scsi rebase

[Ablu]

Summary of the PR

This is a rebase of #4.

Requirements

Before submitting your PR, please make sure you addressed the following
requirements:

• All commits in this PR are signed (with git commit -s), and the commit
  message has max 60 characters for the summary and max 75 characters for each
  description line.
• All added/changed functionality has a corresponding unit/integration
  test.
• All added/changed public-facing functionality has entries in the "Upcoming
  Release" section of CHANGELOG.md (if no such section exists, please create one).
• Any newly added unsafe code is properly documented.

[Ablu]

• All commits in this PR are signed (with git commit -s), and the commit
  message has max 60 characters for the summary and max 75 characters for each
  description line.

Is there documentation of what signing means? I assume DCO, but I find it a bit weird to sign things without that having specified somewhere :)

[Ablu]

left some comments for myself

[Ablu]

Rough changelog:

• squashed things, splitted into (hopefully sensible) chunks
• moved tests under emulation (thats what they were testing)
• implemented idx
• fixed most previous comments

TODOs:

• fix author ship... Somewhere during rebase I lost the authorship
• review pubs. How do we want this crate to be consumed? @stsquad: Do we want this to just be a daemon or shall the interfaces be exported as lib (assumed the latter for now)?
• throughout self-review

[Ablu]

@Gaelan: Did I get the authorship right? Do we need to credit other people/projects from which things were adopted?

[Gaelan]

Many thanks for picking this back up!

Did I get the authorship right? Do we need to credit other people/projects from which things were adopted?

All the code here was written by me (as best I recall; I'm generally pretty good about noting if it isn't). The work was done as part of GSoC, but I don't believe any copyright assignment takes place there.

EDIT: I do, at various points, quote the SCSI spec, which is an ISO standard that isn't (officially) freely available. I'm assuming short excerpts fall under fair use and it should be fine?

Incidentally, I had a scsi-write branch that may be of interest; there was sufficient write support to boot and run Debian, though I can't vouch for its correctness in the face of writeback failures - IIRC there's a tricky mismatch here between the level of detail SCSI expects and what the POSIX file APIs give us. I think I might just fsync everything, which is probably slow-but-good-enough?

[Gaelan]

Please let me know if you have any questions, by the way! This was a couple years ago now, so no promises, but happy to try and remember what I was thinking.

[Ablu]

All the code here was written by me (as best I recall; I'm generally pretty good about noting if it isn't). The work was done as part of GSoC, but I don't believe any copyright assignment takes place there.

Yeah, you had sign-offs on the relevant commits, mostly tried to make sure that the way I split up stuff is ok with you (since I put your name as main author). That said, we might be missing SPDX-License-Identifiers (at least current code has it, do not find anything in https://github.com/rust-vmm/community/blob/main/CONTRIBUTING.md). I would add: Apache-2.0 or BSD-3-Clause to all files, ok?

Incidentally, I had a scsi-write branch that may be of interest; there was sufficient write support to boot and run Debian, though I can't vouch for its correctness in the face of writeback failures - IIRC there's a tricky mismatch here between the level of detail SCSI expects and what the POSIX file APIs give us. I think I might just fsync everything, which is probably slow-but-good-enough?

I guess for now, I would aim at getting the readonly state merged. So I have not spent any thoughts on writes. Will check it out when I do so!

Please let me know if you have any questions, by the way! This was a couple years ago now, so no promises, but happy to try and remember what I was thinking.

Sure. Right now I focused on getting stuff work properly. Will let you know when I stumble over something. Feel free to provide review on the stuff that I changed!

[Ablu]

Changelog (in order of significance):

• Split the emulation interface into handling LUN-independent and LUN-specific messages
  • This allows the LUN-specific part to be oblivious to the target
  • Allowed for some de-duplication too
• Create own trait to decouple from io::File
• De-boilerplated the daemon by moving parsing to virtio.rs
  • Still requires some boilerplate to copy between virtio and scsi datastructures
  • Could be further simplified if we are fine with scsi-virtio-specific stuff returning datastructures of src/scsi/ (currently they were kept separated on purpose)
• Removed no longer needed suppressing of linting (either due to simplified code or newer linter version)
• Random cleanups here and there

[Ablu]

CI seems to be broken by dirty permissions from left-overs?

[Ablu]

Open clarification items:

• SPDX identifiers?
• abstraction-levels: What should be public? Which parts do we want to allow other people to use?
  • "Just the daemon?" vs "daemon, virtio-scsi abstraction, target interface, inner-emulation interfaces (LogicalUnit)"?
• How to test the daemon?
• Meaning of signoff is not documented.
• No CHANGELOG available.

[Gaelan]

It's worth noting that several of the "LUN-specific" commands here are used for multiple LUN types, not just block devices. (TEST UNIT READY, REQUEST SENSE, REPORT SUPPORTED OPERATION CODES, and INQUIRY are required for all LUN types; commands like READ CAPACITY and READ are used by several storage-like devices.)

So if we ever wanted to do more than just block devices, we'd need to do some more thinking about how we want to handle that. Unfortunately we can't just parse a command without knowing the intended device type, as sometimes operation codes are reused.

Anyway, cross that bridge when we get to it - just potentially useful background.

[Ablu]

abstraction-levels: What should be public? Which parts do we want to allow other people to use?

• "Just the daemon?" vs "daemon, virtio-scsi abstraction, target interface, inner-emulation interfaces (LogicalUnit)"?

Currently, we have multiple layers of abstraction in here:

• the daemon that allows connection to the socket, parses things using the virtio module and forwards things to the EmulatedTarget after registering a BlockDevice for each image.
• virtio that abstracts some of the virtio-scsi related parsing and provides some convenience features
• scsi::Target that abstracts over the actual backend (only consists of execute_command)
• scsi::emulation::target::EmulationTarget that implements scsi::Target by maintaining a list of LogicalUnits, handling REPORT_LUNS and forwarding other commands to the LogicalUnits.
• scsi::emulation::block_device::BlockDevice that emulates an actual drive against a BlockDeviceBackend
• scsi::emulation::block_device::FileBackend that implements BlockDeviceBackend

Comparing that against https://github.com/rust-vmm/vm-virtio/tree/main/crates/devices/virtio-blk/src, my feeling is that there the virtio and high-level device-specific abstractions are sharing the same data structures.

With that, there are a series of choices that could be made:

1. About virtio parsing + scsi::Target:
   • Move it to https://github.com/rust-vmm/vm-virtio/tree/main/crates/devices.
     • Will probably require some extensive review and additions for features that we do not cover.
     • Unifying the two interface, would make the main.rs more simple, since no conversion is necessary.
   • Keep it here and public.
     • People could depend on this without consuming the rest, but it would not be as clean as pulling it from a separate crate...
     • We would probably at least still need to document this a bit better...
   • Keep it here, but mark it private.
     • Only our daemon would profit from it then.
     • we could mature it over time and eventually move it to https://github.com/rust-vmm/vm-virtio/tree/main/crates/devices.
   • No real benefit from defining separate scsi (virtio-less) and scsi-virtio interfaces though...
2. About the emulation-specific abstraction
   • Exposing these traits probably only makes sense if we also provide enough other support for the virtio layers in order to allow people to write their own daemon.
   • If we do not do that, we should probably just mark that API as crate-private.

I got no strong feelings about any of these options and are open to opinions.

[Ablu]

Thanks @vireshk.

Fixed/reacted to all comments.

While rebasing I noticed missing tests. While adding them I went into a rabbit hole of trying to fix some API weirdness around the <W, R> generics. I ended up dropping them in favor of dynamic dispatch. That simplifies the code quite a bit. And I think spending too much time thinking through the monomorphization without any benchmarks in place is not worth scarifying code clarity.

Changelog

• Dropped scsi-specific .lock file
• Match the gpiod Cargo.toml fields
• Fixed invocation in docs
• Merged backend.rs into main.rs again
• Switched from generics over Read/Write to dynamic dispatch
• Dropped data_in/data_out from Request and turned them into ordinary function arguments
• Minor API cleanup (some pub/pub(crate), &mut changes)
• Made newlines more consistent
• Dropped (for now) unused unmap field
• Removed some left-over comment
• Added tests for Write(10), WriteSame(16)
• Dropped test_all* tests that would require annoying updates every time a new command is added
• Reordered usings (cargo fmt -- --config group_imports=StdExternalCrate)

[Ablu]

The test results will be downloaded to results/, but we do not want to have those in SCM. The .containerignore prevents sending the (potentially large) results/ and test-data/ folders when building the container (though I am not sure whether this is actually still as relevant with root-less containers, probably no copy happens under the hood anymore...) Especially test-data/ might become "large-ish" with the Fedora image and test blockdevice.

[epilys]

Is this a warning or should it be log::error! instead?

[Ablu]

This is copied from the other daemons, that also log warn!() here. I agree that error!() is probably better. But I think this may be better fixed once we get rid of the boilerplate code (https://linaro.atlassian.net/browse/ORKO-32).

[epilys]

(Early optimization) this buffer (and the one in write_blocks()) looks like it's "one use" only. It could be an internal field of BlockDevice that gets cleared every time it's reused (which is constant time) to avoid reallocation.

[Ablu]

This code certainly is not very optimal. However, when moving to a single buffer shared across read, we will keep the memory of a single large read allocated until we tear down the device. I think I would rather spend the time on implementing a proper vectored read (that avoids doing the extra copies altogether). Before investing more time around the Read/Write DescriptorChains implementations I would try to think about a way to combine that with rust-vmm/vm-virtio#33.

[Ablu]

@epilys: Thanks!

Changelog

• Introduced new-types for ByteOffset, BlockOffset, BlockSize

[Ablu]

This code certainly is not very optimal. However, when moving to a single buffer shared across read, we will keep the memory of a single large read allocated until we tear down the device. I think I would rather spend the time on implementing a proper vectored read (that avoids doing the extra copies altogether). Before investing more time around the Read/Write DescriptorChains implementations I would try to think about a way to combine that with rust-vmm/vm-virtio#33.

[Ablu]

This is copied from the other daemons, that also log warn!() here. I agree that error!() is probably better. But I think this may be better fixed once we get rid of the boilerplate code (https://linaro.atlassian.net/browse/ORKO-32).

[Ablu]

CI reports dropped coverage. But that seems to happen because the CI reports slightly different percentages compared to what my local toolchain reports. I will adjust the number to make CI happy once this is reviewed. Overall the coverage improved, the failure is only happening because I bumped the percentage to what the script tells me locally.

[Ablu]

Changelog

• Rebased on top of main
• Bumped dependencies to match other crates
• Dropped unneeded dependency on queue test-utils

[Ablu]

Changelog

• Hopefully fixed coverage

[vireshk]

This is just too much (and complex) code to review. I have looked at it from the perspective of vhost-device stuff and that it is implemented in a way similar to other crates in the workspace.

Approving it now.

@stsquad @mathieupoirier @stefano-garzarella

[stsquad]

This is just too much (and complex) code to review. I have looked at it from the perspective of vhost-device stuff and that it is implemented in a way similar to other crates in the workspace.

Approving it now.

@stsquad @mathieupoirier @stefano-garzarella

I think its had some good cycles of review but there is a trade off to a growing stack of commits vs incremental updates. I'm happy with merging this so follow on enhancements aren't forever blocked.