From patchwork Tue Jun 2 15:40:19 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefano Stabellini X-Patchwork-Id: 479530 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3B94A1412EA for ; Wed, 3 Jun 2015 01:43:08 +1000 (AEST) Received: from localhost ([::1]:59222 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YzoLK-0001om-F3 for incoming@patchwork.ozlabs.org; Tue, 02 Jun 2015 11:43:06 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50995) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YzoJE-0006dn-Ba for qemu-devel@nongnu.org; Tue, 02 Jun 2015 11:40:57 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YzoJ9-0005Mu-Q8 for qemu-devel@nongnu.org; Tue, 02 Jun 2015 11:40:55 -0400 Received: from smtp.citrix.com ([66.165.176.89]:51129) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YzoJ9-0005Mk-5J for qemu-devel@nongnu.org; Tue, 02 Jun 2015 11:40:51 -0400 X-IronPort-AV: E=Sophos;i="5.13,540,1427760000"; d="scan'208";a="268215161" From: Stefano Stabellini To: Date: Tue, 2 Jun 2015 16:40:19 +0100 Message-ID: <1433259628-4611-2-git-send-email-stefano.stabellini@eu.citrix.com> X-Mailer: git-send-email 1.7.9.5 In-Reply-To: References: MIME-Version: 1.0 X-DLP: MIA2 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 66.165.176.89 Cc: peter.maydell@linaro.org, xen-devel@lists.xensource.com, Jan Beulich , Stefano.Stabellini@eu.citrix.com Subject: [Qemu-devel] [PULL 02/11] xen: don't allow guest to control MSI mask register X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org From: Jan Beulich It's being used by the hypervisor. For now simply mimic a device not capable of masking, and fully emulate any accesses a guest may issue nevertheless as simple reads/writes without side effects. This is XSA-129. Signed-off-by: Jan Beulich Reviewed-by: Stefano Stabellini --- hw/pci/msi.c | 4 -- hw/xen/xen_pt_config_init.c | 98 ++++++++++++++++++++++++++++++++++++++----- include/hw/pci/pci_regs.h | 2 + 3 files changed, 90 insertions(+), 14 deletions(-) diff --git a/hw/pci/msi.c b/hw/pci/msi.c index c111dba..f9c0484 100644 --- a/hw/pci/msi.c +++ b/hw/pci/msi.c @@ -21,10 +21,6 @@ #include "hw/pci/msi.h" #include "qemu/range.h" -/* Eventually those constants should go to Linux pci_regs.h */ -#define PCI_MSI_PENDING_32 0x10 -#define PCI_MSI_PENDING_64 0x14 - /* PCI_MSI_ADDRESS_LO */ #define PCI_MSI_ADDRESS_LO_MASK (~0x3) diff --git a/hw/xen/xen_pt_config_init.c b/hw/xen/xen_pt_config_init.c index dae0519..68b8f22 100644 --- a/hw/xen/xen_pt_config_init.c +++ b/hw/xen/xen_pt_config_init.c @@ -1016,13 +1016,9 @@ static XenPTRegInfo xen_pt_emu_reg_pm[] = { */ /* Helper */ -static bool xen_pt_msgdata_check_type(uint32_t offset, uint16_t flags) -{ - /* check the offset whether matches the type or not */ - bool is_32 = (offset == PCI_MSI_DATA_32) && !(flags & PCI_MSI_FLAGS_64BIT); - bool is_64 = (offset == PCI_MSI_DATA_64) && (flags & PCI_MSI_FLAGS_64BIT); - return is_32 || is_64; -} +#define xen_pt_msi_check_type(offset, flags, what) \ + ((offset) == ((flags) & PCI_MSI_FLAGS_64BIT ? \ + PCI_MSI_##what##_64 : PCI_MSI_##what##_32)) /* Message Control register */ static int xen_pt_msgctrl_reg_init(XenPCIPassthroughState *s, @@ -1134,7 +1130,45 @@ static int xen_pt_msgdata_reg_init(XenPCIPassthroughState *s, uint32_t offset = reg->offset; /* check the offset whether matches the type or not */ - if (xen_pt_msgdata_check_type(offset, flags)) { + if (xen_pt_msi_check_type(offset, flags, DATA)) { + *data = reg->init_val; + } else { + *data = XEN_PT_INVALID_REG; + } + return 0; +} + +/* this function will be called twice (for 32 bit and 64 bit type) */ +/* initialize Mask register */ +static int xen_pt_mask_reg_init(XenPCIPassthroughState *s, + XenPTRegInfo *reg, uint32_t real_offset, + uint32_t *data) +{ + uint32_t flags = s->msi->flags; + + /* check the offset whether matches the type or not */ + if (!(flags & PCI_MSI_FLAGS_MASKBIT)) { + *data = XEN_PT_INVALID_REG; + } else if (xen_pt_msi_check_type(reg->offset, flags, MASK)) { + *data = reg->init_val; + } else { + *data = XEN_PT_INVALID_REG; + } + return 0; +} + +/* this function will be called twice (for 32 bit and 64 bit type) */ +/* initialize Pending register */ +static int xen_pt_pending_reg_init(XenPCIPassthroughState *s, + XenPTRegInfo *reg, uint32_t real_offset, + uint32_t *data) +{ + uint32_t flags = s->msi->flags; + + /* check the offset whether matches the type or not */ + if (!(flags & PCI_MSI_FLAGS_MASKBIT)) { + *data = XEN_PT_INVALID_REG; + } else if (xen_pt_msi_check_type(reg->offset, flags, PENDING)) { *data = reg->init_val; } else { *data = XEN_PT_INVALID_REG; @@ -1222,7 +1256,7 @@ static int xen_pt_msgdata_reg_write(XenPCIPassthroughState *s, uint32_t offset = reg->offset; /* check the offset whether matches the type or not */ - if (!xen_pt_msgdata_check_type(offset, msi->flags)) { + if (!xen_pt_msi_check_type(offset, msi->flags, DATA)) { /* exit I/O emulator */ XEN_PT_ERR(&s->dev, "the offset does not match the 32/64 bit type!\n"); return -1; @@ -1267,7 +1301,7 @@ static XenPTRegInfo xen_pt_emu_reg_msi[] = { .size = 2, .init_val = 0x0000, .ro_mask = 0xFF8E, - .emu_mask = 0x007F, + .emu_mask = 0x017F, .init = xen_pt_msgctrl_reg_init, .u.w.read = xen_pt_word_reg_read, .u.w.write = xen_pt_msgctrl_reg_write, @@ -1316,6 +1350,50 @@ static XenPTRegInfo xen_pt_emu_reg_msi[] = { .u.w.read = xen_pt_word_reg_read, .u.w.write = xen_pt_msgdata_reg_write, }, + /* Mask reg (if PCI_MSI_FLAGS_MASKBIT set, for 32-bit devices) */ + { + .offset = PCI_MSI_MASK_32, + .size = 4, + .init_val = 0x00000000, + .ro_mask = 0xFFFFFFFF, + .emu_mask = 0xFFFFFFFF, + .init = xen_pt_mask_reg_init, + .u.dw.read = xen_pt_long_reg_read, + .u.dw.write = xen_pt_long_reg_write, + }, + /* Mask reg (if PCI_MSI_FLAGS_MASKBIT set, for 64-bit devices) */ + { + .offset = PCI_MSI_MASK_64, + .size = 4, + .init_val = 0x00000000, + .ro_mask = 0xFFFFFFFF, + .emu_mask = 0xFFFFFFFF, + .init = xen_pt_mask_reg_init, + .u.dw.read = xen_pt_long_reg_read, + .u.dw.write = xen_pt_long_reg_write, + }, + /* Pending reg (if PCI_MSI_FLAGS_MASKBIT set, for 32-bit devices) */ + { + .offset = PCI_MSI_MASK_32 + 4, + .size = 4, + .init_val = 0x00000000, + .ro_mask = 0xFFFFFFFF, + .emu_mask = 0x00000000, + .init = xen_pt_pending_reg_init, + .u.dw.read = xen_pt_long_reg_read, + .u.dw.write = xen_pt_long_reg_write, + }, + /* Pending reg (if PCI_MSI_FLAGS_MASKBIT set, for 64-bit devices) */ + { + .offset = PCI_MSI_MASK_64 + 4, + .size = 4, + .init_val = 0x00000000, + .ro_mask = 0xFFFFFFFF, + .emu_mask = 0x00000000, + .init = xen_pt_pending_reg_init, + .u.dw.read = xen_pt_long_reg_read, + .u.dw.write = xen_pt_long_reg_write, + }, { .size = 0, }, diff --git a/include/hw/pci/pci_regs.h b/include/hw/pci/pci_regs.h index 56a404b..57e8c80 100644 --- a/include/hw/pci/pci_regs.h +++ b/include/hw/pci/pci_regs.h @@ -298,8 +298,10 @@ #define PCI_MSI_ADDRESS_HI 8 /* Upper 32 bits (if PCI_MSI_FLAGS_64BIT set) */ #define PCI_MSI_DATA_32 8 /* 16 bits of data for 32-bit devices */ #define PCI_MSI_MASK_32 12 /* Mask bits register for 32-bit devices */ +#define PCI_MSI_PENDING_32 16 /* Pending bits register for 32-bit devices */ #define PCI_MSI_DATA_64 12 /* 16 bits of data for 64-bit devices */ #define PCI_MSI_MASK_64 16 /* Mask bits register for 64-bit devices */ +#define PCI_MSI_PENDING_64 20 /* Pending bits register for 32-bit devices */ /* MSI-X registers */ #define PCI_MSIX_FLAGS 2