From mboxrd@z Thu Jan 1 00:00:00 1970 From: Avi Kivity Subject: Re: [PATCH] KVM: Fix page-crossing MMIO Date: Thu, 19 Apr 2012 12:07:29 +0300 Message-ID: <4F8FD5D1.1070403@redhat.com> References: <1334766167-25162-1-git-send-email-avi@redhat.com> <20120419085915.GX11918@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Marcelo Tosatti , kvm@vger.kernel.org To: Gleb Natapov Return-path: Received: from mx1.redhat.com ([209.132.183.28]:45479 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752574Ab2DSJHc (ORCPT ); Thu, 19 Apr 2012 05:07:32 -0400 Received: from int-mx12.intmail.prod.int.phx2.redhat.com (int-mx12.intmail.prod.int.phx2.redhat.com [10.5.11.25]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q3J97VM9026487 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Thu, 19 Apr 2012 05:07:31 -0400 In-Reply-To: <20120419085915.GX11918@redhat.com> Sender: kvm-owner@vger.kernel.org List-ID: On 04/19/2012 11:59 AM, Gleb Natapov wrote: > On Wed, Apr 18, 2012 at 07:22:47PM +0300, Avi Kivity wrote: > > MMIO that are split across a page boundary are currently broken - the > > code does not expect to be aborted by the exit to userspace for the > > first MMIO fragment. > > > > This patch fixes the problem by generalizing the current code for handling > > 16-byte MMIOs to handle a number of "fragments", and changes the MMIO > > code to create those fragments. > > > For 16 bit IO userspace will see two 8bit writes. Is this OK? I believe so. The Pentium bus was 64-bit wide with no address lines A0-A2, instead it had byte enables BE0-BE7. So a write that crosses a quadword boundary would be split. Similarly the 32-bit PCI bus has 4 byte enables, so anything that crosses a dword boundary is split. LOCKed ops are implemented by asserting a signal during the two operations. No idea how it's implemented with modern busless processors, but the same semantics have been kept, probably. Even more interesting is that a 32-bit write is seen as an 8 bit write followed by a 24-bit write. Note also that the two accesses can target different devices. > Is there > real code that does this kind of IO, or the patch is for correctness > only? I should have mentioned it in the changelog - it's Windows 95. There is also a Red Hat Linux version that does something like this, I remember adding some code in qemu-kvm to handle the 3-byte write. So I guess this fixes a regression. (not sure - in the Windows 95 case we have a write to VGA that crosses a page boundary (but the pages are physically contiguous, nothing strange is going on; the RHL case was writing partially to RAM and partially to unallocated memory, so it might work with the current code). -- error compiling committee.c: too many arguments to function