATES))
> >
>
> OK, let's go with this approach which enforces what the driver supports
> as well.
>
> We may have the below post making it accurate and complete.
>
> enum {
> MLX5VF_SUPPORTED_DEVICE_STATES = VFIO_DEVICE_STATE_RUNNING |
> VFIO_DEVICE_STATE_SAVING |
> VFIO_DEVICE_STATE_RESUMING,
> };
>
> if (old_state == VFIO_DEVICE_STATE_ERROR ||
> !vfio_device_state_valid(state) ||
> (state & ~MLX5VF_SUPPORTED_DEVICE_STATES))
> return -EINVAL;
>
> >> diff --git a/include/linux/vfio.h b/include/linux/vfio.h
> >> index b53a9557884a..37376dadca5a 100644
> >> +++ b/include/linux/vfio.h
> >> @@ -15,6 +15,8 @@
> >> #include <linux/poll.h>
> >> #include <uapi/linux/vfio.h>
> >>
> >> +static const int VFIO_DEVICE_STATE_ERROR = VFIO_DEVICE_STATE_SAVING |
> >> + VFIO_DEVICE_STATE_RESUMING;
> > Do not put static variables in header files
> >
> > Jason
>
> OK, we can come with an enum instead.
>
> enum {
>
> VFIO_DEVICE_STATE_ERROR = VFIO_DEVICE_STATE_SAVING | VFIO_DEVICE_STATE_RESUMING,
>
> };
>
> Alex,
>
> Do you prefer to put it under include/uapi/vfio.h or that it can go
> under inlcude/linux/vfio.h for internal drivers usage ?
I don't understand why this wouldn't just be a continuation of the
#defines in the uapi header. Thanks,
Alex
