| History log of /src/sys/dev/pci/viornd.c |
| Revision | | Date | Author | Comments |
| 1.22 |
| 04-Aug-2023 |
riastradh | entropy(9): Simplify stages. Split interrupt vs non-interrupt paths.
- Nix the entropy stage (cold, warm, hot). Just use the usual kernel
`cold' (cold: single-core, single-thread; interrupts may happen),
and don't make any three-way distinction about whether interrupts
or threads or other CPUs can be running.
Instead, while cold, use splhigh/splx or forbid paths to come from
interrupt context, and while warm, use mutex or the per-CPU hard
and soft interrupt paths for low latency. This comes at a small
cost to some interrupt latency, since we may stir the pool in
interrupt context -- but only for a very short window early at boot
between configure and configure2, so it's hard to imagine it
matters much.
- Allow rnd_add_uint32 to run in hard interrupt context or with spin
locks held, but defer processing to softint and drop samples on the
floor if buffer is full. This is mainly used for cheaply tossing
samples from drivers for non-HWRNG devices into the entropy pool,
so it is often used from interrupt context and/or under spin locks.
- New rnd_add_data_intr provides the interrupt-like data entry path
for arbitrary buffers and driver-specified entropy estimates: defer
processing to softint and drop samples on the floor if buffer is
full.
- Document that rnd_add_data is forbidden under spin locks outside
interrupt context (will crash in LOCKDEBUG), and inadvisable in
interrupt context (but technically permitted just in case there are
compatibility issues for now); later we can forbid it altogether in
interrupt context or under spin locks.
- Audit all uses of rnd_add_data to use rnd_add_data_intr where it
might be used in interrupt context or under a spin lock.
This fixes a regression from last year when the global entropy lock
was changed from IPL_VM (spin) to IPL_SOFTSERIAL (adaptive). Thought
I'd caught all the problems from that, but another one bit three
different people this week, presumably because of recent changes that
led to more non-HWRNG drivers entering the entropy consolidation
path from rnd_add_uint32.
In my attempt to preserve the rnd(9) API for the (now long-since
abandoned) prospect of pullup to netbsd-9 in my rewrite of the
entropy subsystem in 2020, I didn't introduce a separate entry point
for entering entropy from interrupt context or equivalent, i.e., spin
locks held, and instead made rnd_add_data rely on cpu_intr_p() to
decide whether to process the whole sample under a lock or only take
as much as there's buffer space for before scheduling a softint. In
retrospect, that was a mistake (though perhaps not as much of a
mistake as other entropy API decisions...), a mistake which is
finally getting rectified now by rnd_add_data_intr.
XXX pullup-10
|
| 1.21 |
| 25-Mar-2023 |
mlelstv | Mark as MPSAFE.
|
| 1.20 |
| 23-Mar-2023 |
yamaguchi | Added functions to set interrupt handler and index into virtqueue
|
| 1.19 |
| 23-Mar-2023 |
yamaguchi | Set virtqueues in virtio_child_attach_finish
The number of virtqueue maybe change in a part of VirtIO devices
(e.g. vioif(4)). And it is fixed after negotiation of features.
So the configuration is moved into the function.
|
| 1.18 |
| 14-Apr-2022 |
riastradh | branches: 1.18.4;
Revert "viornd(4): Process host entropy in softint context."
Apparently this has the effect of sometimes making the network hang
on Google Compute Engine as used by syzbot, which has held up all the
syzkaller testing for weeks now. Let's revert this for now, and
separately try to figure out what's wrong with it.
|
| 1.17 |
| 23-Mar-2022 |
riastradh | viornd(4): Process host entropy in softint context.
Samples added to the entropy pool in hard interrupt context are only
buffered, never processed directly, and if they fill the buffer, the
sample is dropped -- this serves to encourage taking timing samples
in hard interrupt context because it's cheap, and we have no idea how
many samples we really need for full entropy so it's safer to err on
the side of `as many as we can get'.
But for viornd(4), we assume the host has full entropy so we only
need a single 32-byte sample, and we want to avoid dropping it so we
get full entropy ASAP. Entering the sample in a soft interrupt
rather than hard interrupt achieves this.
|
| 1.16 |
| 19-Mar-2022 |
riastradh | viornd(4): Revert IPL change for lock.
This lock is taken in hard interrupt context, so it needs to remain
at IPL_VM.
|
| 1.15 |
| 19-Mar-2022 |
riastradh | rnd(9): Adjust IPL of locks used by rndsource callbacks.
These no longer ever run from hard interrupt context or with a spin
lock held, so there is no longer any need to have them at IPL_VM to
block hard interrupts. Instead, lower them to IPL_SOFTSERIAL.
|
| 1.14 |
| 20-Jan-2021 |
reinoud | Add VirtIO PCI v1.0 attachments and fix the drivers affected.
The vioif, ld, scsi, viornd and viomb devices were adjusted when needed and
tested both in legacy 0.9 and v1.0 attachments trough PCI on amd64, sparc64,
aarch64 and aarch64-eb. ACPI/FDT attachments also tested on
aarch64/aarch64-eb.
Known issues
* viomb on aarch64 works only with ACPI/FDT attachment but not with PCI
attachment. PCI and ACPI/FDT attachment works on aarch64-eb.
* virtio on sparc64 attaches but is it not functioning though not a
regression.
|
| 1.13 |
| 30-Apr-2020 |
riastradh | branches: 1.13.2;
rnd_attach_source calls the callback itself now.
No need for every driver to explicitly call it to prime the pool.
Eliminate now-unused <sys/rndpool.h>.
|
| 1.12 |
| 10-Jun-2018 |
jakllsch | remove irrelevant pci(9) #includes from virtio child drivers
|
| 1.11 |
| 25-Mar-2017 |
jdolecek | branches: 1.11.12; 1.11.14;
reorganize the attachment process for virtio child devices, so that
more common code is shared among the drivers, and it's possible for
the drivers to be correctly dynamically loaded; forbid direct access
to struct virtio_softc from the child driver code
|
| 1.10 |
| 30-Nov-2016 |
christos | branches: 1.10.2;
Don't call virtio_enqueue_abort when virtio_enqueue_reserve fails.
Pointed out by uwe@
|
| 1.9 |
| 27-Oct-2015 |
christos | branches: 1.9.2;
Print the negotiated feature bits
|
| 1.8 |
| 05-May-2015 |
ozaki-r | Use NULL for initialization of sc_config_change
|
| 1.7 |
| 13-Apr-2015 |
riastradh | Convert sys/dev to use <sys/rndsource.h>.
|
| 1.6 |
| 08-Apr-2015 |
riastradh | Don't forget to bus_dmamap_unload.
|
| 1.5 |
| 06-Nov-2014 |
pooka | branches: 1.5.2;
put the "asked for" print also behind VIORNG_DEBUG
|
| 1.4 |
| 06-Nov-2014 |
pooka | Abort only actually initialized slots.
|
| 1.3 |
| 06-Nov-2014 |
pooka | disable debug print by default
|
| 1.2 |
| 06-Nov-2014 |
pooka | Print attachment \n's so that we don't get junky lines
(this driver now matches ld)
|
| 1.1 |
| 26-Oct-2014 |
tls | branches: 1.1.2;
Add viornd(4), a driver for the VirtIO entropy source available on
QEMU, KVM, and Google Compute Engine. From OpenBSD.
|
| 1.1.2.3 |
| 06-Nov-2015 |
riz | Pull up following revision(s) (requested by riastradh in ticket #995):
sys/dev/pci/viornd.c: revision 1.3
disable debug print by default
|
| 1.1.2.2 |
| 02-Nov-2014 |
martin | Pull up following revision(s) (requested by tls in ticket #174):
doc/CHANGES: revision 1.2005
sys/dev/pci/viornd.c: revision 1.1
sys/dev/pci/files.pci: revision 1.372
sys/arch/amd64/conf/GENERIC: revision 1.401
share/man/man4/viornd.4: revision 1.1
Add viornd(4), a driver for the VirtIO entropy source available on
QEMU, KVM, and Google Compute Engine. From OpenBSD.
|
| 1.1.2.1 |
| 26-Oct-2014 |
martin | file viornd.c was added on branch netbsd-7 on 2014-11-02 10:09:44 +0000
|
| 1.5.2.4 |
| 28-Aug-2017 |
skrll | Sync with HEAD
|
| 1.5.2.3 |
| 05-Dec-2016 |
skrll | Sync with HEAD
|
| 1.5.2.2 |
| 27-Dec-2015 |
skrll | Sync with HEAD (as of 26th Dec)
|
| 1.5.2.1 |
| 06-Jun-2015 |
skrll | Sync with HEAD
|
| 1.9.2.2 |
| 26-Apr-2017 |
pgoyette | Sync with HEAD
|
| 1.9.2.1 |
| 07-Jan-2017 |
pgoyette | Sync with HEAD. (Note that most of these changes are simply $NetBSD$
tag issues.)
|
| 1.10.2.1 |
| 21-Apr-2017 |
bouyer | Sync with HEAD
|
| 1.11.14.1 |
| 25-Jun-2018 |
pgoyette | Sync with HEAD
|
| 1.11.12.2 |
| 03-Dec-2017 |
jdolecek | update from HEAD
|
| 1.11.12.1 |
| 25-Mar-2017 |
jdolecek | file viornd.c was added on branch tls-maxphys on 2017-12-03 11:37:29 +0000
|
| 1.13.2.1 |
| 03-Apr-2021 |
thorpej | Sync with HEAD.
|
| 1.18.4.2 |
| 11-Aug-2023 |
martin | Pull up following revision(s) (requested by riastradh in ticket #319):
sys/dev/pci/ubsec.c: revision 1.64
sys/dev/pci/hifn7751.c: revision 1.82
lib/libc/gen/getentropy.3: revision 1.5
lib/libc/gen/getentropy.3: revision 1.6
share/man/man4/rnd.4: revision 1.41
lib/libc/sys/getrandom.2: revision 1.2
lib/libc/sys/getrandom.2: revision 1.3
share/man/man5/rc.conf.5: revision 1.193
share/man/man7/entropy.7: revision 1.5
share/man/man7/entropy.7: revision 1.6
share/man/man7/entropy.7: revision 1.7
share/man/man7/entropy.7: revision 1.8
etc/security: revision 1.130
share/man/man7/entropy.7: revision 1.9
etc/security: revision 1.131
sys/crypto/cprng_fast/cprng_fast.c: revision 1.19
sys/sys/rndio.h: revision 1.3
tests/lib/libc/sys/t_getrandom.c: revision 1.5
etc/defaults/rc.conf: revision 1.164
etc/defaults/rc.conf: revision 1.165
sys/sys/rndsource.h: revision 1.10
sys/kern/kern_entropy.c: revision 1.62
sys/kern/kern_entropy.c: revision 1.63
sys/kern/kern_entropy.c: revision 1.64
sys/kern/subr_cprng.c: revision 1.44
sys/kern/kern_entropy.c: revision 1.65
sys/kern/kern_clock.c: revision 1.149
sys/dev/pci/viornd.c: revision 1.22
share/man/man9/rnd.9: revision 1.32
sys/kern/subr_prf.c: revision 1.202
sys/sys/rndsource.h: revision 1.8
sys/sys/rndsource.h: revision 1.9
share/man/man7/entropy.7: revision 1.10
1. Reinstate netbsd<=9 entropy estimator to unblock /dev/random, in
parallel with assessment of only confident entropy sources (seed,
HWRNG) for security warnings like sshd keys in motd and daily
insecurity report.
2. Make multiuser boot wait for first /dev/random output soon after
loading a seed and configuring rndctl, so that getentropy(3) meets
its contract starting early at boot without introducing blocking
paths that could cause hangs in init(8) or single-user mode.
Operators can choose to disable this wait in rc.conf.
3. Fix some bugs left over from reducing the global entropy lock from
a spin lock at IPL_VM to an adaptive lock at IPL_SOFTSERIAL.
4. Update man pages.
|
| 1.18.4.1 |
| 13-May-2023 |
martin | Pull up following revision(s) (requested by yamaguchi in ticket #139):
sys/dev/pci/vioscsi.c: revision 1.31
sys/dev/pci/vio9p.c: revision 1.10
sys/dev/pci/vioscsi.c: revision 1.32
sys/dev/pci/vio9p.c: revision 1.11
sys/dev/pci/vioscsi.c: revision 1.33
sys/dev/pci/ld_virtio.c: revision 1.31
sys/dev/virtio/viocon.c: revision 1.6
sys/dev/pci/vioscsi.c: revision 1.34
sys/dev/pci/ld_virtio.c: revision 1.32
sys/dev/virtio/viocon.c: revision 1.7
sys/dev/virtio/viocon.c: revision 1.8
sys/dev/pci/vioscsi.c: revision 1.36
sys/dev/pci/virtioreg.h: revision 1.12
sys/dev/pci/viornd.c: revision 1.19
sys/dev/pci/virtio.c: revision 1.66
sys/dev/pci/virtio.c: revision 1.67
sys/dev/pci/virtio.c: revision 1.68
sys/dev/pci/if_vioif.c: revision 1.103
sys/dev/pci/virtio.c: revision 1.69
sys/dev/pci/if_vioif.c: revision 1.104
sys/dev/pci/virtio_pci.c: revision 1.40
sys/dev/virtio/virtio_mmio.c: revision 1.8
sys/dev/virtio/virtio_mmio.c: revision 1.9
sys/dev/pci/viomb.c: revision 1.14
sys/dev/pci/viomb.c: revision 1.15
sys/dev/pci/viomb.c: revision 1.17
sys/dev/pci/viornd.c: revision 1.20
sys/dev/pci/viornd.c: revision 1.21
sys/dev/pci/virtiovar.h: revision 1.25
sys/dev/pci/virtiovar.h: revision 1.26
sys/dev/pci/virtiovar.h: revision 1.27
sys/dev/pci/virtiovar.h: revision 1.28
sys/dev/pci/virtio.c: revision 1.70
sys/dev/pci/virtio.c: revision 1.71
sys/dev/pci/virtio.c: revision 1.72
sys/dev/pci/virtio.c: revision 1.73
sys/dev/pci/virtio.c: revision 1.74
sys/dev/pci/virtio_pci.c: revision 1.39
Set virtqueues in virtio_child_attach_finish
The number of virtqueue maybe change in a part of VirtIO devices
(e.g. vioif(4)). And it is fixed after negotiation of features.
So the configuration is moved into the function.
viocon(4): fix not to allocate unused virtqueue
viocon(4) allocates 4 virtqueues but it only uses 2 (0 and 1) queues.
Added functions to set interrupt handler and index into virtqueue
Added check of pointer for allocated memory before release of resource
Setup virtqueues after registering them to virtio_softc
restore fetch of qsize.
Mark as MPSAFE.
virtio(4): Avoid name collision with global intrhand on sparc64.
Pacifies -Werror=shadow.
No functional change intended.
Use PRIuBUSSIZE to print bus_size_t variables.
virtio(4): Fix sizing of virtqueue allocation.
vq->vq_avail[0].ring is a zero-length array, and thus sizeof is zero;
likewise vq->vq_used[0].ring.
Use vq->vq_avail[0].ring[0] and vq->vq_used[0].ring[0] to fix this
and restore the previous allocation sizing logic.
XXX We shouldn't use zero-length arrays here -- they are asking for
trouble like this, and C99 has a standard way to express what we're
actually trying to get at it, flexible array members.
PR kern/57304
virtio(4): Use flexible array members, not zero-length arrays.
This enables the compiler to detect sizeof mistakes like
PR kern/57304.
Use descriptor chain for free slots instead of vq_entry list
Descriptors can be chained by themself. And descriptors added to
avail ring or used ring are already chained. But it was not used
for unused descriptors and another linked list structure named
vq_entry was used.
The chain is also used for unused descriptors to make virtio(4)
simpler.
Added flags to store status of attaching a virtio device
This prevents a panic on reboot after a virtio device had called
virtio_child_attach_failed().
Fix wrong variable names
This fixes build errors in virtio_mmio.c
|
