The VirtioScsiPassThru() function, programs the vring descriptor using
the host addresses pointed-by virtio-scsi request, response and memory
that is referenced inside the request and response header.
The patch uses newly introduced VIRTIO_DEVICE_PROTOCOL.MapSharedBuffer()
function to map system memory to device address and programs the vring
descriptors with device addresses.
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
OvmfPkg/VirtioScsiDxe/VirtioScsi.h | 1 +
OvmfPkg/VirtioScsiDxe/VirtioScsi.c | 210 +++++++++++++++++---
2 files changed, 186 insertions(+), 25 deletions(-)
diff --git a/OvmfPkg/VirtioScsiDxe/VirtioScsi.h b/OvmfPkg/VirtioScsiDxe/VirtioScsi.h
index 6d00567e8cb8..05a6bf567263 100644
--- a/OvmfPkg/VirtioScsiDxe/VirtioScsi.h
+++ b/OvmfPkg/VirtioScsiDxe/VirtioScsi.h
@@ -60,6 +60,7 @@ typedef struct {
VRING Ring; // VirtioRingInit 2
EFI_EXT_SCSI_PASS_THRU_PROTOCOL PassThru; // VirtioScsiInit 1
EFI_EXT_SCSI_PASS_THRU_MODE PassThruMode; // VirtioScsiInit 1
+ VOID *RingMap; // VirtioRingMap 2
} VSCSI_DEV;
#define VIRTIO_SCSI_FROM_PASS_THRU(PassThruPointer) \
diff --git a/OvmfPkg/VirtioScsiDxe/VirtioScsi.c b/OvmfPkg/VirtioScsiDxe/VirtioScsi.c
index a983b3df7b9c..ed7fd1dd58a8 100644
--- a/OvmfPkg/VirtioScsiDxe/VirtioScsi.c
+++ b/OvmfPkg/VirtioScsiDxe/VirtioScsi.c
@@ -409,11 +409,19 @@ VirtioScsiPassThru (
UINT16 TargetValue;
EFI_STATUS Status;
volatile VIRTIO_SCSI_REQ Request;
- volatile VIRTIO_SCSI_RESP Response;
+ volatile VIRTIO_SCSI_RESP *Response;
+ VOID *ResponseBuffer;
DESC_INDICES Indices;
+ VOID *RequestMapping;
+ VOID *ResponseMapping;
+ VOID *InDataMapping;
+ VOID *OutDataMapping;
+ EFI_PHYSICAL_ADDRESS RequestDeviceAddress;
+ EFI_PHYSICAL_ADDRESS ResponseDeviceAddress;
+ EFI_PHYSICAL_ADDRESS InDataDeviceAddress;
+ EFI_PHYSICAL_ADDRESS OutDataDeviceAddress;
ZeroMem ((VOID*) &Request, sizeof (Request));
- ZeroMem ((VOID*) &Response, sizeof (Response));
Dev = VIRTIO_SCSI_FROM_PASS_THRU (This);
CopyMem (&TargetValue, Target, sizeof TargetValue);
@@ -423,12 +431,93 @@ VirtioScsiPassThru (
return Status;
}
+ //
+ // Response header is bi-direction (we preset with host status and expect the
+ // device to update it). Allocate a response buffer which can be mapped to
+ // access equally by both processor and device.
+ //
+ Status = Dev->VirtIo->AllocateSharedPages (
+ Dev->VirtIo,
+ EFI_SIZE_TO_PAGES (sizeof *Response),
+ &ResponseBuffer
+ );
+ if (EFI_ERROR (Status)) {
+ return EFI_DEVICE_ERROR;
+ }
+
+ Status = VirtioMapAllBytesInSharedBuffer (
+ Dev->VirtIo,
+ VirtioOperationBusMasterCommonBuffer,
+ ResponseBuffer,
+ sizeof (*Response),
+ &ResponseDeviceAddress,
+ &ResponseMapping
+ );
+ if (EFI_ERROR (Status)) {
+ Status = EFI_DEVICE_ERROR;
+ goto FreeResponseBuffer;
+ }
+
+ Response = ResponseBuffer;
+
+ //
+ // Map the scsi-blk Request header buffer host address to device address
+ //
+ Status = VirtioMapAllBytesInSharedBuffer (
+ Dev->VirtIo,
+ VirtioOperationBusMasterRead,
+ (VOID *) &Request,
+ sizeof Request,
+ &RequestDeviceAddress,
+ &RequestMapping);
+ if (EFI_ERROR (Status)) {
+ Status = EFI_DEVICE_ERROR;
+ goto UnmapResponseBuffer;
+ }
+
+ //
+ // Map the input buffer host address to a device address
+ //
+ if (Packet->InTransferLength > 0) {
+ Status = VirtioMapAllBytesInSharedBuffer (
+ Dev->VirtIo,
+ VirtioOperationBusMasterWrite,
+ Packet->InDataBuffer,
+ Packet->InTransferLength,
+ &InDataDeviceAddress,
+ &InDataMapping
+ );
+ if (EFI_ERROR (Status)) {
+ Status = EFI_DEVICE_ERROR;
+ goto UnmapRequestBuffer;
+ }
+ }
+
+ //
+ // Map the output buffer host address to a device address
+ //
+ if (Packet->OutTransferLength > 0) {
+ Status = VirtioMapAllBytesInSharedBuffer (
+ Dev->VirtIo,
+ VirtioOperationBusMasterRead,
+ Packet->OutDataBuffer,
+ Packet->OutTransferLength,
+ &OutDataDeviceAddress,
+ &OutDataMapping
+ );
+ if (EFI_ERROR (Status)) {
+ Status = EFI_DEVICE_ERROR;
+ goto UnmapInDataBuffer;
+ }
+ }
+
+
VirtioPrepare (&Dev->Ring, &Indices);
//
// preset a host status for ourselves that we do not accept as success
//
- Response.Response = VIRTIO_SCSI_S_FAILURE;
+ Response->Response = VIRTIO_SCSI_S_FAILURE;
//
// ensured by VirtioScsiInit() -- this predicate, in combination with the
@@ -439,31 +528,49 @@ VirtioScsiPassThru (
//
// enqueue Request
//
- VirtioAppendDesc (&Dev->Ring, (UINTN) &Request, sizeof Request,
- VRING_DESC_F_NEXT, &Indices);
+ VirtioAppendDesc (
+ &Dev->Ring,
+ RequestDeviceAddress,
+ sizeof Request,
+ VRING_DESC_F_NEXT,
+ &Indices
+ );
//
// enqueue "dataout" if any
//
if (Packet->OutTransferLength > 0) {
- VirtioAppendDesc (&Dev->Ring, (UINTN) Packet->OutDataBuffer,
- Packet->OutTransferLength, VRING_DESC_F_NEXT, &Indices);
+ VirtioAppendDesc (
+ &Dev->Ring,
+ OutDataDeviceAddress,
+ Packet->OutTransferLength,
+ VRING_DESC_F_NEXT,
+ &Indices
+ );
}
//
// enqueue Response, to be written by the host
//
- VirtioAppendDesc (&Dev->Ring, (UINTN) &Response, sizeof Response,
- VRING_DESC_F_WRITE | (Packet->InTransferLength > 0 ?
- VRING_DESC_F_NEXT : 0),
- &Indices);
+ VirtioAppendDesc (
+ &Dev->Ring,
+ ResponseDeviceAddress,
+ sizeof *Response,
+ VRING_DESC_F_WRITE | (Packet->InTransferLength > 0 ? VRING_DESC_F_NEXT : 0),
+ &Indices
+ );
//
// enqueue "datain" if any, to be written by the host
//
if (Packet->InTransferLength > 0) {
- VirtioAppendDesc (&Dev->Ring, (UINTN) Packet->InDataBuffer,
- Packet->InTransferLength, VRING_DESC_F_WRITE, &Indices);
+ VirtioAppendDesc (
+ &Dev->Ring,
+ InDataDeviceAddress,
+ Packet->InTransferLength,
+ VRING_DESC_F_WRITE,
+ &Indices
+ );
}
// If kicking the host fails, we must fake a host adapter error.
@@ -477,10 +584,36 @@ VirtioScsiPassThru (
Packet->HostAdapterStatus = EFI_EXT_SCSI_STATUS_HOST_ADAPTER_OTHER;
Packet->TargetStatus = EFI_EXT_SCSI_STATUS_TARGET_GOOD;
Packet->SenseDataLength = 0;
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto UnmapOutDataBuffer;
}
- return ParseResponse (Packet, &Response);
+ Status = ParseResponse (Packet, Response);
+
+UnmapOutDataBuffer:
+ if (Packet->OutTransferLength > 0) {
+ Dev->VirtIo->UnmapSharedBuffer (Dev->VirtIo, OutDataMapping);
+ }
+
+UnmapInDataBuffer:
+ if (Packet->InTransferLength > 0) {
+ Dev->VirtIo->UnmapSharedBuffer (Dev->VirtIo, InDataMapping);
+ }
+
+UnmapRequestBuffer:
+ Dev->VirtIo->UnmapSharedBuffer (Dev->VirtIo, RequestMapping);
+
+UnmapResponseBuffer:
+ Dev->VirtIo->UnmapSharedBuffer (Dev->VirtIo, ResponseMapping);
+
+FreeResponseBuffer:
+ Dev->VirtIo->FreeSharedPages (
+ Dev->VirtIo,
+ EFI_SIZE_TO_PAGES (sizeof *Response),
+ ResponseBuffer
+ );
+
+ return Status;
}
@@ -707,7 +840,7 @@ VirtioScsiInit (
{
UINT8 NextDevStat;
EFI_STATUS Status;
-
+ UINT64 RingBaseShift;
UINT64 Features;
UINT16 MaxChannel; // for validation only
UINT32 NumQueues; // for validation only
@@ -839,25 +972,42 @@ VirtioScsiInit (
}
//
+ // If anything fails from here on, we must release the ring resources
+ //
+ Status = VirtioRingMap (
+ Dev->VirtIo,
+ &Dev->Ring,
+ &RingBaseShift,
+ &Dev->RingMap
+ );
+ if (EFI_ERROR (Status)) {
+ goto ReleaseQueue;
+ }
+
+ //
// Additional steps for MMIO: align the queue appropriately, and set the
- // size. If anything fails from here on, we must release the ring resources.
+ // size. If anything fails from here on, we must unmap the ring resources.
//
Status = Dev->VirtIo->SetQueueNum (Dev->VirtIo, QueueSize);
if (EFI_ERROR (Status)) {
- goto ReleaseQueue;
+ goto UnmapQueue;
}
Status = Dev->VirtIo->SetQueueAlign (Dev->VirtIo, EFI_PAGE_SIZE);
if (EFI_ERROR (Status)) {
- goto ReleaseQueue;
+ goto UnmapQueue;
}
//
// step 4c -- Report GPFN (guest-physical frame number) of queue.
//
- Status = Dev->VirtIo->SetQueueAddress (Dev->VirtIo, &Dev->Ring, 0);
+ Status = Dev->VirtIo->SetQueueAddress (
+ Dev->VirtIo,
+ &Dev->Ring,
+ RingBaseShift
+ );
if (EFI_ERROR (Status)) {
- goto ReleaseQueue;
+ goto UnmapQueue;
}
//
@@ -867,7 +1017,7 @@ VirtioScsiInit (
Features &= ~(UINT64)VIRTIO_F_VERSION_1;
Status = Dev->VirtIo->SetGuestFeatures (Dev->VirtIo, Features);
if (EFI_ERROR (Status)) {
- goto ReleaseQueue;
+ goto UnmapQueue;
}
}
@@ -877,11 +1027,11 @@ VirtioScsiInit (
//
Status = VIRTIO_CFG_WRITE (Dev, CdbSize, VIRTIO_SCSI_CDB_SIZE);
if (EFI_ERROR (Status)) {
- goto ReleaseQueue;
+ goto UnmapQueue;
}
Status = VIRTIO_CFG_WRITE (Dev, SenseSize, VIRTIO_SCSI_SENSE_SIZE);
if (EFI_ERROR (Status)) {
- goto ReleaseQueue;
+ goto UnmapQueue;
}
//
@@ -890,7 +1040,7 @@ VirtioScsiInit (
NextDevStat |= VSTAT_DRIVER_OK;
Status = Dev->VirtIo->SetDeviceStatus (Dev->VirtIo, NextDevStat);
if (EFI_ERROR (Status)) {
- goto ReleaseQueue;
+ goto UnmapQueue;
}
//
@@ -926,6 +1076,9 @@ VirtioScsiInit (
return EFI_SUCCESS;
+UnmapQueue:
+ Dev->VirtIo->UnmapSharedBuffer (Dev->VirtIo, Dev->RingMap);
+
ReleaseQueue:
VirtioRingUninit (Dev->VirtIo, &Dev->Ring);
@@ -965,6 +1118,7 @@ VirtioScsiUninit (
Dev->MaxLun = 0;
Dev->MaxSectors = 0;
+ Dev->VirtIo->UnmapSharedBuffer (Dev->VirtIo, Dev->RingMap);
VirtioRingUninit (Dev->VirtIo, &Dev->Ring);
SetMem (&Dev->PassThru, sizeof Dev->PassThru, 0x00);
@@ -995,6 +1149,12 @@ VirtioScsiExitBoot (
//
Dev = Context;
Dev->VirtIo->SetDeviceStatus (Dev->VirtIo, 0);
+
+ //
+ // Unmap the ring buffer so that hypervisor will not be able to get
+ // readable data after device reset.
+ //
+ Dev->VirtIo->UnmapSharedBuffer (Dev->VirtIo, Dev->RingMap);
}
--
2.7.4
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel