mbox series

[v5,0/9] Do not allow set-partition immediate mode

Message ID cover.1648687552.git.alison.schofield@intel.com
Headers show
Series Do not allow set-partition immediate mode | expand

Message

Alison Schofield March 31, 2022, 1:27 a.m. UTC 
From: Alison Schofield <alison.schofield@intel.com>

Blocking immediate mode in set-partition info triggered a
refactoring of the send path of userspace mailbox commands.

The v1 to address the issue was a single patch [1] that inserted
a new immediate mode check in the send path where the payload was
available for examining. That was not in a validation function.

Revisions after v1 included the refactoring of the send path so
that validation work all spawns from cxl_validate_cmd_from_user().

Patches 1-7: Refactor existing code so that all validation work
	can spawn from cxl_validate_cmd_from_user().

	The movement intends to cleanly rip the work of building a
	mailbox command away from handle_mailbox_command_from_user()
	and give it to cxl_validate_cmd_from_user().

Patch 8: Blocks the immediate mode of the set-partition command.
Patch 9: Removes CXL_PMEM exclusive commands restriction.

[1]https://lore.kernel.org/linux-cxl/20220103202100.784194-1-alison.schofield@intel.com/

Changes in v5:
- Put destination params first in function param lists. (Dan)
- Renamed the cxl_to_mbox_cmd() to cxl_mbox_cmd_ctor() and added
  a deconstruct counterpart cxl_mbox_cmd_dtor() to clean up mbox
  allocations. (Dan)
- Added Dan's Reviewed-by tag to Patches 1-6.

Changes in v4: (All from Jonathan's review - Thank-you Jonathan)
- Add a blank line after return
- Combine cxl_mem_command and info declaration and init.
- Replace "rc =" with direct returns in cxl_validate_cmd_from_user()
- Don't init and then overwrite out_size
- Rm the 'refactor foreshadowing' goto & don't restore it later
- Wordsmithing in Patch 4 commit log
- Mv error path to be out of line, normal path inline.
- Move kvfree()'s from handle_mbox...() to cxl_send_cmd()
Patches 1,2,4,5,6,7,8: Added Jonathan Reviewed-by Tags.
Patches 2,7,8,9: No code changes

Changes in v3:
- Split up the 'Centralize the validation...' patch into 6 pieces.
Patch: cxl/mbox: Move cxl_mem_command construction to helper funcs
- Safely initialize the cxl_mem_command structs. (Dan)
- Remove unneeded memcpy (Dan)
Patch: cxl/mbox: Block immediate mode in SET_PARTITION_INFO command
- No Changes
Patch: cxl/pmem: Remove CXL SET_PARTITION_INFO from exclusive_cmds list
- No Changes

Changes in v2:
- Refactor the send path of userspace mbox cmds. (Dan, Ben)
- Patch 3 commit log - update the need to block. (Dan)
- Return -EBUSY (not -EINVAL), when blocking immediate mode. (Ben)
- Remove unneeded cast of void (payload_in). (dan)
- s/u64/__le64 in struct cxl_mbox_set_partition_info. (Dan)


Alison Schofield (9):
  cxl/mbox: Move cxl_mem_command construction to helper funcs
  cxl/mbox: Move raw command warning to raw command validation
  cxl/mbox: Move build of user mailbox cmd to a helper functions
  cxl/mbox: Construct a users cxl_mbox_cmd in the validation path
  cxl/mbox: Remove dependency on cxl_mem_command for a debug msg
  cxl/mbox: Make handle_mailbox_cmd_from_user() use a mbox param
  cxl/mbox: Move cxl_mem_command param to a local variable
  cxl/mbox: Block immediate mode in SET_PARTITION_INFO command
  cxl/pmem: Remove CXL SET_PARTITION_INFO from exclusive_cmds list

 drivers/cxl/core/mbox.c | 339 ++++++++++++++++++++++++----------------
 drivers/cxl/cxlmem.h    |   7 +
 drivers/cxl/pmem.c      |   1 -
 3 files changed, 214 insertions(+), 133 deletions(-)


base-commit: 9b688fc651b9d2b633e8d959454670aba1c39162