From: "Michael S. Tsirkin" <mst@redhat.com>
To: Guoyi Tu <tugy@chinatelecom.cn>
Cc: "Marcel Apfelbaum" <marcel.apfelbaum@gmail.com>,
qemu-devel@nongnu.org, 袁明浩 <yuanmh12@chinatelecom.cn>
Subject: Re: pci: Fix the update of interrupt disable bit in PCI_COMMAND register
Date: Fri, 11 Aug 2023 12:12:59 -0400 [thread overview]
Message-ID: <20230811120936-mutt-send-email-mst@kernel.org> (raw)
In-Reply-To: <ce2d0437-8faa-4d61-b536-4668f645a959@chinatelecom.cn>
On Fri, Aug 11, 2023 at 10:46:51PM +0800, Guoyi Tu wrote:
> The PCI_COMMAND register is located at offset 4 within
> the PCI configuration space and occupies 2 bytes. The
> interrupt disable bit is at the 10th bit, which corresponds
> to the byte at offset 5 in the PCI configuration space.
>
> In our testing environment, the guest driver may directly
> updates the byte at offset 5 in the PCI configuration space.
> The backtrace looks like as following:
> #0 pci_default_write_config (d=0x5580bbfc6230, addr=5, val_in=5, l=1)
> at hw/pci/pci.c:1442
> #1 0x00005580b8f3156a in virtio_write_config (pci_dev=0x5580bbfc6230,
> address=5, val=5, len=1)
> at hw/virtio/virtio-pci.c:605
> #2 0x00005580b8ed2f3b in pci_host_config_write_common
> (pci_dev=0x5580bbfc6230, addr=5, limit=256,
> val=5, len=1) at hw/pci/pci_host.c:81
>
> In this situation, the range_covers_byte function called
> by the pci_default_write_config function will return false,
> resulting in the inability to handle the interrupt disable
> update event.
>
> To fix this issue, we can use the ranges_overlap function
> instead of range_covers_byte to determine whether the interrupt
> bit has been updated.
>
> Signed-off-by: Guoyi Tu <tugy@chinatelecom.cn>
> Signed-off-by: yuanminghao <yuanmh12@chinatelecom.cn>
Oh wow good catch!
Fixes: b6981cb57be5 ("pci: interrupt disable bit support")
clearly stable material too.
> ---
> hw/pci/pci.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/pci/pci.c b/hw/pci/pci.c
> index b8d22e2e74..881d774fb6 100644
> --- a/hw/pci/pci.c
> +++ b/hw/pci/pci.c
> @@ -1613,7 +1613,7 @@ void pci_default_write_config(PCIDevice *d, uint32_t
> addr, uint32_t val_in, int
> range_covers_byte(addr, l, PCI_COMMAND))
> pci_update_mappings(d);
>
> - if (range_covers_byte(addr, l, PCI_COMMAND)) {
> + if (ranges_overlap(addr, l, PCI_COMMAND, 2)) {
> pci_update_irq_disabled(d, was_irq_disabled);
> memory_region_set_enabled(&d->bus_master_enable_region,
> (pci_get_word(d->config + PCI_COMMAND)
> --
> 2.27.0
>
> --
> Guoyi
prev parent reply other threads:[~2023-08-11 16:13 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-11 14:46 pci: Fix the update of interrupt disable bit in PCI_COMMAND register Guoyi Tu
2023-08-11 16:12 ` Michael S. Tsirkin [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230811120936-mutt-send-email-mst@kernel.org \
--to=mst@redhat.com \
--cc=marcel.apfelbaum@gmail.com \
--cc=qemu-devel@nongnu.org \
--cc=tugy@chinatelecom.cn \
--cc=yuanmh12@chinatelecom.cn \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.