Re: [virtio-dev] Re: [PATCH v3] crypto: add virtio-crypto driver

From: Cornelia Huck
Date: Tue Nov 29 2016 - 04:44:29 EST


On Tue, 29 Nov 2016 01:37:44 +0000
"Gonglei (Arei)" <arei.gonglei@xxxxxxxxxx> wrote:

> > On Mon, 28 Nov 2016 20:08:23 +0800
> > Gonglei <arei.gonglei@xxxxxxxxxx> wrote:
> >
> > > +static int virtcrypto_update_status(struct virtio_crypto *vcrypto)
> > > +{
> > > + u32 status;
> > > + int err;
> > > +
> > > + virtio_cread(vcrypto->vdev,
> > > + struct virtio_crypto_config, status, &status);
> > > +
> > > + /* Ignore unknown (future) status bits */
> > > + status &= VIRTIO_CRYPTO_S_HW_READY;
> >
> > I'm wondering what the driver really should do if it encounters unknown
> > status bits.
> >
> > I'd expect that new status bits are guarded by a feature bit and that
> > the device should not set status bits if the respective feature bit has
> > not been negotiated. Therefore, unknown status bits would be a host
> > error and the driver should consider the device to be broken.
> >
> > Thoughts?
> >
> I agree with you.
>
> The reasonable way is reset the device if the driver
> receive an unknown status IMO.

What about setting FAILED in the generic virtio status? This indicates
to the host that the driver 'has given up on the device', as the spec
puts it. If the driver simply resets it, chances are that we will end
up in the same situation again (after all, that's a host bug).

Or/additionally use virtio_break_device(), as a quick grep revealed
that qemu, for one, does not do anything with FAILED. That way at least
the driver will stop mucking with the device.