Xen project Mailing List

Re: [PATCH v6 05/13] vpci: add hooks for PCI device assign/de-assign

To: Oleksandr Andrushchenko <Oleksandr_Andrushchenko@xxxxxxxx>

Date: Tue, 8 Feb 2022 10:44:00 +0100

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=x/PlDEaxR5PgelK5Hd/vp2HCNr0PMnCJSrPU49yxrmk=; b=cHpBau9iDK3F79CbtsVwdFnp3trR3CFNJWM7jZEayTdyKD7JD0xwQ3dWECqXWlx//r8CyWvc5p9c0a2SBYG4LIb0vhyS1f/AYwi+UKA5mDRHzQD1HXdqyo0pDxglGUiuLqRFZJMiFUKOzW6cxUTTAO45DADm31fgI2tjvOIa9hbYHGNmOo/jnz1BF47awdeevs6hNTJpYG0M2TJgy746DXQHCr5AUiIzcl27Twi4I9MXccnj09QP4l4YZOey9qfZNlH0dhFaT6eGKffpaOvR8DVkBTxLsBJrddsqClv5M2jrrAsOtmiIkBS2MYOq7yFLBDNs/Z/BR5bgQaFPQzIfZw==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=naN2hLllGouNeZZv1GAg1sXTbIxtXXxGPrBHs6O9hXamkPVX2d8KVAMhV/SsfmeD+UBH8uWRprHB7mj+roiJXGQKTjL/Tbc9Qmgh5+uJGVLnqQK0CwEEh/ttEy70TAoa8JVyi6NorNUxK9M4EE+SGtVp2AFvfroRgmSHomGCsqr/4lCPDnaP9hwQeHI+cNarWtdYWRhSXnrwi7TCHpZ5v1Gxx6nnDB2vBJeodV77ZFVvPoKSjzv9qSCQzEQ1M0Hs27DPEo8c+ki/SeiLRteNhXFiDQFEsrzzla9hdX9FWKhGfOJDvPEXC9eWYC7SiSwb0tg+Tq0l0ayRev13QGyMGg==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;

Cc: "julien@xxxxxxx" <julien@xxxxxxx>, "sstabellini@xxxxxxxxxx" <sstabellini@xxxxxxxxxx>, Oleksandr Tyshchenko <Oleksandr_Tyshchenko@xxxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Artem Mygaiev <Artem_Mygaiev@xxxxxxxx>, "andrew.cooper3@xxxxxxxxxx" <andrew.cooper3@xxxxxxxxxx>, "george.dunlap@xxxxxxxxxx" <george.dunlap@xxxxxxxxxx>, "paul@xxxxxxx" <paul@xxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Rahul Singh <rahul.singh@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, "roger.pau@xxxxxxxxxx" <roger.pau@xxxxxxxxxx>

Delivery-date: Tue, 08 Feb 2022 09:44:16 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 08.02.2022 10:27, Oleksandr Andrushchenko wrote: > On 08.02.22 11:13, Jan Beulich wrote: >> On 08.02.2022 09:32, Oleksandr Andrushchenko wrote: >>> On 07.02.22 18:28, Jan Beulich wrote: >>>> On 04.02.2022 07:34, Oleksandr Andrushchenko wrote: >>>>> @@ -1507,6 +1511,8 @@ static int assign_device(struct domain *d, u16 seg, >>>>> u8 bus, u8 devfn, u32 flag) >>>>> pci_to_dev(pdev), flag); >>>>> } >>>>> >>>>> + rc = vpci_assign_device(d, pdev); >>>>> + >>>>> done: >>>>> if ( rc ) >>>>> printk(XENLOG_G_WARNING "%pd: assign (%pp) failed (%d)\n", >>>> There's no attempt to undo anything in the case of getting back an >>>> error. ISTR this being deemed okay on the basis that the tool stack >>>> would then take whatever action, but whatever it is that is supposed >>>> to deal with errors here wants spelling out in the description. >>> Why? I don't change the previously expected decision and implementation >>> of the assign_device function: I use error paths as they were used before >>> for the existing code. So, I see no clear reason to stress that the existing >>> and new code relies on the toolstack >> Saying half a sentence on this is helping review. > Ok >> >>>> What's important is that no caller up the call tree may be left with >>>> the impression that the device is still owned by the original >>>> domain. With how you have it, the device is going to be owned by the >>>> new domain, but not really usable. >>> This is not true: vpci_assign_device will call vpci_deassign_device >>> internally if it fails. So, the device won't be assigned in this case >> No. The device is assigned to whatever pdev->domain holds. Calling >> vpci_deassign_device() there merely makes sure that the device will >> have _no_ vPCI data and hooks in place, rather than something >> partial. > So, this patch is only dealing with vpci assign/de-assign > And it rolls back what it did in case of a failure > It also returns rc in assign_device to signal it has failed > What else is expected from this patch?? Until now if assign_device() returns an error, this tells the caller that the device did not change ownership; in the worst case it either only moved to the quarantine domain, or the new owner may have been crashed. In no case is the device owned by an alive DomU. You're changing this property, and hence you need to make clear/sure that this isn't colliding with assumptions made elsewhere. Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.