qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v2 3/8] x86_iommu/amd: remove V=1 check from amd

From: Eduardo Habkost
Subject: Re: [Qemu-devel] [PATCH v2 3/8] x86_iommu/amd: remove V=1 check from amdvi_validate_dte()
Date: Mon, 17 Sep 2018 09:56:24 -0300
User-agent: Mutt/1.9.2 (2017-12-15) 
On Fri, Sep 14, 2018 at 01:26:58PM -0500, Brijesh Singh wrote:
> Currently, the amdvi_validate_dte() assumes that a valid DTE will
> always have V=1. This is not true. The V=1 means that bit[127:1] are
> valid. A valid DTE can have IV=1 and V=0 (i.e pt=off, intremap=on).
> 
> Remove the V=1 check from amdvi_validate_dte(), make the caller
> responsible to check for V or IV bits.
> 
> Signed-off-by: Brijesh Singh <address@hidden>
> Cc: "Michael S. Tsirkin" <address@hidden>
> Cc: Paolo Bonzini <address@hidden>
> Cc: Richard Henderson <address@hidden>
> Cc: Eduardo Habkost <address@hidden>
> Cc: Marcel Apfelbaum <address@hidden>
> Cc: Tom Lendacky <address@hidden>
> Cc: Suravee Suthikulpanit <address@hidden>
> ---
>  hw/i386/amd_iommu.c | 7 ++++---
>  1 file changed, 4 insertions(+), 3 deletions(-)
> 
> diff --git a/hw/i386/amd_iommu.c b/hw/i386/amd_iommu.c
> index 1fd669f..225825e 100644
> --- a/hw/i386/amd_iommu.c
> +++ b/hw/i386/amd_iommu.c
> @@ -807,7 +807,7 @@ static inline uint64_t amdvi_get_perms(uint64_t entry)
>             AMDVI_DEV_PERM_SHIFT;
>  }
>  
> -/* a valid entry should have V = 1 and reserved bits honoured */
> +/* validate that reserved bits are honoured */
>  static bool amdvi_validate_dte(AMDVIState *s, uint16_t devid,
>                                 uint64_t *dte)
>  {
> @@ -820,7 +820,7 @@ static bool amdvi_validate_dte(AMDVIState *s, uint16_t 
> devid,
>          return false;
>      }
>  
> -    return dte[0] & AMDVI_DEV_VALID;

       ^^^^^^^^ [1]

> +    return true;
>  }

For reference, this is the only caller of amdvi_validate_dte():

  /* get a device table entry given the devid */
  static bool amdvi_get_dte(AMDVIState *s, int devid, uint64_t *entry)
  {
      uint32_t offset = devid * AMDVI_DEVTAB_ENTRY_SIZE;
  
      if (dma_memory_read(&address_space_memory, s->devtab + offset, entry,
          AMDVI_DEVTAB_ENTRY_SIZE)) {
          trace_amdvi_dte_get_fail(s->devtab, offset);
          /* log error accessing dte */
          amdvi_log_devtab_error(s, devid, s->devtab + offset, 0);
          return false;
      }
  
      *entry = le64_to_cpu(*entry);
      if (!amdvi_validate_dte(s, devid, entry)) { /* <--- [2] */
          trace_amdvi_invalid_dte(entry[0]);
          return false;
      }
  
      return true;
  }

and the only caller of amdvi_get_dte() is below:

>  
>  /* get a device table entry given the devid */
> @@ -967,7 +967,8 @@ static void amdvi_do_translate(AMDVIAddressSpace *as, 
> hwaddr addr,
>      }
>  
>      /* devices with V = 0 are not translated */
> -    if (!amdvi_get_dte(s, devid, entry)) {
> +    if (!amdvi_get_dte(s, devid, entry) &&
> +        !(entry[0] & AMDVI_DEV_VALID)) {
           ^^^^^ [3]

>          goto out;
>      }

This means `dte` at [1] == `entry` at [2] == `entry` at [3].

However, if amdvi_get_dte() returned false, `entry[0]` might be
uninitialized.  We should check (entry[0] & AMDVI_DEV_VALID) only
if amdvi_get_dte() returned true.  I assume you meant the
following:

    if (!amdvi_get_dte(s, devid, entry) ||
        !(entry[0] & AMDVI_DEV_VALID)) {
        goto out;
    }

>  
> -- 
> 2.7.4
> 
> 

-- 
Eduardo
reply via email to
[Prev in Thread] Current Thread [Next in Thread]