From: "Roger Pau Monné" <roger.pau@citrix.com>
To: Thierry Escande <thierry.escande@vates.tech>
Cc: xen-devel@lists.xenproject.org, Jan Beulich <jbeulich@suse.com>,
Andrew Cooper <andrew.cooper3@citrix.com>,
Anthony PERARD <anthony.perard@vates.tech>,
Michal Orzel <michal.orzel@amd.com>,
Julien Grall <julien@xen.org>,
Stefano Stabellini <sstabellini@kernel.org>
Subject: Re: [PATCH 09/17] xev/hvm: Add HVMOP_get|set_ecam_space hypercalls
Date: Tue, 28 Apr 2026 15:59:56 +0200 [thread overview]
Message-ID: <afC9XAtGOkug0qFB@macbook.local> (raw)
In-Reply-To: <20260313163455.790692-10-thierry.escande@vates.tech>
On Fri, Mar 13, 2026 at 04:35:03PM +0000, Thierry Escande wrote:
> This patch adds 2 HVMOP hypercalls, HVMOP_get|set_ecam_space, used to
> set and get the base address and size of the PCIe ECAM space as
> configured by hvmloader.
>
> Signed-off-by: Thierry Escande <thierry.escande@vates.tech>
> ---
> xen/arch/x86/hvm/hvm.c | 52 +++++++++++++++++++++++++++++++
> xen/arch/x86/include/asm/domain.h | 4 +++
> xen/include/public/hvm/hvm_op.h | 11 +++++++
> 3 files changed, 67 insertions(+)
>
> diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
> index 4d37a93c57..a46dfa955d 100644
> --- a/xen/arch/x86/hvm/hvm.c
> +++ b/xen/arch/x86/hvm/hvm.c
> @@ -5195,6 +5195,58 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE_PARAM(void) arg)
> rc = current->hcall_compat ? compat_altp2m_op(arg) : do_altp2m_op(arg);
> break;
>
> + case HVMOP_set_ecam_space: {
> + xen_hvm_ecam_space_t ecam;
> + struct domain *d;
> +
> + if ( copy_from_guest( &ecam, guest_handle_cast(arg, xen_hvm_ecam_space_t), 1 ) )
^ extra space, here and at the
closing parenthesis.
Line length is also past the 80 character limit, same below in
HVMOP_get_ecam_space.
> + return -EFAULT;
This operation (and the matching get variant) needs an XSM check.
> +
> + d = rcu_lock_domain_by_any_id(ecam.domid);
> + if ( d == NULL )
> + return -ESRCH;
> +
> + if ( d->arch.ecam_addr ) {
Coding style, opening braces should be on a new line.
> + rcu_unlock_domain(d);
> + return -EFAULT;
This would better return -EBUSY
> + }
You also need to check the padding fields are 0.
> +
> + if ( (ecam.size >> 28) || (!ecam.addr) ) {
^ the parenthesis here are
unneeded.
> + rcu_unlock_domain(d);
> + return -EINVAL;
> + }
> +
> + d->arch.ecam_addr = ecam.addr;
> + d->arch.ecam_size = ecam.size;
I'm a bit worried about a domain being able to set it's own ECAM hole,
assessing all the side-effects of this might be complex.
Won't the code here better check the region passed in the hypercall is
indeed not mapped in the p2m, so that trapping of ECAM accesses works
as expected?
Also, how does the ECAM hole get setup on native? I assume there are
some magic registers in the PCI config space of a platform device that
the firmware uses to position the ECAM space?
Are those trapped by QEMU, in which case won't it be better to do it
the native way (iow: with the config space registers), and let QEMU
forward it to Xen? It would then be QEMU the one to call
HVMOP_set_ecam_space (or whatever hypercall we end up using).
> +
> + rcu_unlock_domain(d);
> + break;
> + }
> +
> + case HVMOP_get_ecam_space: {
> + xen_hvm_ecam_space_t ecam;
> + struct domain *d;
> +
> + if ( copy_from_guest( &ecam, guest_handle_cast(arg, xen_hvm_ecam_space_t), 1 ) )
> + return -EFAULT;
> +
> + d = rcu_lock_domain_by_any_id(ecam.domid);
> + if ( d == NULL )
> + return -ESRCH;
> +
> + if ( ! d->arch.ecam_addr || ! d->arch.ecam_size ) {
> + rcu_unlock_domain(d);
> + return -EINVAL;
> + }
> +
> + ecam.addr = d->arch.ecam_addr;
> + ecam.size = d->arch.ecam_size;
> + rc = __copy_to_guest(arg, &ecam, 1) ? -EFAULT : 0;
> +
> + rcu_unlock_domain(d);
> + break;
> + }
> +
> default:
> rc = -ENOSYS;
> break;
> diff --git a/xen/arch/x86/include/asm/domain.h b/xen/arch/x86/include/asm/domain.h
> index ad7f6adb2c..24ec33fc4d 100644
> --- a/xen/arch/x86/include/asm/domain.h
> +++ b/xen/arch/x86/include/asm/domain.h
> @@ -476,6 +476,10 @@ struct arch_domain
>
> /* Emulated devices enabled bitmap. */
> uint32_t emulation_flags;
> +
> + /* PCI ECAM space emulation */
> + uint64_t ecam_addr;
> + uint32_t ecam_size;
This fields would better be in hvm_domain struct, and there you
already have the mmcfg_regions list, which we should aim to use for
the q35 introduced ECAM region.
> } __cacheline_aligned;
>
> #ifdef CONFIG_HVM
> diff --git a/xen/include/public/hvm/hvm_op.h b/xen/include/public/hvm/hvm_op.h
> index e22adf0319..c84febc37c 100644
> --- a/xen/include/public/hvm/hvm_op.h
> +++ b/xen/include/public/hvm/hvm_op.h
> @@ -166,6 +166,17 @@ struct xen_hvm_get_mem_type {
> typedef struct xen_hvm_get_mem_type xen_hvm_get_mem_type_t;
> DEFINE_XEN_GUEST_HANDLE(xen_hvm_get_mem_type_t);
>
> +#define HVMOP_set_ecam_space 16
> +#define HVMOP_get_ecam_space 17
> +struct xen_hvm_ecam_space {
> + domid_t domid;
> + uint16_t pad[3]; /* align next field on 8-byte boundary */
> + uint64_t addr;
> + uint32_t size;
There's also a trailing uint32_t padding here on 64bit builds I think?
FWIW, you could do:
domid_t domid;
uint16_t pad;
uint32_t size
uint64_t addr;
As that would reduce the padding in the struct?
Thanks, Roger.
next prev parent reply other threads:[~2026-04-28 14:00 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-13 16:35 [PATCH 00/17] Q35 initial support for HVM guests Thierry Escande
2026-03-13 16:35 ` [PATCH 01/17] libacpi: Split dsdt.asl file and extract i440 specific parts Thierry Escande
2026-04-28 9:05 ` Roger Pau Monné
2026-05-04 14:34 ` Jan Beulich
2026-05-04 14:35 ` Jan Beulich
2026-03-13 16:35 ` [PATCH 06/17] hvmloader: Move pci devices setup to a separate function Thierry Escande
2026-04-28 12:48 ` Roger Pau Monné
2026-05-04 14:52 ` Jan Beulich
2026-03-13 16:35 ` [PATCH 02/17] libacpi: new DSDT ACPI table for Q35 Thierry Escande
2026-04-28 10:17 ` Roger Pau Monné
2026-05-04 14:39 ` Jan Beulich
2026-03-13 16:35 ` [PATCH 05/17] hvmloader: add Q35 DSDT table loading Thierry Escande
2026-04-28 11:08 ` Roger Pau Monné
2026-03-13 16:35 ` [PATCH 03/17] hvmloader: add function to set the emulated machine type (i440/Q35) Thierry Escande
2026-04-28 10:39 ` Roger Pau Monné
2026-05-04 10:58 ` Jan Beulich
2026-05-04 14:43 ` Jan Beulich
2026-03-13 16:35 ` [PATCH 08/17] hvmloader: Extend PCI BAR struct Thierry Escande
2026-04-28 13:31 ` Roger Pau Monné
2026-05-04 15:01 ` Jan Beulich
2026-03-13 16:35 ` [PATCH 10/17] hvmloader: Add support for HVMOP_set|get_ecam_space hypercalls Thierry Escande
2026-04-28 14:14 ` Roger Pau Monné
2026-03-13 16:35 ` [PATCH 07/17] hvmloader: add basic Q35 support Thierry Escande
2026-04-28 13:15 ` Roger Pau Monné
2026-05-10 23:32 ` Alexey G
2026-05-04 14:55 ` Jan Beulich
2026-03-13 16:35 ` [PATCH 09/17] xev/hvm: Add HVMOP_get|set_ecam_space hypercalls Thierry Escande
2026-04-28 13:59 ` Roger Pau Monné [this message]
2026-05-04 11:09 ` Jan Beulich
2026-05-04 15:12 ` Jan Beulich
2026-03-13 16:35 ` [PATCH 14/17] libacpi: build ACPI MCFG table if requested Thierry Escande
2026-04-29 10:13 ` Roger Pau Monné
2026-03-13 16:35 ` [PATCH 13/17] libxl: Add xen-platform device for Q35 machine Thierry Escande
2026-03-13 16:35 ` [PATCH 12/17] libxl: Q35 support (new option device_model_machine) Thierry Escande
2026-04-29 10:01 ` Roger Pau Monné
2026-03-13 16:35 ` [PATCH 11/17] hvmloader: allocate MMCONFIG area in the MMIO hole Thierry Escande
2026-04-29 9:29 ` Roger Pau Monné
2026-05-04 11:11 ` Jan Beulich
2026-05-04 12:23 ` Roger Pau Monné
2026-05-04 12:36 ` Jan Beulich
2026-03-13 16:35 ` [PATCH 15/17] hvmloader: Set MCFG in ACPI table Thierry Escande
2026-04-29 12:33 ` Roger Pau Monné
2026-03-13 16:35 ` [PATCH 04/17] hvmloader: add ACPI enabling for Q35 Thierry Escande
2026-04-28 10:48 ` Roger Pau Monné
2026-05-05 13:58 ` Alexey G
2026-05-05 14:25 ` Roger Pau Monné
2026-03-13 16:35 ` [PATCH 17/17] docs: provide description for device_model_machine option Thierry Escande
2026-04-29 12:43 ` Roger Pau Monné
2026-03-13 16:35 ` [PATCH 16/17] Handle PCIe ECAM space access from guests Thierry Escande
2026-04-29 12:42 ` Roger Pau Monné
2026-05-04 15:22 ` Jan Beulich
2026-03-15 22:43 ` [PATCH 00/17] Q35 initial support for HVM guests Alexey G
2026-04-28 7:48 ` Roger Pau Monné
2026-05-04 10:45 ` Jan Beulich
2026-05-05 5:48 ` Jan Beulich
2026-05-05 5:49 ` Jan Beulich
2026-05-05 13:29 ` Alexey G
2026-05-05 13:07 ` Alexey G
2026-05-05 14:15 ` Roger Pau Monné
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=afC9XAtGOkug0qFB@macbook.local \
--to=roger.pau@citrix.com \
--cc=andrew.cooper3@citrix.com \
--cc=anthony.perard@vates.tech \
--cc=jbeulich@suse.com \
--cc=julien@xen.org \
--cc=michal.orzel@amd.com \
--cc=sstabellini@kernel.org \
--cc=thierry.escande@vates.tech \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.