[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [qemu-xen-unstable] passthrough: Fix pci bar remapping when guest probes width with all-1 BAR

commit cdfe6bd8f1643706272b46c3a8c5e48179f504c8
Author: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
Date:   Tue Jul 21 15:33:30 2009 +0100

    passthrough: Fix pci bar remapping when guest probes width with all-1 BAR
    
    When guest code tries to get the block size of mmio, it will write all "1"s
    into pci bar register and then qemu will return all "0"s to the don't care
    bits in the emulated bar register to indicate the block size to guest code.
    In this case, we should not create p2m mapping in  pt_bar_reg_write() and
    pt_exp_rom_bar_reg_write(). Attached patch fixes this issue, additional
    comment can be found in the patch.
    
    Signed-off-by: Wei Wang <wei.wang2@xxxxxxx>
---
 hw/pass-through.c |   22 ++++++++++++++++++++--
 1 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/hw/pass-through.c b/hw/pass-through.c
index c1a9b42..f3d033b 100644
--- a/hw/pass-through.c
+++ b/hw/pass-through.c
@@ -3401,7 +3401,16 @@ static int pt_bar_reg_write(struct pt_dev *ptdev,
     }
 
     /* update the corresponding virtual region address */
-    r->addr = cfg_entry->data;
+    /*
+     * When guest code tries to get block size of mmio, it will write all "1"s
+     * into pci bar register. In this case, cfg_entry->data == writable_mask.
+     * Especially for devices with large mmio, the value of writable_mask
+     * is likely to be a guest physical address that has been mapped to ram
+     * rather than mmio. Remapping this value to mmio should be prevented.
+     */
+
+    if ( cfg_entry->data != writable_mask )
+        r->addr = cfg_entry->data;
 
 exit:
     /* create value for writing to I/O device register */
@@ -3453,7 +3462,16 @@ static int pt_exp_rom_bar_reg_write(struct pt_dev *ptdev,
     cfg_entry->data = PT_MERGE_VALUE(*value, cfg_entry->data, writable_mask);
 
     /* update the corresponding virtual region address */
-    r->addr = cfg_entry->data;
+    /*
+     * When guest code tries to get block size of mmio, it will write all "1"s
+     * into pci bar register. In this case, cfg_entry->data == writable_mask.
+     * Especially for devices with large mmio, the value of writable_mask
+     * is likely to be a guest physical address that has been mapped to ram
+     * rather than mmio. Remapping this value to mmio should be prevented.
+     */
+
+    if ( cfg_entry->data != writable_mask )
+        r->addr = cfg_entry->data;
 
     /* create value for writing to I/O device register */
     throughable_mask = ~bar_emu_mask & valid_mask;
--
generated by git-patchbot for /home/xen/git/qemu-xen-unstable.git

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.