[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v3] block: make BlockConf.*_size properties 32-bit
|
From: |
Roman Kagan |
|
Subject: |
Re: [PATCH v3] block: make BlockConf.*_size properties 32-bit |
|
Date: |
Tue, 19 May 2020 21:23:17 +0300 |
On Tue, May 19, 2020 at 04:08:26PM +0200, Kevin Wolf wrote:
> Am 29.04.2020 um 11:18 hat Roman Kagan geschrieben:
> > Devices (virtio-blk, scsi, etc.) and the block layer are happy to use
> > 32-bit for logical_block_size, physical_block_size, and min_io_size.
> > However, the properties in BlockConf are defined as uint16_t limiting
> > the values to 32768.
> >
> > This appears unnecessary tight, and we've seen bigger block sizes handy
> > at times.
> >
> > Make them 32 bit instead and lift the limitation up to 2 MiB which
> > appears to be good enough for everybody, and matches the qcow2 cluster
> > size limit.
> >
> > As the values can now be fairly big and awkward to type, make the
> > property setter accept common size suffixes (k, m).
> >
> > Signed-off-by: Roman Kagan <address@hidden>
> > Reviewed-by: Eric Blake <address@hidden>
> > ---
> > v2 -> v3:
> > - mention qcow2 cluster size limit in the log and comment [Eric]
> >
> > v1 -> v2:
> > - cap the property at 2 MiB [Eric]
> > - accept size suffixes
> >
> > include/hw/block/block.h | 8 ++++----
> > include/hw/qdev-properties.h | 2 +-
> > hw/core/qdev-properties.c | 34 ++++++++++++++++++++++++----------
> > 3 files changed, 29 insertions(+), 15 deletions(-)
> >
> > diff --git a/include/hw/block/block.h b/include/hw/block/block.h
> > index d7246f3862..9dd6bba56a 100644
> > --- a/include/hw/block/block.h
> > +++ b/include/hw/block/block.h
> > @@ -18,9 +18,9 @@
> >
> > typedef struct BlockConf {
> > BlockBackend *blk;
> > - uint16_t physical_block_size;
> > - uint16_t logical_block_size;
> > - uint16_t min_io_size;
> > + uint32_t physical_block_size;
> > + uint32_t logical_block_size;
> > + uint32_t min_io_size;
> > uint32_t opt_io_size;
> > int32_t bootindex;
> > uint32_t discard_granularity;
> > @@ -51,7 +51,7 @@ static inline unsigned int
> > get_physical_block_exp(BlockConf *conf)
> > _conf.logical_block_size), \
> > DEFINE_PROP_BLOCKSIZE("physical_block_size", _state, \
> > _conf.physical_block_size), \
> > - DEFINE_PROP_UINT16("min_io_size", _state, _conf.min_io_size, 0), \
> > + DEFINE_PROP_UINT32("min_io_size", _state, _conf.min_io_size, 0), \
>
> This one doesn't go through set_blocksize(), so does the 2 MB
> limitation actually not apply to min_io_size?
>
> Let's go back to the line that Philippe already quoted:
>
> virtio_stw_p(vdev, &blkcfg.min_io_size, conf->min_io_size / blk_size);
>
> This means that we'll get silent 16 bit truncation of the size specified
> by the user. This is the new bug. In addition, like before, we also
> silently round down to the next multiple of the logical block size.
>
> Of course, opt_io_size already has the same problems. I wonder whether
> both should be converted to DEFINE_PROP_BLOCKSIZE.
DEFINE_PROP_BLOCKSIZE, in addition to capping the value at 2 MB, also
requires it to be a power of two. I'm not sure it's safe to assume
min_io_size and opt_io_size are ok with this.
> In either case, I
> think virtio_blk_device_realize() must check that both values are
> plausible; even if we use a block size property, it still needs to
> verify that they are a multiple of the block size.
>
> The same thing is true of hw/scsi/scsi-disk.c.
>
> All other devices with DEFINE_BLOCK_PROPERTIES accept a value, but
> silently ignore it, so nothing changes for them (though it's also not
> the perfect state).
>
> > DEFINE_PROP_UINT32("opt_io_size", _state, _conf.opt_io_size, 0), \
> > DEFINE_PROP_UINT32("discard_granularity", _state, \
> > _conf.discard_granularity, -1), \
> > diff --git a/include/hw/qdev-properties.h b/include/hw/qdev-properties.h
> > index f161604fb6..f9e0f8c041 100644
> > --- a/include/hw/qdev-properties.h
> > +++ b/include/hw/qdev-properties.h
> > @@ -197,7 +197,7 @@ extern const PropertyInfo qdev_prop_pcie_link_width;
> > #define DEFINE_PROP_BIOS_CHS_TRANS(_n, _s, _f, _d) \
> > DEFINE_PROP_SIGNED(_n, _s, _f, _d, qdev_prop_bios_chs_trans, int)
> > #define DEFINE_PROP_BLOCKSIZE(_n, _s, _f) \
> > - DEFINE_PROP_UNSIGNED(_n, _s, _f, 0, qdev_prop_blocksize, uint16_t)
> > + DEFINE_PROP_UNSIGNED(_n, _s, _f, 0, qdev_prop_blocksize, uint32_t)
>
> The 2 MB limit means that we won't get 16 bit truncation for anything
> that is stored in sectors (512 * 64k = 32M).
>
> As far as I can see, all devices can deal with this change then.
>
> > #define DEFINE_PROP_PCI_HOST_DEVADDR(_n, _s, _f) \
> > DEFINE_PROP(_n, _s, _f, qdev_prop_pci_host_devaddr,
> > PCIHostDeviceAddress)
> > #define DEFINE_PROP_OFF_AUTO_PCIBAR(_n, _s, _f, _d) \
> > diff --git a/hw/core/qdev-properties.c b/hw/core/qdev-properties.c
> > index 2047114fca..e673f3c43f 100644
> > --- a/hw/core/qdev-properties.c
> > +++ b/hw/core/qdev-properties.c
> > @@ -14,6 +14,7 @@
> > #include "qapi/visitor.h"
> > #include "chardev/char.h"
> > #include "qemu/uuid.h"
> > +#include "qemu/units.h"
> >
> > void qdev_prop_set_after_realize(DeviceState *dev, const char *name,
> > Error **errp)
> > @@ -729,30 +730,42 @@ const PropertyInfo qdev_prop_pci_devfn = {
> >
> > /* --- blocksize --- */
> >
> > +/* lower limit is sector size */
> > +#define MIN_BLOCK_SIZE 512
> > +#define MIN_BLOCK_SIZE_STR "512 B"
> > +/*
> > + * upper limit is arbitrary, 2 MiB looks sufficient for all sensible uses,
> > and
> > + * matches qcow2 cluster size limit
> > + */
> > +#define MAX_BLOCK_SIZE (2 * MiB)
> > +#define MAX_BLOCK_SIZE_STR "2 MiB"
> > +
> > static void set_blocksize(Object *obj, Visitor *v, const char *name,
> > void *opaque, Error **errp)
> > {
> > DeviceState *dev = DEVICE(obj);
> > Property *prop = opaque;
> > - uint16_t value, *ptr = qdev_get_prop_ptr(dev, prop);
> > + uint32_t *ptr = qdev_get_prop_ptr(dev, prop);
> > + uint64_t value;
> > Error *local_err = NULL;
> > - const int64_t min = 512;
> > - const int64_t max = 32768;
> >
> > if (dev->realized) {
> > qdev_prop_set_after_realize(dev, name, errp);
> > return;
> > }
> >
> > - visit_type_uint16(v, name, &value, &local_err);
> > + visit_type_size(v, name, &value, &local_err);
> > if (local_err) {
> > error_propagate(errp, local_err);
> > return;
> > }
> > /* value of 0 means "unset" */
> > - if (value && (value < min || value > max)) {
> > - error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE,
> > - dev->id ? : "", name, (int64_t)value, min, max);
> > + if (value && (value < MIN_BLOCK_SIZE || value > MAX_BLOCK_SIZE)) {
> > + error_setg(errp,
> > + "Property %s.%s doesn't take value %" PRIu64
> > + " (minimum: " MIN_BLOCK_SIZE_STR
> > + ", maximum: " MAX_BLOCK_SIZE_STR ")",
> > + dev->id ? : "", name, value);
> > return;
> > }
> >
> > @@ -768,9 +781,10 @@ static void set_blocksize(Object *obj, Visitor *v,
> > const char *name,
> > }
> >
> > const PropertyInfo qdev_prop_blocksize = {
> > - .name = "uint16",
> > - .description = "A power of two between 512 and 32768",
> > - .get = get_uint16,
> > + .name = "size",
> > + .description = "A power of two between " MIN_BLOCK_SIZE_STR
> > + " and " MAX_BLOCK_SIZE_STR,
> > + .get = get_uint32,
> > .set = set_blocksize,
> > .set_default_value = set_default_value_uint,
> > };
>
> This part looks good to me, too.
>
> So I think we just need some additional checks for min_io_size (and
> potentially opt_io_size while you're at it). Maybe that could be a
> separate patch before this one.
I must admit I didn't consider it as a practical issue; if it is, I'm
thinking of adding all those consistency checks to blkconf_blocksizes
(and nuking the open-coded ones from the respective realize functions).
I'll cook something up in the next iteration.
Thanks,
Roman.