Re: [Qemu-devel] [PATCH] hw/pci: fixed crash when using rombar=0 for hotplugged devices

[Alex Williamson]

On Wed, 2014-10-22 at 11:02 +0300, Michael S. Tsirkin wrote:
> On Wed, Oct 22, 2014 at 10:41:05AM +0300, Marcel Apfelbaum wrote:
> > On Wed, 2014-10-22 at 00:06 +0200, Paolo Bonzini wrote:
> > > 
> > > On 10/21/2014 02:37 PM, Marcel Apfelbaum wrote:
> > > > ROM images must be loaded at startup. Usage of rombar=0 after that
> > > > is not allowed, but should not crash QEMU.
> > > > 
> > > > Check that the device is not hotplugged before trying to
> > > > insert the rom file.
> > > 
> > > I think it could also make sense to just ignore the option ROM and allow
> > > the hotplug.
> > We need a way to inform the user we did that, he *specifically* asked
> > for a ROM he might need it.
> > 
> > Thanks,
> > Marcel
> 
> But he also asked to disable BAR.
> 
> I don't see valid reasons for this configuration
> expcept compatibility.
> 
> But I have a vague memory Alex thought differently.
> Alex?

The comment in the original patch is really confusing for device
assignment where rombar=0 is perfectly valid for any case, hotplug or
not, but only in combination with romfile= do we end up trying to use
fw_cfg, which I think is what we're trying to prevent here.  Emulated
devices are the ones that will still try to use fw_cfg because they have
an implicit romfile.

I can't think of any use cases for requiring fw_cfg for an assigned
device, it usually ends up being a user error to specify both rombar=0
with romfile=$FILE.  Doing that for any device, emulated or assigned,
disassociates the ROM from the device which breaks things like bootindex
as well.

If a user specifies rombar=0,romfile=$FILE we should probably error and
reject the device for hotplug.  Emulated devices with implicit romfiles
are a bit harder to know what will break.  Silently dropping the
implicit romfile seems like a reasonable thing, but then we have
different behavior between cold- and hot-plugged devices.  I think
that's reproducible for migration using romfile="", but I don't expect
libvirt handles that properly.  It's a can of worms...

Thanks,
Alex

> > > 
> > > Sooner or later we should drop the oldest compat machine types...
> > > everything until 0.12 probably could go.
> > > 
> > > Paolo
> > > 
> > > > Signed-off-by: Marcel Apfelbaum <address@hidden>
> > > > ---
> > > >  hw/pci/pci.c | 11 ++++++++++-
> > > >  1 file changed, 10 insertions(+), 1 deletion(-)
> > > > 
> > > > diff --git a/hw/pci/pci.c b/hw/pci/pci.c
> > > > index 6ce75aa..3907c90 100644
> > > > --- a/hw/pci/pci.c
> > > > +++ b/hw/pci/pci.c
> > > > @@ -1776,7 +1776,12 @@ static int pci_qdev_init(DeviceState *qdev)
> > > >          pci_dev->romfile = g_strdup(pc->romfile);
> > > >          is_default_rom = true;
> > > >      }
> > > > -    pci_add_option_rom(pci_dev, is_default_rom);
> > > > +
> > > > +    rc = pci_add_option_rom(pci_dev, is_default_rom);
> > > > +    if (rc != 0) {
> > > > +        pci_unregister_device(DEVICE(pci_dev));
> > > > +        return rc;
> > > > +    }
> > > >  
> > > >      return 0;
> > > >  }
> > > > @@ -1940,6 +1945,10 @@ static int pci_add_option_rom(PCIDevice *pdev, 
> > > > bool is_default_rom)
> > > >          if (class == 0x0300) {
> > > >              rom_add_vga(pdev->romfile);
> > > >          } else {
> > > > +            if (DEVICE(pdev)->hotplugged) {
> > > > +                error_report("PCI: rombar can't be 0 for hotplugged 
> > > > devices!");
> > > > +                return -1;
> > > > +            }
> > > >              rom_add_option(pdev->romfile, -1);
> > > >          }
> > > >          return 0;
> > > > 
> > 
> > 
>