On Tue, 12 Apr 2022 at 19:10, Tom Rini trini@konsulko.com wrote:
On Thu, Mar 31, 2022 at 10:09:38AM +0000, Andrew Scull wrote:
Continuing the theme of making the virtio code resilient against corruption of the buffers shared with the device, this series focusses on the vring. This series is simpler and more self-contained than the series for virtio-pci!
It follows the example of Linux by keeping a private copy of the descriptors and metadata for state tracking and only ever writing to the descriptors that are shared with the device.
I was able to test these hardening steps in the sandbox by simulating device writes to the queues. I was also looking into testing the device drivers against a simulated device but the lack of an API to access the virtqueues meant this ended up being a hack. I've included that hack and the at the end of the series as an RFC.
Andrew Scull (11): virtio_ring: Merge identical variables virtio_ring: Add helper to attach vring descriptor virtio_ring: Maintain a shadow copy of descriptors virtio_ring: Check used descriptors are chain heads dm: test: virtio: Test the virtio ring virtio: sandbox: Fix device features bitfield test: dm: virtio: Test notify before del_vqs virtio: sandbox: Bind RNG rather than block device test: dm: virtio: Test virtio device driver probing virtio: rng: Check length before copying RFC: test: dm: virtio: Test virtio-rng with faked device
What does this series depend on? I got a failure to build on sandbox: https://source.denx.de/u-boot/u-boot/-/jobs/422500#L104
Problem is from the final, RFC, patch on SPL where CONFIG_DM_RNG is not set so `dm_rng_read` isn't defined. I don't really understand the difference with SPL just yet, but I expect CONFIG_DM_RNG can be set. But in the meantime, it's also fine to drop that final patch from the series.