[PATCH for 4.6] xen/tools: Widen the machine_irq in xc_domain_*bind_pt_irq_int

[PATCH for 4.6] xen/tools: Widen the machine_irq in xc_domain_*bind_pt_irq_int

[Julien Grall]

The DOMCTLs {,un}bind_pt_irq are using uint32_t for the machine_irq
while the helper is using uint8_t.

Currently on ARM, we are supporting SPIs whose irq number can go up to
1019 which doesn't fit in an uint8_t. The helpers xc_domain_bind_pt_spi
and xc_domain_unbint_pt_spi are correctly taking an uint16_t so the
libxc was truncating without noticing the user which may end up to
route the wrong IRQ.

Fix the problem by widening the machine_irq parameter in
xc_domain_*bind_pt_irq_int.

Note that XEN_DOMCTL_irq_permission has the same problem but it's not
used at the moment on ARM. So we can defer the changes after the release
of Xen 4.7.

Reported-by: Iurii Konovalenko <iurii.konovalenko@globallogic.com>
Signed-off-by: Julien Grall <julien.grall@citrix.com>

---
    This is based on the patch "arm: irq: increase size of irq from uint8_t
    to uint32_t" [1] by Iurii few months ago.

    The bug has been introduced by the device passthrough series pushed
    in Xen 2 months ago. It prevents to route any IRQ number > 256 on ARM.

    The changes are minimal in order to get it fixed for Xen 4.6. There
    is technically change for x86 as the machine_irq field in the
    DOMCTL was already uint32_t. Only the parameter of the internal
    helper is widen.

    [1] http://lists.xen.org/archives/html/xen-devel/2015-04/msg00681.html
---
 tools/libxc/xc_domain.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tools/libxc/xc_domain.c b/tools/libxc/xc_domain.c
index 6db8d13..b7a41e4 100644
--- a/tools/libxc/xc_domain.c
+++ b/tools/libxc/xc_domain.c
@@ -1880,7 +1880,7 @@ int xc_domain_unbind_msi_irq(
 static int xc_domain_bind_pt_irq_int(
     xc_interface *xch,
     uint32_t domid,
-    uint8_t machine_irq,
+    uint32_t machine_irq,
     uint8_t irq_type,
     uint8_t bus,
     uint8_t device,
@@ -1939,7 +1939,7 @@ int xc_domain_bind_pt_irq(
 static int xc_domain_unbind_pt_irq_int(
     xc_interface *xch,
     uint32_t domid,
-    uint8_t machine_irq,
+    uint32_t machine_irq,
     uint8_t irq_type,
     uint8_t bus,
     uint8_t device,
-- 
2.1.4

Re: [PATCH for 4.6] xen/tools: Widen the machine_irq in xc_domain_*bind_pt_irq_int

[Ian Campbell]

On Fri, 2015-07-17 at 15:06 +0100, Julien Grall wrote:
> The DOMCTLs {,un}bind_pt_irq are using uint32_t for the machine_irq
> while the helper is using uint8_t.
> 
> Currently on ARM, we are supporting SPIs whose irq number can go up 
> to
> 1019 which doesn't fit in an uint8_t. The helpers 
> xc_domain_bind_pt_spi
> and xc_domain_unbint_pt_spi are correctly taking an uint16_t so the
> libxc was truncating without noticing the user which may end up to
> route the wrong IRQ.
> 
> Fix the problem by widening the machine_irq parameter in
> xc_domain_*bind_pt_irq_int.
> 
> Note that XEN_DOMCTL_irq_permission has the same problem but it's not
> used at the moment on ARM. So we can defer the changes after the 
> release
> of Xen 4.7.
> 
> Reported-by: Iurii Konovalenko <iurii.konovalenko@globallogic.com>
> Signed-off-by: Julien Grall <julien.grall@citrix.com>

Acked-by: Ian Campbell <ian.campbell@citrix.com>

I think this is a bugfix and should be applied for 4.6.

Ian.

> 
> ---
>     This is based on the patch "arm: irq: increase size of irq from 
> uint8_t
>     to uint32_t" [1] by Iurii few months ago.
> 
>     The bug has been introduced by the device passthrough series 
> pushed
>     in Xen 2 months ago. It prevents to route any IRQ number > 256 on 
> ARM.
> 
>     The changes are minimal in order to get it fixed for Xen 4.6. 
> There
>     is technically change for x86 as the machine_irq field in the
>     DOMCTL was already uint32_t. Only the parameter of the internal
>     helper is widen.
> 
>     [1] 
> http://lists.xen.org/archives/html/xen-devel/2015-04/msg00681.html
> ---
>  tools/libxc/xc_domain.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/tools/libxc/xc_domain.c b/tools/libxc/xc_domain.c
> index 6db8d13..b7a41e4 100644
> --- a/tools/libxc/xc_domain.c
> +++ b/tools/libxc/xc_domain.c
> @@ -1880,7 +1880,7 @@ int xc_domain_unbind_msi_irq(
>  static int xc_domain_bind_pt_irq_int(
>      xc_interface *xch,
>      uint32_t domid,
> -    uint8_t machine_irq,
> +    uint32_t machine_irq,
>      uint8_t irq_type,
>      uint8_t bus,
>      uint8_t device,
> @@ -1939,7 +1939,7 @@ int xc_domain_bind_pt_irq(
>  static int xc_domain_unbind_pt_irq_int(
>      xc_interface *xch,
>      uint32_t domid,
> -    uint8_t machine_irq,
> +    uint32_t machine_irq,
>      uint8_t irq_type,
>      uint8_t bus,
>      uint8_t device,

Re: [PATCH for 4.6] xen/tools: Widen the machine_irq in xc_domain_*bind_pt_irq_int

[Ian Campbell]

On Tue, 2015-07-21 at 15:15 +0100, Ian Campbell wrote:
> On Fri, 2015-07-17 at 15:06 +0100, Julien Grall wrote:
> > The DOMCTLs {,un}bind_pt_irq are using uint32_t for the machine_irq
> > while the helper is using uint8_t.
> > 
> > Currently on ARM, we are supporting SPIs whose irq number can go up 
> > 
> > to
> > 1019 which doesn't fit in an uint8_t. The helpers 
> > xc_domain_bind_pt_spi
> > and xc_domain_unbint_pt_spi are correctly taking an uint16_t so the
> > libxc was truncating without noticing the user which may end up to
> > route the wrong IRQ.
> > 
> > Fix the problem by widening the machine_irq parameter in
> > xc_domain_*bind_pt_irq_int.
> > 
> > Note that XEN_DOMCTL_irq_permission has the same problem but it's 
> > not
> > used at the moment on ARM. So we can defer the changes after the 
> > release
> > of Xen 4.7.
> > 
> > Reported-by: Iurii Konovalenko <iurii.konovalenko@globallogic.com>
> > Signed-off-by: Julien Grall <julien.grall@citrix.com>
> 
> Acked-by: Ian Campbell <ian.campbell@citrix.com>
> 
> I think this is a bugfix and should be applied for 4.6.

Done.