Xen project Mailing List

Re: [PATCH 5/9] vpci/header: Implement guest BAR register handlers

To: Oleksandr Andrushchenko <andr2000@xxxxxxxxx>

Date: Mon, 6 Sep 2021 16:31:47 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=EoJ9m66Pji9O6SyXYQfehum/FULzvCHrym3EdmuH0a4=; b=XQMOnuvXPFYpYBXalxwSPSNNGH0AajrCdJ6ajNR5ELdpSIIlM6MqEfYA9aICGvbKNnjRiiKO5lrvb1iOfIRN0+nktOVkSYOhTDnLgvf3LxduK4/vjKaptOmZrJN6wSowjaqgmhQtfQROfI6UroL5X8ojSMS7n0U3Az+u3hIVrstggjCR5kRDFh34bAFWlJMFwdSP+TKbwgp8L6pM8+4zJ/scfVUSEFXqJ/bZVmMcyKl6KFRYBJZ7FL50vg0tTsAVySw0+IZ/P00456zvMdpQmRQCkKITasjTES/aJRJOOEkFPGZ8DrE388+UhYnvyVZZn5+rCbnnAxGMBmMHHlZhPw==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Ign0+7h1XqoCzh5q+/7D4sRdvuLgoh9mwKAcYADT0Y+A95Oa9Ci4/qgc7Dz/J+ojrKtVoyucvcuRtGC7Eh0jI/Hkuq4eIwERKRe9FrAq4eagoxqSxAIs5eTQTGrt1k9L4xzFyCy6F3spL3UhCKKpwijnkwv52BSYMsh1LGHGgJ57fbVo3Fbq2ZXjnC+QOqPph62wjcL+7IVy2dLGiDspW8ftTZqUhygH5Ff/Y5wZYW11zWHhuu6kqo2JQKwceyoIhz6P+ZUl6fGHyoBiv88G+9xwus1F1wBdfMyEHqPR3lX5IbjMjHeryWvSmNoIbC0DLuMNTXnV1O353ob8rC+M2Q==

Authentication-results: lists.xenproject.org; dkim=none (message not signed) header.d=none;lists.xenproject.org; dmarc=none action=none header.from=suse.com;

Cc: julien@xxxxxxx, sstabellini@xxxxxxxxxx, oleksandr_tyshchenko@xxxxxxxx, volodymyr_babchuk@xxxxxxxx, Artem_Mygaiev@xxxxxxxx, roger.pau@xxxxxxxxxx, bertrand.marquis@xxxxxxx, rahul.singh@xxxxxxx, Oleksandr Andrushchenko <oleksandr_andrushchenko@xxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx

Delivery-date: Mon, 06 Sep 2021 14:32:04 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 03.09.2021 12:08, Oleksandr Andrushchenko wrote: > --- a/xen/drivers/vpci/header.c > +++ b/xen/drivers/vpci/header.c > @@ -400,12 +400,72 @@ static void bar_write(const struct pci_dev *pdev, > unsigned int reg, > static void guest_bar_write(const struct pci_dev *pdev, unsigned int reg, > uint32_t val, void *data) > { > + struct vpci_bar *bar = data; > + bool hi = false; > + > + if ( bar->type == VPCI_BAR_MEM64_HI ) > + { > + ASSERT(reg > PCI_BASE_ADDRESS_0); > + bar--; > + hi = true; > + } > + else > + val &= PCI_BASE_ADDRESS_MEM_MASK; > + bar->guest_addr &= ~(0xffffffffull << (hi ? 32 : 0)); > + bar->guest_addr |= (uint64_t)val << (hi ? 32 : 0); What you store here is not the address that's going to be used, as you don't mask off the low bits (to account for the BAR's size). When a BAR gets written with all ones, all writable bits get these ones stored. The address of the BAR, aiui, really changes to (typically) close below 4Gb (in the case of a 32-bit BAR), which is why memory / I/O decoding should be off while sizing BARs. Therefore you shouldn't look for the specific "all writable bits are ones" pattern (or worse, as you presently do, the "all bits outside of the type specifier are ones" one) on the read path. Instead mask the value appropriately here, and simply return back the stored value from the read path. > } > > static uint32_t guest_bar_read(const struct pci_dev *pdev, unsigned int reg, > void *data) > { > - return 0xffffffff; > + struct vpci_bar *bar = data; > + uint32_t val; > + bool hi = false; > + > + switch ( bar->type ) > + { > + case VPCI_BAR_MEM64_HI: > + ASSERT(reg > PCI_BASE_ADDRESS_0); > + bar--; > + hi = true; > + /* fallthrough */ > + case VPCI_BAR_MEM64_LO: > + { Please don't add braces to case blocks when they're not needed. > + if ( hi ) > + val = bar->guest_addr >> 32; > + else > + val = bar->guest_addr & 0xffffffff; > + if ( (val & PCI_BASE_ADDRESS_MEM_MASK_32) == > PCI_BASE_ADDRESS_MEM_MASK_32 ) This is wrong when falling through to here from VPCI_BAR_MEM64_HI: All 32 bits need to be looked at. Yet as per the comment further up I think it isn't right anyway to apply the mask here. Also: Stray double blanks. > + { > + /* Guests detects BAR's properties and sizes. */ > + if ( hi ) > + val = bar->size >> 32; > + else > + val = 0xffffffff & ~(bar->size - 1); > + } > + if ( !hi ) > + { > + val |= PCI_BASE_ADDRESS_MEM_TYPE_64; > + val |= bar->prefetchable ? PCI_BASE_ADDRESS_MEM_PREFETCH : 0; > + } > + bar->guest_addr &= ~(0xffffffffull << (hi ? 32 : 0)); > + bar->guest_addr |= (uint64_t)val << (hi ? 32 : 0); > + break; > + } > + case VPCI_BAR_MEM32: Please separate non-fall-through case blocks by a blank line. > @@ -522,6 +582,13 @@ static int add_bar_handlers(struct pci_dev *pdev, bool > is_hwdom) > if ( rc ) > return rc; > } > + /* > + * It is neither safe nor secure to initialize guest's view of the > BARs > + * with real values which are used by the hardware domain, so assign > + * all zeros to guest's view of the BARs, so the guest can perform > + * proper PCI device enumeration and assign BARs on its own. > + */ > + bars[i].guest_addr = 0; I'm afraid I don't understand the comment: Without memory decoding enabled, the BARs are simple registers (with a few r/o bits). > --- a/xen/include/xen/pci_regs.h > +++ b/xen/include/xen/pci_regs.h > @@ -103,6 +103,7 @@ > #define PCI_BASE_ADDRESS_MEM_TYPE_64 0x04 /* 64 bit address */ > #define PCI_BASE_ADDRESS_MEM_PREFETCH 0x08 /* prefetchable? */ > #define PCI_BASE_ADDRESS_MEM_MASK (~0x0fUL) > +#define PCI_BASE_ADDRESS_MEM_MASK_32 (~0x0fU) Please don't introduce an identical constant that's merely of different type. (uint32_t)PCI_BASE_ADDRESS_MEM_MASK at the use site (if actually still needed as per the comment above) would seem more clear to me. Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.