qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v5 04/10] hw/intc: GICv3 ITS Command processing

From: Peter Maydell
Subject: Re: [PATCH v5 04/10] hw/intc: GICv3 ITS Command processing
Date: Tue, 6 Jul 2021 10:19:37 +0100 
On Tue, 6 Jul 2021 at 04:25, <shashi.mallela@linaro.org> wrote:
>
> On Mon, 2021-07-05 at 20:47 -0400, shashi.mallela@linaro.org wrote:
> > On Mon, 2021-07-05 at 15:54 +0100, Peter Maydell wrote:
> > > I missed this the first time around, but I don't think this is
> > > right.
> > > Different CPUs could have different GICR_PROPBASER values, so
> > > checking
> > > against just one of them is wrong. The pseudocode only tests
> > > LPIOutOfRange()
> > > which is documented as testing "larger than GICD_TYPER.IDbits or
> > > not
> > > in
> > > the LPI range and not 1023". So I don't think we should be looking
> > > at the GICR_PROPBASER field here.
> > >
> > > More generally, "s->gicv3->cpu->something" is usually going to be
> > > wrong, because it is implicitly looking at CPU 0; often either
> > > there
> > > should be something else telling is which CPU to use (as in
> > > &s->gicv3->cpu[rdbase] where the CTE told us which redistributor),
> > > or we might need to operate on all CPUs/redistributors. The only
> > > exception is where we can guarantee that all the CPUs are the same
> > > (eg when looking at GICR_TYPER.PLPIS.)

> Please ignore my last comment.
>
> To address this scenario,i think the feasible option would be to call
> get_cte() to get the rdbase corresponding to icid value passed to mapti
> command.Since each icid is mapped to a rdbase(by virtue of calling MAPC
> command),if the collection table has a valid mapping for this icid we
> continue processing this MAPTI command using &s->gicv3->cpu[rdbase]
> applicable propbaser value to validate idbits, else return without
> further processing.

But the pseudocode for MAPTI does not say anywhere that we should
be checking the pIntID against any CPU's GICR_PROPBASER field.
It is checked only by the checks in LPIOutOfRange(), which tests:
 * is it larger than permitted by GICD_TYPER.IDbits
 * is it not in the LPI range and not 1023

Checking whether the intID is too big and would cause us to index
off the end of the redistributor's configuration table should be done
later, only when the ITS actually sends the interrupt to a particular
redistributor, I think.

(You can't rely on the guest having done the MAPC before the MAPTI;
and in any case the guest could choose to do a MAPC to a different
redistributor after it's done the MAPTI.)

thanks
-- PMM
reply via email to
[Prev in Thread] Current Thread [Next in Thread]