Message ID | 147824876249.27553.6482791862079905682.stgit@bahia |
---|---|
State | New |
Headers | show |
On Fri, 04 Nov 2016 09:39:22 +0100 Greg Kurz <groug@kaod.org> wrote: > The legacy vring layout is not used anymore. "as we use separate mappings even for legacy devices." ? Otherwise, this may confuse the casual reader into thinking legacy is not supported anymore. > This patch simply removes it. > > This also fixes a bug with virtio 1 devices when the vring descriptor table > is mapped at a higher address than the used vring because the following > function may return an insanely great value: > > hwaddr virtio_queue_get_ring_size(VirtIODevice *vdev, int n) > { > return vdev->vq[n].vring.used - vdev->vq[n].vring.desc + > virtio_queue_get_used_size(vdev, n); > } > > and the mapping fails. > > Signed-off-by: Greg Kurz <groug@kaod.org> > --- > hw/virtio/vhost.c | 13 ------------- > include/hw/virtio/vhost.h | 3 --- > 2 files changed, 16 deletions(-) Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
On Fri, 4 Nov 2016 10:40:44 +0100 Cornelia Huck <cornelia.huck@de.ibm.com> wrote: > On Fri, 04 Nov 2016 09:39:22 +0100 > Greg Kurz <groug@kaod.org> wrote: > > > The legacy vring layout is not used anymore. > > "as we use separate mappings even for legacy devices." ? > > Otherwise, this may confuse the casual reader into thinking legacy is > not supported anymore. > Yeah you're right. I'll add this too. > > This patch simply removes it. > > > > This also fixes a bug with virtio 1 devices when the vring descriptor table > > is mapped at a higher address than the used vring because the following > > function may return an insanely great value: > > > > hwaddr virtio_queue_get_ring_size(VirtIODevice *vdev, int n) > > { > > return vdev->vq[n].vring.used - vdev->vq[n].vring.desc + > > virtio_queue_get_used_size(vdev, n); > > } > > > > and the mapping fails. > > > > Signed-off-by: Greg Kurz <groug@kaod.org> > > --- > > hw/virtio/vhost.c | 13 ------------- > > include/hw/virtio/vhost.h | 3 --- > > 2 files changed, 16 deletions(-) > > Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com> >
diff --git a/hw/virtio/vhost.c b/hw/virtio/vhost.c index 10133f12ebba..9fa81c9b65cb 100644 --- a/hw/virtio/vhost.c +++ b/hw/virtio/vhost.c @@ -923,14 +923,6 @@ static int vhost_virtqueue_start(struct vhost_dev *dev, goto fail_alloc_used; } - vq->ring_size = s = l = virtio_queue_get_ring_size(vdev, idx); - vq->ring_phys = a = virtio_queue_get_ring_addr(vdev, idx); - vq->ring = cpu_physical_memory_map(a, &l, 1); - if (!vq->ring || l != s) { - r = -ENOMEM; - goto fail_alloc_ring; - } - r = vhost_virtqueue_set_addr(dev, vq, vhost_vq_index, dev->log_enabled); if (r < 0) { r = -errno; @@ -971,9 +963,6 @@ static int vhost_virtqueue_start(struct vhost_dev *dev, fail_vector: fail_kick: fail_alloc: - cpu_physical_memory_unmap(vq->ring, virtio_queue_get_ring_size(vdev, idx), - 0, 0); -fail_alloc_ring: cpu_physical_memory_unmap(vq->used, virtio_queue_get_used_size(vdev, idx), 0, 0); fail_alloc_used: @@ -1014,8 +1003,6 @@ static void vhost_virtqueue_stop(struct vhost_dev *dev, vhost_vq_index); } - cpu_physical_memory_unmap(vq->ring, virtio_queue_get_ring_size(vdev, idx), - 0, virtio_queue_get_ring_size(vdev, idx)); cpu_physical_memory_unmap(vq->used, virtio_queue_get_used_size(vdev, idx), 1, virtio_queue_get_used_size(vdev, idx)); cpu_physical_memory_unmap(vq->avail, virtio_queue_get_avail_size(vdev, idx), diff --git a/include/hw/virtio/vhost.h b/include/hw/virtio/vhost.h index 56b567f1997f..1fe5aadef5ce 100644 --- a/include/hw/virtio/vhost.h +++ b/include/hw/virtio/vhost.h @@ -20,9 +20,6 @@ struct vhost_virtqueue { unsigned avail_size; unsigned long long used_phys; unsigned used_size; - void *ring; - unsigned long long ring_phys; - unsigned ring_size; EventNotifier masked_notifier; };
The legacy vring layout is not used anymore. This patch simply removes it. This also fixes a bug with virtio 1 devices when the vring descriptor table is mapped at a higher address than the used vring because the following function may return an insanely great value: hwaddr virtio_queue_get_ring_size(VirtIODevice *vdev, int n) { return vdev->vq[n].vring.used - vdev->vq[n].vring.desc + virtio_queue_get_used_size(vdev, n); } and the mapping fails. Signed-off-by: Greg Kurz <groug@kaod.org> --- hw/virtio/vhost.c | 13 ------------- include/hw/virtio/vhost.h | 3 --- 2 files changed, 16 deletions(-)