[Xen-devel] Comments on Xen bug 1732

To:	Jan Beulich <jbeulich@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxx
Subject:	[Xen-devel] Comments on Xen bug 1732
From:	Haitao Shan <maillists.shan@xxxxxxxxx>
Date:	Mon, 31 Jan 2011 12:54:23 +0800
Cc:	"Jiang, Yunhong" <yunhong.jiang@xxxxxxxxx>, Keir Fraser <keir@xxxxxxx>
Delivery-date:	Sun, 30 Jan 2011 20:55:25 -0800
Dkim-signature:	v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:date:message-id:subject:from:to:cc :content-type; bh=1Jejz/uGstjUVJGW6qJaG1Z31Q6uZR95SCvMfdk1j20=; b=EnMedhomQh2wrurLh1h8nXN1EA2Wg3MoD2HfIJIKiW4n5swiczrOaWboTDXrytfOvF 92MzirZfsTxbr2crV+eKU+6yZwer68404QAYbbY3C0QbAnSvXPRKiQmEidnvN/U5Amu6 tGT3S4cTFWHHUv/E6hBkc1Ag7AqzE2qwYVInE=
Domainkey-signature:	a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:cc:content-type; b=Kc0QnYoitwtTeEWjKyZwEyfVKEcp+JU5UaE2mSJrYvsRnRdLh3/MTu4taDqeUV+7eW knGATce7D4F4PPPvJdIjKSGxgsyKGPKdgrgua7U2Ds0WkU7SA3QUl3H+4hfKp+X0kBgH 7wJQoH/jqtia8KAHCRXd0Ay04EKhUwdMeRa74=
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxxx
List-help:	<mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id:	Xen developer discussion <xen-devel.lists.xensource.com>
List-post:	<mailto:xen-devel@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender:	xen-devel-bounces@xxxxxxxxxxxxxxxxxxx

Hi, Jan,

As you may already notice the bug 1732, (http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1732), the culprit is c/s 22182.

I see the following attached code in your patch. It is pointless to check msi->table_base against the value read from physical device if this function is a virtual function of SR-IOV device. VFs are required to have BARs zeroed by specifications. And for VFs, unless you can read these values from corresponding PF, you will have to trust the "table_base" passed from dom0 via hypercall. Actually, this parameter is specifically introduced for enabling SR-IOV.

I am not familiar with this patch and hence its story. But I think it would be very simple for you to fix this up?

BTW: I vaguely recall that MSI-X table base might not be the first page of the corresponding BAR register.

Shan Haitao

+ if ( !dev->msix_nr_entries )

+ {

+ u64 pba_paddr;

+ u32 pba_offset;

+ ASSERT(!dev->msix_used_entries);

+ WARN_ON(msi->table_base != read_pci_mem_bar(bus, slot, func, bir));

+ dev->msix_nr_entries = nr_entries;

+ dev->msix_table.first = PFN_DOWN(table_paddr);

+ dev->msix_table.last = PFN_DOWN(table_paddr +

+ nr_entries * PCI_MSIX_ENTRY_SIZE - 1);

+ WARN_ON(rangeset_overlaps_range(mmio_ro_ranges, dev->msix_table.first,

+ dev->msix_table.last));

+ pba_offset = pci_conf_read32(bus, slot, func,

+ msix_pba_offset_reg(pos));

+ bir = (u8)(pba_offset & PCI_MSIX_BIRMASK);

+ pba_paddr = read_pci_mem_bar(bus, slot, func, bir);

+ WARN_ON(!pba_paddr);

+ pba_paddr += pba_offset & ~PCI_MSIX_BIRMASK;

+ dev->msix_pba.first = PFN_DOWN(pba_paddr);

+ dev->msix_pba.last = PFN_DOWN(pba_paddr +

+ BITS_TO_LONGS(nr_entries) - 1);

+ WARN_ON(rangeset_overlaps_range(mmio_ro_ranges, dev->msix_pba.first,

+ dev->msix_pba.last));

+ if ( rangeset_add_range(mmio_ro_ranges, dev->msix_table.first,

+ dev->msix_table.last) )

+ WARN();

+ if ( rangeset_add_range(mmio_ro_ranges, dev->msix_pba.first,

+ dev->msix_pba.last) )

+ WARN();

+ if ( dev->domain )

+ p2m_change_entry_type_global(p2m_get_hostp2m(dev->domain),

+ p2m_mmio_direct, p2m_mmio_direct);

+ if ( !dev->domain || !paging_mode_translate(dev->domain) )

+ {

+ struct domain *d = dev->domain;

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

WARNING - OLD ARCHIVES

xen-devel

[Xen-devel] Comments on Xen bug 1732