From: Peter Xu <peterx@redhat.com>
To: "Radim Krčmář" <rkrcmar@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>,
qemu-devel@nongnu.org, Eduardo Habkost <ehabkost@redhat.com>,
"Michael S. Tsirkin" <mst@redhat.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Richard Henderson <rth@twiddle.net>
Subject: Re: [Qemu-devel] [PATCH v4 3/8] intel_iommu: pass whole remapped addresses to apic
Date: Sat, 8 Oct 2016 14:14:09 +0800 [thread overview]
Message-ID: <20161008061409.GC3666@pxdev.xzpeter.org> (raw)
In-Reply-To: <20161007162414.GA20006@potion>
On Fri, Oct 07, 2016 at 06:24:15PM +0200, Radim Krčmář wrote:
[...]
> KVM accepts the address in host endianess and QEMU/VTD code also uses
> host endianess for internal representation of memory addresses, so this
> hunk should be fine.
>
> It is confusing, because the VTD is definitely broken with respect to
> endianess -- it is even trying to swap the order of bits in a byte in
> the definition of VTD_MSIMessage.
> I don't believe that dma_memory_write() accepted LE address on BE hosts,
> so the existing code for filling the address is wrong:
>
> msg.__addr_head = cpu_to_le32(0xfee);
Yeah. This is my fault. Sorry for the troubles.
I have a patch (as well...) to fix this in my local tree, but not
posted (as mst suggested). Maybe it's time to post some of them now (I
tried to make patches more into a bunch so that they won't be lost in
mailing list in case maintainer missed it). I agree that current code
is never tested on big endian machines yet.
Here it should be:
msg.__addr_head = 0xfee;
>
> > should it be:
> > msg.__addr_hi = cpu_to_le32(irq->dest & 0xffffff00)
>
> I don't think so.
>
> Howewer, there are endianess bugs in this patch:
>
> >> @@ -2281,11 +2282,7 @@ static MemTxResult vtd_mem_ir_write(void *opaque, hwaddr addr,
> >> " for device sid 0x%04x",
> >> to.address, to.data, sid);
> >>
> >> - if (dma_memory_write(&address_space_memory, to.address,
> >> - &to.data, size)) {
> >> - VTD_DPRINTF(GENERAL, "error: fail to write 0x%"PRIx64
> >> - " value 0x%"PRIx32, to.address, to.data);
> >> - }
> >> + apic_get_class()->send_msi(&to);
>
> because dma_memory_write() does magic on data.
>
> I don't understand how the code should have worked before this series,
> because kvm_apic_mem_write() expects data in little endian and
> apic_mem_writel() expects data in host endian, even though both of them
> are DEVICE_NATIVE_ENDIAN and are called the same way, so one shouldn't
> work.
I guess that's because APIC is only used for x86? Then it does not
matter. And I agree with you that currently MSI is a little bit
confused on endianess.
First of all, I believe in the protocol MSI (along with PCI logics)
should be LE.
Instead, our MSIMessage struct looks more like to be for host
endianess. E.g. in msi_get_message() we are using:
msg.data = pci_get_word(dev->config + msi_data_off(dev, msi64bit));
and pci_get_word() is converting LE to host endianess.
However, in all kvm_irqchip_*() APIs, we are assuming MSIMessage as
LE. E.g.:
int kvm_irqchip_send_msi(KVMState *s, MSIMessage msg)
{
struct kvm_msi msi;
KVMMSIRoute *route;
if (kvm_direct_msi_allowed) {
...
msi.data = le32_to_cpu(msg.data);
...
}
}
These things are conflicting.
Maybe we need to clean this up. And I prefer MSIMessage to be host
endianess.
>
> And similarly, this hunk is wrong:
>
> >> @@ -279,18 +280,17 @@ static void vtd_update_iotlb(IntelIOMMUState *s, uint16_t source_id,
> >> static void vtd_generate_interrupt(IntelIOMMUState *s, hwaddr mesg_addr_reg,
> >> hwaddr mesg_data_reg)
> >> {
> >> - hwaddr addr;
> >> - uint32_t data;
> >> + MSIMessage msi;
> >>
> >> assert(mesg_data_reg < DMAR_REG_SIZE);
> >> assert(mesg_addr_reg < DMAR_REG_SIZE);
> >>
> >> - addr = vtd_get_long_raw(s, mesg_addr_reg);
> >> - data = vtd_get_long_raw(s, mesg_data_reg);
> >> + msi.address = vtd_get_long_raw(s, mesg_addr_reg);
> >> + msi.data = vtd_get_long_raw(s, mesg_data_reg);
> >>
> >> - VTD_DPRINTF(FLOG, "msi: addr 0x%"PRIx64 " data 0x%"PRIx32, addr, data);
> >> - address_space_stl_le(&address_space_memory, addr, data,
> >> - MEMTXATTRS_UNSPECIFIED, NULL);
> >> + VTD_DPRINTF(FLOG, "msi: addr 0x%"PRIx64 " data 0x%"PRIx32,
> >> + msi.address, msi.data);
> >> + apic_get_class()->send_msi(&msi);
> >> }
>
> It should have been wrong even before, because address_space_stl_le()
> seems to accept the address in host endianess and not in LE ... UGH.
Again, I guess no one is running VT-d in BE machines. So problems are
not exposed.
Thanks,
-- peterx
next prev parent reply other threads:[~2016-10-08 6:14 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-10-05 13:06 [Qemu-devel] [PATCH v4 0/8] intel_iommu: fix EIM Radim Krčmář
2016-10-05 13:06 ` [Qemu-devel] [PATCH v4 1/8] apic: add global apic_get_class() Radim Krčmář
2016-10-06 14:40 ` Eduardo Habkost
2016-10-08 6:33 ` Peter Xu
2016-10-05 13:06 ` [Qemu-devel] [PATCH v4 2/8] apic: add send_msi() to APICCommonClass Radim Krčmář
2016-10-08 6:37 ` Peter Xu
2016-10-09 20:54 ` Michael S. Tsirkin
2016-10-10 13:35 ` Radim Krčmář
2016-10-10 23:50 ` Peter Xu
2016-10-05 13:06 ` [Qemu-devel] [PATCH v4 3/8] intel_iommu: pass whole remapped addresses to apic Radim Krčmář
2016-10-07 13:05 ` Igor Mammedov
2016-10-07 16:24 ` Radim Krčmář
2016-10-08 6:14 ` Peter Xu [this message]
2016-10-08 6:23 ` Peter Xu
2016-10-10 13:16 ` Igor Mammedov
2016-10-08 6:43 ` Peter Xu
2016-10-05 13:06 ` [Qemu-devel] [PATCH v4 4/8] intel_iommu: redo configuraton check in realize Radim Krčmář
2016-10-08 6:45 ` Peter Xu
2016-10-05 13:06 ` [Qemu-devel] [PATCH v4 5/8] intel_iommu: add OnOffAuto intr_eim as "eim" property Radim Krčmář
2016-10-08 7:13 ` Peter Xu
2016-10-05 13:06 ` [Qemu-devel] [PATCH v4 6/8] intel_iommu: reject broken EIM Radim Krčmář
2016-10-08 7:21 ` Peter Xu
2016-10-10 15:11 ` Radim Krčmář
2016-10-10 23:53 ` Peter Xu
2016-10-05 13:06 ` [Qemu-devel] [PATCH v4 7/8] intel_iommu: keep buggy EIM enabled in 2.7 machine type Radim Krčmář
2016-10-06 14:51 ` Eduardo Habkost
2016-10-06 15:33 ` Michael S. Tsirkin
2016-10-06 15:55 ` Radim Krčmář
2016-10-10 17:46 ` [Qemu-devel] Deprecating old machine-types (was Re: [PATCH v4 7/8] intel_iommu: keep buggy EIM enabled in 2.7 machine type) Eduardo Habkost
2016-10-11 7:36 ` Paolo Bonzini
2016-10-11 8:23 ` Daniel P. Berrange
2016-10-11 8:47 ` Paolo Bonzini
2016-10-14 14:50 ` Eduardo Habkost
2016-10-06 16:00 ` [Qemu-devel] [PATCH v4 7/8] intel_iommu: keep buggy EIM enabled in 2.7 machine type Radim Krčmář
2016-10-09 23:33 ` Michael S. Tsirkin
2016-10-05 13:06 ` [Qemu-devel] [PATCH v4 8/8] target-i386/kvm: cache the return value of kvm_enable_x2apic() Radim Krčmář
2016-10-07 13:01 ` Igor Mammedov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161008061409.GC3666@pxdev.xzpeter.org \
--to=peterx@redhat.com \
--cc=ehabkost@redhat.com \
--cc=imammedo@redhat.com \
--cc=mst@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=rkrcmar@redhat.com \
--cc=rth@twiddle.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.