vdpa/vfe: Add new vdpa driver for virtual full emulation device #1
Conversation
Dont say virtio full emulation device. It is internal term. Just say virtio device.
Please correct all spelling mistakes.
|
drivers/vdpa/meson.build
Outdated
| @@ -9,6 +9,7 @@ drivers = [ | |||
| 'ifc', | |||
| 'mlx5', | |||
| 'sfc', | |||
| 'vfe', | |||
There was a problem hiding this comment.
instead of vfe all over, just say virtio
drivers/vdpa/vfe/meson.build
Outdated
| # Copyright(c) 2018 Intel Corporation | ||
|
|
||
| deps += 'vhost' | ||
| sources = files('vfe_vdpa.c','virtio.c','virtio_pci.c') |
There was a problem hiding this comment.
file name to be virtio_vdpa.c
drivers/vdpa/vfe/rte_vhost.h
Outdated
| */ | ||
|
|
||
| #ifndef _RTE_VHOST_H_ | ||
| #define _RTE_VHOST_H_ |
There was a problem hiding this comment.
this file should not be added. use the existing vhost header file.
There was a problem hiding this comment.
if we use existing vhost header file, there will be a lot of redefine.
because virtio_pci.h also define some virtio macro, and vhost header include linux header file which also define virtio macro.
In file included from ../drivers/vdpa/vfe/virtio_pci.h:15,
from ../drivers/vdpa/vfe/vfe_vdpa.c:23:
../drivers/vdpa/vfe/virtio.h:48: warning: "VIRTIO_F_IOMMU_PLATFORM" redefined
48 | #define VIRTIO_F_IOMMU_PLATFORM 33
|
In file included from /usr/include/linux/vhost_types.h:16,
from /usr/include/linux/vhost.h:14,
from ../drivers/vdpa/vfe/rte_vhost.h:26,
from ../drivers/vdpa/vfe/vfe_vdpa.c:17:
drivers/vdpa/vfe/vfe_vdpa.c
Outdated
| @@ -0,0 +1,1196 @@ | |||
| /* SPDX-License-Identifier: BSD-3-Clause | |||
| * Copyright 2019 Mellanox Technologies, Ltd | |||
There was a problem hiding this comment.
use the year 2022.
There is new copyright format of nvidia. use that one.
above copied is no longer allowed.
refer to some latest added dpdk pmd files and use that.
drivers/vdpa/vfe/vfe_vdpa.c
Outdated
| RTE_LOG_REGISTER(vfe_vdpa_logtype, pmd.vdpa.vfe, NOTICE); | ||
| #define DRV_LOG(level, fmt, args...) \ | ||
| rte_log(RTE_LOG_ ## level, vfe_vdpa_logtype, \ | ||
| "VFE %s(): " fmt "\n", __func__, ##args) |
There was a problem hiding this comment.
virtio_vdpa instead of VFE
drivers/vdpa/vfe/vfe_vdpa.c
Outdated
|
|
||
| do { | ||
| nbytes = read(rte_intr_fd_get(virtq->intr_handle), &buf, | ||
| 8); |
There was a problem hiding this comment.
all to be in single line for 80 characters
drivers/vdpa/vfe/vfe_vdpa.c
Outdated
| struct rte_intr_handle *intr_handle; | ||
| int retries = VFE_VDPA_INTR_RETRIES; | ||
|
|
||
|
|
There was a problem hiding this comment.
remove extra lines.
audit whole code and remove.
drivers/vdpa/vfe/vfe_vdpa.c
Outdated
| hw_vq = hw->vqs[index]; | ||
|
|
||
|
|
||
| if(enable==0) { |
drivers/vdpa/vfe/vfe_vdpa.c
Outdated
| int vid; | ||
| struct rte_vhost_vring vq; | ||
| uint64_t gpa; | ||
| struct virtio_hw *hw = NULL; |
There was a problem hiding this comment.
no need for null initialize
drivers/vdpa/vfe/vfe_vdpa.c
Outdated
|
|
||
| gpa = hva_to_gpa(vid, (uint64_t)(uintptr_t)vq.desc); | ||
| if (gpa == 0) { | ||
| DRV_LOG(ERR, "Fail to get GPA for descriptor ring."); |
In rte_vhost_driver_unregister which is called from vdpa-rpc thread,
vsocket should be removed from reconn_list again after remove vsocket
from conn_list. Because vhost_user_read_cb which is called in vhost-events
thread can add vsocket to reconn_list again.
When qemu close domain socket server, vhost_user_read_cb will be called
to clean up vhost device.
vsocket->path is NULL
#0 0x00007f07665834d1 in __strnlen_sse2 () from /lib64/libc.so.6
Mellanox#1 0x00007f076aee79da in vhost_user_add_connection (fd=160, vsocket=0x7f070406d160) at ../lib/vhost/socket.c:226
Mellanox#2 0x00007f076aee7d63 in vhost_user_client_reconnect (arg=<optimized out>) at ../lib/vhost/socket.c:481
Mellanox#3 0x00007f07668cbdd5 in start_thread () from /lib64/libpthread.so.0
Mellanox#4 0x00007f07665f4ead in clone () from /lib64/libc.so.6
RM: 3585558
Signed-off-by: Yajun Wu <yajunw@nvidia.com>
In rte_vhost_driver_unregister which is called from vdpa-rpc thread,
vsocket should be removed from reconn_list again after remove vsocket
from conn_list. Because vhost_user_read_cb which is called in vhost-events
thread can add vsocket to reconn_list again.
When qemu close domain socket server, vhost_user_read_cb will be called
to clean up vhost device.
vsocket->path is NULL
#0 0x00007f07665834d1 in __strnlen_sse2 () from /lib64/libc.so.6
#1 0x00007f076aee79da in vhost_user_add_connection (fd=160, vsocket=0x7f070406d160) at ../lib/vhost/socket.c:226
#2 0x00007f076aee7d63 in vhost_user_client_reconnect (arg=<optimized out>) at ../lib/vhost/socket.c:481
#3 0x00007f07668cbdd5 in start_thread () from /lib64/libpthread.so.0
#4 0x00007f07665f4ead in clone () from /lib64/libc.so.6
RM: 3585558
Signed-off-by: Yajun Wu <yajunw@nvidia.com>
[ upstream commit 1c80a40 ] The net/vhost pmd currently provides a -1 vid when disabling interrupt after a virtio port got disconnected. This can be caught when running with ASan. First, start dpdk-l3fwd-power in interrupt mode with a net/vhost port. $ ./build-clang/examples/dpdk-l3fwd-power -l0,1 --in-memory \ -a 0000:00:00.0 \ --vdev net_vhost0,iface=plop.sock,client=1\ -- \ -p 0x1 \ --interrupt-only \ --config '(0,0,1)' \ --parse-ptype 0 Then start testpmd with virtio-user. $ ./build-clang/app/dpdk-testpmd -l0,2 --single-file-segment --in-memory \ -a 0000:00:00.0 \ --vdev net_virtio_user0,path=plop.sock,server=1 \ -- \ -i Finally stop testpmd. ASan then splats in dpdk-l3fwd-power: ================================================================= ==3641005==ERROR: AddressSanitizer: global-buffer-overflow on address 0x000005ed0778 at pc 0x000001270f81 bp 0x7fddbd2eee20 sp 0x7fddbd2eee18 READ of size 8 at 0x000005ed0778 thread T2 #0 0x1270f80 in get_device .../lib/vhost/vhost.h:801:27 Mellanox#1 0x1270f80 in rte_vhost_get_vhost_vring .../lib/vhost/vhost.c:951:8 Mellanox#2 0x3ac95cb in eth_rxq_intr_disable .../drivers/net/vhost/rte_eth_vhost.c:647:8 Mellanox#3 0x170e0bf in rte_eth_dev_rx_intr_disable .../lib/ethdev/rte_ethdev.c:5443:25 Mellanox#4 0xf72ba7 in turn_on_off_intr .../examples/l3fwd-power/main.c:881:4 Mellanox#5 0xf71045 in main_intr_loop .../examples/l3fwd-power/main.c:1061:6 Mellanox#6 0x17f9292 in eal_thread_loop .../lib/eal/common/eal_common_thread.c:210:9 Mellanox#7 0x18373f5 in eal_worker_thread_loop .../lib/eal/linux/eal.c:915:2 Mellanox#8 0x7fddc16ae12c in start_thread (/lib64/libc.so.6+0x8b12c) (BuildId: 81daba31ee66dbd63efdc4252a872949d874d136) Mellanox#9 0x7fddc172fbbf in __GI___clone3 (/lib64/libc.so.6+0x10cbbf) (BuildId: 81daba31ee66dbd63efdc4252a872949d874d136) 0x000005ed0778 is located 8 bytes to the left of global variable 'vhost_devices' defined in '.../lib/vhost/vhost.c:24' (0x5ed0780) of size 8192 0x000005ed0778 is located 20 bytes to the right of global variable 'vhost_config_log_level' defined in '.../lib/vhost/vhost.c:2174' (0x5ed0760) of size 4 SUMMARY: AddressSanitizer: global-buffer-overflow .../lib/vhost/vhost.h:801:27 in get_device Shadow bytes around the buggy address: 0x000080bd2090: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 0x000080bd20a0: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 0x000080bd20b0: f9 f9 f9 f9 00 f9 f9 f9 00 f9 f9 f9 00 f9 f9 f9 0x000080bd20c0: 00 00 00 00 00 00 00 f9 f9 f9 f9 f9 04 f9 f9 f9 0x000080bd20d0: 00 00 00 00 00 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 =>0x000080bd20e0: 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 04 f9 f9[f9] 0x000080bd20f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x000080bd2100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x000080bd2110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x000080bd2120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x000080bd2130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb Thread T2 created by T0 here: #0 0xe98996 in __interceptor_pthread_create (.examples/dpdk-l3fwd-power+0xe98996) (BuildId: d0b984a3b0287b9e0f301b73426fa921aeecca3a) Mellanox#1 0x1836767 in eal_worker_thread_create .../lib/eal/linux/eal.c:952:6 Mellanox#2 0x1834b83 in rte_eal_init .../lib/eal/linux/eal.c:1257:9 Mellanox#3 0xf68902 in main .../examples/l3fwd-power/main.c:2496:8 Mellanox#4 0x7fddc164a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f) (BuildId: 81daba31ee66dbd63efdc4252a872949d874d136) ==3641005==ABORTING More generally, any application passing an incorrect vid would trigger such an OOB access. Fixes: 4796ad6 ("examples/vhost: import userspace vhost application") Signed-off-by: David Marchand <david.marchand@redhat.com> Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Virtio full emulation will have 2 driver in DPDK, one is oring eth
device driver, the other is vdpa driver. To distinguish this 2 dirver
add vdpa=1 in command,like "-a 0000:3d:00.2,vdpa=1"
This vdpa_vfe dirver only supoort 1 queue pair now.
Doorbell will use software relay if vfe notify area is not 4K aligned
Interrupt will map to callfd through vfio ioctl
VFE's Msix number should bigger than queue number. Interrupt map will
fail if Msix number is less.
Signed-off-by: Kailiang Zhou kailiangz@nvidia.com