- 10 9月, 2016 11 次提交
-
-
由 Stefan Hajnoczi 提交于
Implement the new virtio sockets device for host<->guest communication using the Sockets API. Most of the work is done in a vhost kernel driver so that virtio-vsock can hook into the AF_VSOCK address family. The QEMU vhost-vsock device handles configuration and live migration while the rx/tx happens in the vhost_vsock.ko Linux kernel driver. The vsock device must be given a CID (host-wide unique address): # qemu -device vhost-vsock-pci,id=vhost-vsock-pci0,guest-cid=3 ... For more information see: http://qemu-project.org/Features/VirtioVsock [Endianness fixes and virtio-ccw support by Claudio Imbrenda <imbrenda@linux.vnet.ibm.com>] Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com> [mst: rebase to master] Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Michael S. Tsirkin 提交于
!legacy && !modern is shorter than !(legacy || modern). I also perfer this (less ()s) as a matter of taste. Cc: Greg Kurz <gkurz@linux.vnet.ibm.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Jason Wang 提交于
We used to set vring call fd unconditionally even if guest driver does not use MSIX for this vritqueue at all. This will cause lots of unnecessary userspace access and other checks for drivers does not use interrupt at all (e.g virtio-net pmd). So check and clean vring call fd if guest does not use any vector for this virtqueue at all. Perf diffs (on rx) shows lots of cpus wasted on vhost_signal() were saved: # 28.12% -27.82% [vhost] [k] vhost_signal 14.44% -1.69% [kernel.vmlinux] [k] copy_user_generic_string 7.05% +1.53% [kernel.vmlinux] [k] __free_page_frag 6.51% +5.53% [vhost] [k] vhost_get_vq_desc ... Pktgen tests shows 15.8% improvement on rx pps and 6.5% on tx pps. Before: RX 2.08Mpps TX 1.35Mpps After: RX 2.41Mpps TX 1.44Mpps Signed-off-by: NJason Wang <jasowang@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Greg Kurz 提交于
Without presuming if we got there because of a user mistake or some more subtle bug in the tooling, it really does not make sense to implement a non-functional device. Signed-off-by: NGreg Kurz <gkurz@linux.vnet.ibm.com> Reviewed-by: NMarcel Apfelbaum <marcel@redhat.com> Reviewed-by: NCornelia Huck <cornelia.huck@de.ibm.com> Signed-off-by: NGreg Kurz <groug@kaod.org> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Ladi Prosek 提交于
The statistics virtqueue is not migrated properly because virtio-balloon does not include s->stats_vq_elem in the migration stream. After migration the statistics virtqueue hangs because the host never completes the last element (s->stats_vq_elem is NULL on the destination QEMU). Therefore the guest never submits new elements and the virtqueue is hung. Instead of changing the migration stream format in an incompatible way, detect the migration case and rewind the virtqueue so the last element can be completed. Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Roman Kagan <rkagan@virtuozzo.com> Cc: Stefan Hajnoczi <stefanha@redhat.com> Suggested-by: NRoman Kagan <rkagan@virtuozzo.com> Signed-off-by: NLadi Prosek <lprosek@redhat.com> Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Stefan Hajnoczi 提交于
virtqueue_discard() requires a VirtQueueElement but virtio-balloon does not migrate its in-use element. Introduce a new function that is similar to virtqueue_discard() but doesn't require a VirtQueueElement. This will allow virtio-balloon to access element again after migration with the usual proviso that the guest may have modified the vring since last time. Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Roman Kagan <rkagan@virtuozzo.com> Cc: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: NLadi Prosek <lprosek@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Ladi Prosek 提交于
The one pending element is being freed but not discarded on device reset, which causes svq->inuse to creep up, eventually hitting the "Virtqueue size exceeded" error. Properly discarding the element on device reset makes sure that its buffers are unmapped and the inuse counter stays balanced. Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Roman Kagan <rkagan@virtuozzo.com> Cc: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: NLadi Prosek <lprosek@redhat.com> Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Stefan Hajnoczi 提交于
vq->inuse must be zeroed upon device reset like most other virtqueue fields. In theory, virtio_reset() just needs assert(vq->inuse == 0) since devices must clean up in-flight requests during reset (requests cannot not be leaked!). In practice, it is difficult to achieve vq->inuse == 0 across reset because balloon, blk, 9p, etc implement various different strategies for cleaning up requests. Most devices call g_free(elem) directly without telling virtio.c that the VirtQueueElement is cleaned up. Therefore vq->inuse is not decremented during reset. This patch zeroes vq->inuse and trusts that devices are not leaking VirtQueueElements across reset. I will send a follow-up series that refactors request life-cycle across all devices and converts vq->inuse = 0 into assert(vq->inuse == 0) but this more invasive approach is not appropriate for stable trees. Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com> Cc: qemu-stable <qemu-stable@nongnu.org> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com> Reviewed-by: NLadi Prosek <lprosek@redhat.com>
-
由 Marcel Apfelbaum 提交于
Currently each VQ Notification Virtio Capability is allocated on a different page. The idea is to enable split drivers within guests, however there are no known plans to do that. The allocation will result in a 8MB BAR, more than various guest firmwares pre-allocates for PCI Bridges hotplug process. Reserve 4 bytes per VQ by default and add a new parameter "page-per-vq" to be used with split drivers. Signed-off-by: NMarcel Apfelbaum <marcel@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Michael S. Tsirkin 提交于
PIO MR registration should use size from the correct notify struct. Doesn't affect any visible behaviour because the field values are the same (both are 4). Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Thomas Huth 提交于
event_notifier_init() can fail in real life, for example when there are not enough open file handles available (EMFILE) when using a lot of devices. So instead of leaving the average user with a cryptic error number only, print out a proper error message with strerror() instead, so that the user has a better way to figure out what is going on and that using "ulimit -n" might help here for example. Signed-off-by: NThomas Huth <thuth@redhat.com> Reviewed-by: NEric Blake <eblake@redhat.com> Reviewed-by: NCornelia Huck <cornelia.huck@de.ibm.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
- 24 8月, 2016 2 次提交
-
-
由 Stefan Hajnoczi 提交于
virtqueue_discard() moves vq->last_avail_idx back so the element can be popped again. It's necessary to decrement vq->inuse to avoid "leaking" the element count. Cc: qemu-stable@nongnu.org Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Reviewed-by: NCornelia Huck <cornelia.huck@de.ibm.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Stefan Hajnoczi 提交于
The vq->inuse field is not migrated. Many devices don't hold VirtQueueElements across migration so it doesn't matter that vq->inuse starts at 0 on the destination QEMU. At least virtio-serial, virtio-blk, and virtio-balloon migrate while holding VirtQueueElements. For these devices we need to recalculate vq->inuse upon load so the value is correct. Cc: qemu-stable@nongnu.org Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Reviewed-by: NCornelia Huck <cornelia.huck@de.ibm.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
- 15 8月, 2016 1 次提交
-
-
由 Michael S. Tsirkin 提交于
This reverts commit 28ed5ef1. I still think it's the right thing to do, but tests have been failing sporadically. Revert for now, and hope to fix it before the release. Cc: Prerna Saxena <prerna.saxena@nutanix.com> Cc: Peter Maydell <peter.maydell@linaro.org> Cc: Marc-André Lureau <mlureau@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com> Message-id: 1471268075-3425-1-git-send-email-mst@redhat.com Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
- 12 8月, 2016 1 次提交
-
-
由 Laurent Vivier 提交于
Documentation is docs/tracing.txt instead of docs/trace-events.txt. find . -name trace-events -exec \ sed -i "s?See docs/trace-events.txt for syntax documentation.?See docs/tracing.txt for syntax documentation.?" \ {} \; Signed-off-by: NLaurent Vivier <lvivier@redhat.com> Message-id: 1470669081-17860-1-git-send-email-lvivier@redhat.com Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>
-
- 10 8月, 2016 2 次提交
-
-
由 Prerna Saxena 提交于
The set_mem_table command currently does not seek a reply. Hence, there is no easy way for a remote application to notify to QEMU when it finished setting up memory, or if there were errors doing so. As an example: (1) Qemu sends a SET_MEM_TABLE to the backend (eg, a vhost-user net application). SET_MEM_TABLE does not require a reply according to the spec. (2) Qemu commits the memory to the guest. (3) Guest issues an I/O operation over a new memory region which was configured on (1). (4) The application has not yet remapped the memory, but it sees the I/O request. (5) The application cannot satisfy the request because it does not know about those GPAs. While a guaranteed fix would require a protocol extension (committed separately), a best-effort workaround for existing applications is to send a GET_FEATURES message before completing the vhost_user_set_mem_table() call. Since GET_FEATURES requires a reply, an application that processes vhost-user messages synchronously would probably have completed the SET_MEM_TABLE before replying. Signed-off-by: NPrerna Saxena <prerna.saxena@nutanix.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Prerna Saxena 提交于
This introduces the VHOST_USER_PROTOCOL_F_REPLY_ACK. If negotiated, client applications should send a u64 payload in response to any message that contains the "need_reply" bit set on the message flags. Setting the payload to "zero" indicates the command finished successfully. Likewise, setting it to "non-zero" indicates an error. Currently implemented only for SET_MEM_TABLE. Reviewed-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: NPrerna Saxena <prerna.saxena@nutanix.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
- 29 7月, 2016 18 次提交
-
-
由 Marc-André Lureau 提交于
The state.num value will probably be 0 in this case, but that doesn't make sense to update. Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Marc-André Lureau 提交于
Not all vhost-user backends support ops->vhost_net_set_backend(). It is a nicer to provide an assert/error than to crash trying to call. Furthermore, it improves a bit the code by hiding vhost_ops details. Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Marc-André Lureau 提交于
Similar to vhost_user_read() error report, it is useful to have early error report. Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Marc-André Lureau 提交于
All these functions must be called only after the backend is connected. They are called from virtio-net.c, after either virtio or link status change. The check for nc->peer->link_down should ensure vhost_net_{start,stop}() are always called between vhost_user_{start,stop}(). Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Marc-André Lureau 提交于
The vhost-user code is quite inconsistent with error handling. Instead of ignoring some return values of read/write and silently going on with invalid state (invalid read for example), break the code flow when the error happened. Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Marc-André Lureau 提交于
Check qemu_chr_fe_set_msgfds() for errors, to make sure the message to be sent is correct. Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Marc-André Lureau 提交于
It is fine to call set_msgfds() with 0 fd, and ensures any previous fd array is cleared. Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Marc-André Lureau 提交于
Let's use qemu proper error reporting API, this ensures the error is reported at the right place (stderr or monitor), with a conventional format. Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Marc-André Lureau 提交于
Add missing VHOST_OPS_DEBUG() logs, for completeness. Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Marc-André Lureau 提交于
Calling a vhost operation may fail, for example with disconnected vhost-user backend, but qemu shouldn't abort in this case. Log an error instead, except on error and cleanup code paths where it can be mostly ignored. Let's use a VHOST_OPS_DEBUG macro to easily disable those messages once disconnected backend stabilizes. Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Marc-André Lureau 提交于
vhost_net_init() calls vhost_dev_init() and in case of failure, calls vhost_dev_cleanup() directly. However, the structure is already partially cleaned on error. Calling vhost_dev_cleanup() again will call vhost_virtqueue_cleanup() on already clean queues, and causing potential double-close. Instead, adjust dev->nvqs and simplify vhost_dev_init() code to not call vhost_virtqueue_cleanup() but vhost_dev_cleanup() instead. Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: NIlya Maximets <i.maximets@samsung.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Marc-André Lureau 提交于
It is called on multiple code path, so make it safe to call several times (note: I don't remember a reproducer here, but a function called 'cleanup' should probably be idempotent in my book) Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Marc-André Lureau 提交于
If vhost_dev_init() failed, caller may still call vhost_dev_cleanup() later. However, vhost_dev_cleanup() tries to remove the device from the list even if it wasn't yet added, which may lead to crashes. Similarly for the memory listener. Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Marc-André Lureau 提交于
Make sure the log was released on cleanup, or it will leak (the alternative is to call vhost_log_put() unconditionally, but it may hide some dev state issues). Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Marc-André Lureau 提交于
Although not strictly required, it is nice to have vhost_log_put() safely callable multiple times. Clear dev->log* when calling vhost_log_put() to make the function idempotent. This also simplifies a bit the caller work. Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Marc-André Lureau 提交于
vhost-dev opaque isn't necessarily an fd, it can be a chardev when using vhost-user. Goto fail, so vhost_backend_cleanup() is called to handle backend cleanup appropriately. vhost_set_backend_type() should never fail, use an assert(). Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Prasad J Pandit 提交于
virtio back end uses set of buffers to facilitate I/O operations. An infinite loop unfolds in virtqueue_pop() if a buffer was of zero size. Add check to avoid it. Reported-by: NLi Qiang <liqiang6-s@360.cn> Signed-off-by: NPrasad J Pandit <pjp@fedoraproject.org> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com> Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com>
-
由 Marcel Apfelbaum 提交于
Enable transitional virtio devices by default. Enable virtio-1.0 for devices plugged into PCIe ports (Root ports or Downstream ports). Using the virtio-1 mode will remove the limitation of the number of devices that can be attached to a machine by removing the need for the IO BAR. Signed-off-by: NMarcel Apfelbaum <marcel@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com> Reviewed-by: NCornelia Huck <cornelia.huck@de.ibm.com>
-
- 27 7月, 2016 1 次提交
-
-
由 Stefan Hajnoczi 提交于
A broken or malicious guest can submit more requests than the virtqueue size permits, causing unbounded memory allocation in QEMU. The guest can submit requests without bothering to wait for completion and is therefore not bound by virtqueue size. This requires reusing vring descriptors in more than one request, which is not allowed by the VIRTIO 1.0 specification. In "3.2.1 Supplying Buffers to The Device", the VIRTIO 1.0 specification says: 1. The driver places the buffer into free descriptor(s) in the descriptor table, chaining as necessary and Note that the above code does not take precautions against the available ring buffer wrapping around: this is not possible since the ring buffer is the same size as the descriptor table, so step (1) will prevent such a condition. This implies that placing more buffers into the virtqueue than the descriptor table size is not allowed. QEMU is missing the check to prevent this case. Processing a request allocates a VirtQueueElement leading to unbounded memory allocation controlled by the guest. Exit with an error if the guest provides more requests than the virtqueue size permits. This bounds memory allocation and makes the buggy guest visible to the user. This patch fixes CVE-2016-5403 and was reported by Zhenhao Hong from 360 Marvel Team, China. Reported-by: NZhenhao Hong <hongzhenhao@360.cn> Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>
-
- 22 7月, 2016 4 次提交
-
-
由 Dr. David Alan Gilbert 提交于
Forcibly convert it to a vmstate wrapper; proper conversion comes later. Signed-off-by: NDr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: NCornelia Huck <cornelia.huck@de.ibm.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Dr. David Alan Gilbert 提交于
Forcibly convert it to a vmstate wrapper; proper conversion comes later. Signed-off-by: NDr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: NCornelia Huck <cornelia.huck@de.ibm.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Dr. David Alan Gilbert 提交于
To make conversion of virtio devices to VMState simple at first add a helper function for the simple virtio_save case and a helper macro that defines the VMState structure. These will probably go away or change as more of the virtio code gets converted. Signed-off-by: NDr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: NCornelia Huck <cornelia.huck@de.ibm.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
-
由 Fam Zheng 提交于
Using this function instead of virtio_add_queue marks the vq as aio based. This differentiation will be useful in later patches. Distinguish between virtqueue processing in the iohandler context and main loop AioContext. iohandler context is isolated from AioContexts and therefore does not run during aio_poll(). Signed-off-by: NFam Zheng <famz@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com> Reviewed-by: NCornelia Huck <cornelia.huck@de.ibm.com> Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com> Acked-by: NPaolo Bonzini <pbonzini@redhat.com>
-