[v12,11/21] migration: Create multifd packet

Message ID	20180425112723.1111-12-quintela@redhat.com
State	New
Headers	show Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> From: Juan Quintela <quintela@redhat.com> To: qemu-devel@nongnu.org Date: Wed, 25 Apr 2018 13:27:13 +0200 Message-Id: <20180425112723.1111-12-quintela@redhat.com> In-Reply-To: <20180425112723.1111-1-quintela@redhat.com> References: <20180425112723.1111-1-quintela@redhat.com> Subject: [Qemu-devel] [PATCH v12 11/21] migration: Create multifd packet Precedence: list Cc: lvivier@redhat.com, dgilbert@redhat.com, peterx@redhat.com Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>
Series	Multifd \| expand [v12,00/21] Multifd [v12,01/21] migration: Set error state in case of error [v12,02/21] migration: Introduce multifd_recv_new_channel() [v12,03/21] migration: terminate_* can be called for other threads [v12,04/21] migration: Be sure all recv channels are created [v12,05/21] migration: Export functions to create send channels [v12,06/21] migration: Create multifd channels [v12,07/21] migration: Delay start of migration main routines [v12,08/21] migration: Transmit initial package through the multifd channels [v12,09/21] migration: Define MultifdRecvParams sooner [v12,10/21] migration: Create multipage support [v12,11/21] migration: Create multifd packet [v12,12/21] migration: Add multifd traces for start/end thread [v12,13/21] migration: Calculate transferred ram correctly [v12,14/21] migration: Multifd channels always wait on the sem [v12,15/21] migration: Add block where to send/receive packets [v12,16/21] migration: Synchronize multifd threads with main thread [v12,17/21] migration: Create ram_multifd_page [v12,18/21] migration: Start sending messages [v12,19/21] migration: Wait for blocking IO [v12,20/21] migration: Remove not needed semaphore and quit [v12,21/21] migration: Stop sending whole pages through main channel

Juan Quintela April 25, 2018, 11:27 a.m. UTC

We still don't put anything there.

Signed-off-by: Juan Quintela <quintela@redhat.com>
---
 migration/ram.c | 137 +++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 136 insertions(+), 1 deletion(-)

Dr. David Alan Gilbert May 2, 2018, 6:04 p.m. UTC | #1

* Juan Quintela (quintela@redhat.com) wrote:
> We still don't put anything there.
> 
> Signed-off-by: Juan Quintela <quintela@redhat.com>
> ---
>  migration/ram.c | 137 +++++++++++++++++++++++++++++++++++++++++++++++-
>  1 file changed, 136 insertions(+), 1 deletion(-)
> 
> diff --git a/migration/ram.c b/migration/ram.c
> index b19300992e..804c83ed89 100644
> --- a/migration/ram.c
> +++ b/migration/ram.c
> @@ -412,6 +412,17 @@ typedef struct {
>      uint8_t id;
>  } __attribute__((packed)) MultiFDInit_t;
>  
> +typedef struct {
> +    uint32_t magic;
> +    uint32_t version;
> +    uint32_t flags;
> +    uint32_t size;
> +    uint32_t used;
> +    uint32_t seq;
> +    char ramblock[256];
> +    uint64_t offset[];
> +} __attribute__((packed)) MultiFDPacket_t;
> +
>  typedef struct {
>      /* number of used pages */
>      uint32_t used;
> @@ -446,6 +457,14 @@ typedef struct {
>      bool quit;
>      /* array of pages to sent */
>      MultiFDPages_t *pages;
> +    /* packet allocated len */
> +    uint32_t packet_len;
> +    /* pointer to the packet */
> +    MultiFDPacket_t *packet;
> +    /* multifd flags for each packet */
> +    uint32_t flags;
> +    /* global number of generated multifd packets */
> +    uint32_t seq;
>  }  MultiFDSendParams;
>  
>  typedef struct {
> @@ -468,6 +487,14 @@ typedef struct {
>      bool quit;
>      /* array of pages to receive */
>      MultiFDPages_t *pages;
> +    /* packet allocated len */
> +    uint32_t packet_len;
> +    /* pointer to the packet */
> +    MultiFDPacket_t *packet;
> +    /* multifd flags for each packet */
> +    uint32_t flags;
> +    /* global number of generated multifd packets */
> +    uint32_t seq;
>  } MultiFDRecvParams;
>  
>  static int multifd_send_initial_packet(MultiFDSendParams *p, Error **errp)
> @@ -552,6 +579,91 @@ static void multifd_pages_clear(MultiFDPages_t *pages)
>      g_free(pages);
>  }
>  
> +static void multifd_send_fill_packet(MultiFDSendParams *p)
> +{
> +    MultiFDPacket_t *packet = p->packet;
> +    int i;
> +
> +    packet->magic = cpu_to_be32(MULTIFD_MAGIC);
> +    packet->version = cpu_to_be32(MULTIFD_VERSION);
> +    packet->flags = cpu_to_be32(p->flags);
> +    packet->size = cpu_to_be32(migrate_multifd_page_count());
> +    packet->used = cpu_to_be32(p->pages->used);
> +    packet->seq = cpu_to_be32(p->seq);
> +
> +    if (p->pages->block) {
> +        strncpy(packet->ramblock, p->pages->block->idstr, 256);
> +    }
> +
> +    for (i = 0; i < p->pages->used; i++) {
> +        packet->offset[i] = cpu_to_be64(p->pages->offset[i]);
> +    }
> +}
> +
> +static int multifd_recv_unfill_packet(MultiFDRecvParams *p, Error **errp)
> +{
> +    MultiFDPacket_t *packet = p->packet;
> +    RAMBlock *block;
> +    int i;
> +
> +    /* ToDo: We can't use it until we haven't received a message */
> +    return 0;
> +
> +    be32_to_cpus(&packet->magic);
> +    if (packet->magic != MULTIFD_MAGIC) {
> +        error_setg(errp, "multifd: received packet "
> +                   "version %d and expected version %d",
> +                   packet->magic, MULTIFD_VERSION);

That's mixing magic and version. (Magic's as %x please)

> +        return -1;
> +    }
> +
> +    be32_to_cpus(&packet->version);
> +    if (packet->version != MULTIFD_VERSION) {
> +        error_setg(errp, "multifd: received packet "
> +                   "version %d and expected version %d",
> +                   packet->version, MULTIFD_VERSION);
> +        return -1;
> +    }
> +
> +    p->flags = be32_to_cpu(packet->flags);
> +
> +    be32_to_cpus(&packet->size);
> +    if (packet->size > migrate_multifd_page_count()) {
> +        error_setg(errp, "multifd: received packet "
> +                   "with size %d and expected maximum size %d",
> +                   packet->size, migrate_multifd_page_count()) ;
> +        return -1;
> +    }
> +
> +    p->pages->used = be32_to_cpu(packet->used);
> +    if (p->pages->used > packet->size) {
> +        error_setg(errp, "multifd: received packet "
> +                   "with size %d and expected maximum size %d",
> +                   p->pages->used, packet->size) ;
> +        return -1;
> +    }
> +
> +    p->seq = be32_to_cpu(packet->seq);
> +
> +    if (p->pages->used) {
> +        block = qemu_ram_block_by_name(packet->ramblock);

Do you need to ensure that packet->ramblock is a terminated string
first?

> +        if (!block) {
> +            error_setg(errp, "multifd: unknown ram block %s",
> +                       packet->ramblock);
> +            return -1;
> +        }
> +    }
> +
> +    for (i = 0; i < p->pages->used; i++) {
> +        ram_addr_t offset = be64_to_cpu(packet->offset[i]);
> +
> +        p->pages->iov[i].iov_base = block->host + offset;

I think that needs validating to ensure that the source didn't
send us junk and cause us to overwrite after the end of block->host

> +        p->pages->iov[i].iov_len = TARGET_PAGE_SIZE;
> +    }
> +
> +    return 0;
> +}
> +
>  struct {
>      MultiFDSendParams *params;
>      /* number of created threads */
> @@ -607,6 +719,9 @@ int multifd_save_cleanup(Error **errp)
>          p->name = NULL;
>          multifd_pages_clear(p->pages);
>          p->pages = NULL;
> +        p->packet_len = 0;
> +        g_free(p->packet);
> +        p->packet = NULL;
>      }
>      g_free(multifd_send_state->params);
>      multifd_send_state->params = NULL;
> @@ -628,6 +743,7 @@ static void *multifd_send_thread(void *opaque)
>  
>      while (true) {
>          qemu_mutex_lock(&p->mutex);
> +        multifd_send_fill_packet(p);
>          if (p->quit) {
>              qemu_mutex_unlock(&p->mutex);
>              break;
> @@ -692,6 +808,9 @@ int multifd_save_setup(void)
>          p->quit = false;
>          p->id = i;
>          multifd_pages_init(&p->pages, page_count);
> +        p->packet_len = sizeof(MultiFDPacket_t)
> +                      + sizeof(ram_addr_t) * page_count;
> +        p->packet = g_malloc0(p->packet_len);
>          p->name = g_strdup_printf("multifdsend_%d", i);
>          socket_send_channel_create(multifd_new_send_channel_async, p);
>      }
> @@ -751,6 +870,9 @@ int multifd_load_cleanup(Error **errp)
>          p->name = NULL;
>          multifd_pages_clear(p->pages);
>          p->pages = NULL;
> +        p->packet_len = 0;
> +        g_free(p->packet);
> +        p->packet = NULL;
>      }
>      g_free(multifd_recv_state->params);
>      multifd_recv_state->params = NULL;
> @@ -763,10 +885,20 @@ int multifd_load_cleanup(Error **errp)
>  static void *multifd_recv_thread(void *opaque)
>  {
>      MultiFDRecvParams *p = opaque;
> +    Error *local_err = NULL;
> +    int ret;
>  
>      while (true) {
>          qemu_mutex_lock(&p->mutex);
> -        if (p->quit) {
> +        if (false)  {
> +            /* ToDo: Packet reception goes here */
> +
> +            ret = multifd_recv_unfill_packet(p, &local_err);
> +            qemu_mutex_unlock(&p->mutex);
> +            if (ret) {
> +                break;
> +            }
> +        } else if (p->quit) {
>              qemu_mutex_unlock(&p->mutex);
>              break;
>          }
> @@ -803,6 +935,9 @@ int multifd_load_setup(void)
>          p->quit = false;
>          p->id = i;
>          multifd_pages_init(&p->pages, page_count);
> +        p->packet_len = sizeof(MultiFDPacket_t)
> +                      + sizeof(ram_addr_t) * page_count;
> +        p->packet = g_malloc0(p->packet_len);
>          p->name = g_strdup_printf("multifdrecv_%d", i);
>      }
>      return 0;
> -- 
> 2.17.0
> 
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK

Juan Quintela May 9, 2018, 11:09 a.m. UTC | #2

"Dr. David Alan Gilbert" <dgilbert@redhat.com> wrote:
> * Juan Quintela (quintela@redhat.com) wrote:
>> We still don't put anything there.
>> 
>> Signed-off-by: Juan Quintela <quintela@redhat.com>
>> ---
>>  migration/ram.c | 137 +++++++++++++++++++++++++++++++++++++++++++++++-
>>  1 file changed, 136 insertions(+), 1 deletion(-)
>> +    be32_to_cpus(&packet->magic);
>> +    if (packet->magic != MULTIFD_MAGIC) {
>> +        error_setg(errp, "multifd: received packet "
>> +                   "version %d and expected version %d",
>> +                   packet->magic, MULTIFD_VERSION);
>
> That's mixing magic and version. (Magic's as %x please)

Oops, fixed.


>> +    p->seq = be32_to_cpu(packet->seq);
>> +
>> +    if (p->pages->used) {
>> +        block = qemu_ram_block_by_name(packet->ramblock);
>
> Do you need to ensure that packet->ramblock is a terminated string
> first?

packet->ramblock[255] = 0;

>
>> +        if (!block) {
>> +            error_setg(errp, "multifd: unknown ram block %s",
>> +                       packet->ramblock);
>> +            return -1;
>> +        }
>> +    }
>> +
>> +    for (i = 0; i < p->pages->used; i++) {
>> +        ram_addr_t offset = be64_to_cpu(packet->offset[i]);
>> +
>> +        p->pages->iov[i].iov_base = block->host + offset;
>
> I think that needs validating to ensure that the source didn't
> send us junk and cause us to overwrite after the end of block->host

        if (offset > block->used_length) {
            error_setg(errp, "multifd: offest too long %" PRId64
                       " (max %" PRId64 ")",
                       offset, block->max_length);
            return -1;
        }
??

Thanks, Juan.

Dr. David Alan Gilbert May 9, 2018, 11:12 a.m. UTC | #3

* Juan Quintela (quintela@redhat.com) wrote:
> "Dr. David Alan Gilbert" <dgilbert@redhat.com> wrote:
> > * Juan Quintela (quintela@redhat.com) wrote:
> >> We still don't put anything there.
> >> 
> >> Signed-off-by: Juan Quintela <quintela@redhat.com>
> >> ---
> >>  migration/ram.c | 137 +++++++++++++++++++++++++++++++++++++++++++++++-
> >>  1 file changed, 136 insertions(+), 1 deletion(-)
> >> +    be32_to_cpus(&packet->magic);
> >> +    if (packet->magic != MULTIFD_MAGIC) {
> >> +        error_setg(errp, "multifd: received packet "
> >> +                   "version %d and expected version %d",
> >> +                   packet->magic, MULTIFD_VERSION);
> >
> > That's mixing magic and version. (Magic's as %x please)
> 
> Oops, fixed.
> 
> 
> >> +    p->seq = be32_to_cpu(packet->seq);
> >> +
> >> +    if (p->pages->used) {
> >> +        block = qemu_ram_block_by_name(packet->ramblock);
> >
> > Do you need to ensure that packet->ramblock is a terminated string
> > first?
> 
> packet->ramblock[255] = 0;
> 
> >
> >> +        if (!block) {
> >> +            error_setg(errp, "multifd: unknown ram block %s",
> >> +                       packet->ramblock);
> >> +            return -1;
> >> +        }
> >> +    }
> >> +
> >> +    for (i = 0; i < p->pages->used; i++) {
> >> +        ram_addr_t offset = be64_to_cpu(packet->offset[i]);
> >> +
> >> +        p->pages->iov[i].iov_base = block->host + offset;
> >
> > I think that needs validating to ensure that the source didn't
> > send us junk and cause us to overwrite after the end of block->host
> 
>         if (offset > block->used_length) {
>             error_setg(errp, "multifd: offest too long %" PRId64
>                        " (max %" PRId64 ")",
>                        offset, block->max_length);
>             return -1;
>         }
> ??

It's probably  (offset + TARGET_PAGE_SIZE) that needs checking
but it needs doing in a wrap-safe way.

Dave

> Thanks, Juan.
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK

Juan Quintela May 9, 2018, 7:46 p.m. UTC | #4

"Dr. David Alan Gilbert" <dgilbert@redhat.com> wrote:
> * Juan Quintela (quintela@redhat.com) wrote:
>> "Dr. David Alan Gilbert" <dgilbert@redhat.com> wrote:
>> > * Juan Quintela (quintela@redhat.com) wrote:
>> > I think that needs validating to ensure that the source didn't
>> > send us junk and cause us to overwrite after the end of block->host
>> 
>>         if (offset > block->used_length) {
>>             error_setg(errp, "multifd: offest too long %" PRId64
>>                        " (max %" PRId64 ")",
>>                        offset, block->max_length);
>>             return -1;
>>         }
>> ??
>
> It's probably  (offset + TARGET_PAGE_SIZE) that needs checking
> but it needs doing in a wrap-safe way.
>

        if ((offset + TARGET_PAGE_SIZE) < offset) {
            error_setg(errp, "multifd: offset %" PRId64 " wraps around"
                       " with offset: %" PRId64, offset, block->max_length);
            return -1;
        }
        if ((offset + TARGET_PAGE_SIZE) > block->used_length) {
            error_setg(errp, "multifd: offset too long %" PRId64
                       " (max %" PRId64 ")",
                       offset, block->max_length);
            return -1;
        }

Sometimes I wonder how is that we don't have

ramblock_contains_range(ramblock, start, size);

But well, c'est la vie.

Later, Juan.

Dr. David Alan Gilbert May 11, 2018, 4:36 p.m. UTC | #5

* Juan Quintela (quintela@redhat.com) wrote:
> "Dr. David Alan Gilbert" <dgilbert@redhat.com> wrote:
> > * Juan Quintela (quintela@redhat.com) wrote:
> >> "Dr. David Alan Gilbert" <dgilbert@redhat.com> wrote:
> >> > * Juan Quintela (quintela@redhat.com) wrote:
> >> > I think that needs validating to ensure that the source didn't
> >> > send us junk and cause us to overwrite after the end of block->host
> >> 
> >>         if (offset > block->used_length) {
> >>             error_setg(errp, "multifd: offest too long %" PRId64
> >>                        " (max %" PRId64 ")",
> >>                        offset, block->max_length);
> >>             return -1;
> >>         }
> >> ??
> >
> > It's probably  (offset + TARGET_PAGE_SIZE) that needs checking
> > but it needs doing in a wrap-safe way.
> >
> 
>         if ((offset + TARGET_PAGE_SIZE) < offset) {
>             error_setg(errp, "multifd: offset %" PRId64 " wraps around"
>                        " with offset: %" PRId64, offset, block->max_length);
>             return -1;
>         }
>         if ((offset + TARGET_PAGE_SIZE) > block->used_length) {
>             error_setg(errp, "multifd: offset too long %" PRId64
>                        " (max %" PRId64 ")",
>                        offset, block->max_length);
>             return -1;
>         }

How about:
   if (offset > (block->used_length - TARGET_PAGE_SIZE)) {
    ....
   }
  (*assuming that block->used_length is always at least a
TARGET_PAGE_SIZE ?)

Dave

> Sometimes I wonder how is that we don't have
> 
> ramblock_contains_range(ramblock, start, size);
> 
> But well, c'est la vie.
> 
> Later, Juan.
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK

[v12,11/21] migration: Create multifd packet

Commit Message

Comments

Patch