| Message ID | 5721F8B102000078000E6B13@prv-mh.provo.novell.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On 28/04/16 10:49, Jan Beulich wrote: > msixtbl_range(), as any other MMIO ->check() handlers, may get called > with other than the base address of an access - avoid the snoop logic > considering those. > > Also avoid considering vCPU-s not blocked in the hypervisor in > msixtbl_pt_register(), just to be on the safe side. > > Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
> -----Original Message----- > From: Jan Beulich [mailto:JBeulich@suse.com] > Sent: 28 April 2016 10:49 > To: xen-devel > Cc: Andrew Cooper; Paul Durrant > Subject: [PATCH 1/3] x86/vMSI-X: add further checks to snoop logic > > msixtbl_range(), as any other MMIO ->check() handlers, may get called > with other than the base address of an access - avoid the snoop logic > considering those. > > Also avoid considering vCPU-s not blocked in the hypervisor in > msixtbl_pt_register(), just to be on the safe side. > > Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Paul Durrant <paul.durrant@citrix.com> > > --- a/xen/arch/x86/hvm/vmsi.c > +++ b/xen/arch/x86/hvm/vmsi.c > @@ -349,7 +349,7 @@ static int msixtbl_range(struct vcpu *v, > { > const ioreq_t *r = &v->arch.hvm_vcpu.hvm_io.io_req; > > - if ( r->state != STATE_IOREQ_READY ) > + if ( r->state != STATE_IOREQ_READY || r->addr != addr ) > return 0; > ASSERT(r->type == IOREQ_TYPE_COPY); > if ( r->dir == IOREQ_WRITE && r->size == 4 && !r->data_is_ptr > @@ -457,7 +457,8 @@ out: > > for_each_vcpu ( d, v ) > { > - if ( v->arch.hvm_vcpu.hvm_io.msix_snoop_address == > + if ( (v->pause_flags & VPF_blocked_in_xen) && > + v->arch.hvm_vcpu.hvm_io.msix_snoop_address == > (gtable + msi_desc->msi_attrib.entry_nr * > PCI_MSIX_ENTRY_SIZE + > PCI_MSIX_ENTRY_VECTOR_CTRL_OFFSET) ) > >
--- a/xen/arch/x86/hvm/vmsi.c +++ b/xen/arch/x86/hvm/vmsi.c @@ -349,7 +349,7 @@ static int msixtbl_range(struct vcpu *v, { const ioreq_t *r = &v->arch.hvm_vcpu.hvm_io.io_req; - if ( r->state != STATE_IOREQ_READY ) + if ( r->state != STATE_IOREQ_READY || r->addr != addr ) return 0; ASSERT(r->type == IOREQ_TYPE_COPY); if ( r->dir == IOREQ_WRITE && r->size == 4 && !r->data_is_ptr @@ -457,7 +457,8 @@ out: for_each_vcpu ( d, v ) { - if ( v->arch.hvm_vcpu.hvm_io.msix_snoop_address == + if ( (v->pause_flags & VPF_blocked_in_xen) && + v->arch.hvm_vcpu.hvm_io.msix_snoop_address == (gtable + msi_desc->msi_attrib.entry_nr * PCI_MSIX_ENTRY_SIZE + PCI_MSIX_ENTRY_VECTOR_CTRL_OFFSET) )