[Qemu-devel] [PATCH 0/2] kvm: Fix incorrect re-register of in-kernel MPIC

[Qemu-devel] [PATCH 0/2] kvm: Fix incorrect re-register of in-kernel MPIC

[Bogdan Purcareata]

On target-ppc, the kvm-openpic memory region is part of the E500-CCSR memory
region. On the kernel side, the MPIC is mapped at the same offset as the
kvm-openpic within the address space.

When adding the PCI BAR0 memory region, an alias is created to point to the
E500-CCSR memory region. This results in firing the kvm_openpic_region_add once
more, since kvm-openpic is part of the latter. Only this time, the offset is
wrong - it's part of the PCI memory region. This leads to the in-kernel MPIC to
be remapped at a wrong address, and thus all traps to the kvm-openpic
address to be emulated in userspace.

The fix consists in an additional filter in kvm_openpic_region_add to consider
only addresses matching the start of the kvm-openpic memory region.

[Qemu-devel] [PATCH 1/2] memory: Add MemoryRegion get address space offset helper function

[Bogdan Purcareata]

Adding this function would allow a MemoryRegion to compute its start address
within the AddressSpace. This is done recursively based on mr->container.

Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
---
 include/exec/memory.h |    8 ++++++++
 memory.c              |   10 ++++++++++
 2 files changed, 18 insertions(+)

diff --git a/include/exec/memory.h b/include/exec/memory.h
index d165b27..7503819 100644
--- a/include/exec/memory.h
+++ b/include/exec/memory.h
@@ -444,6 +444,14 @@ struct Object *memory_region_owner(MemoryRegion *mr);
 uint64_t memory_region_size(MemoryRegion *mr);
 
 /**
+ * memory_region_get_address_space_offset: get a memory region's address
+ * within the address space
+ *
+ * @mr: the memory region being queried.
+ */
+hwaddr memory_region_get_address_space_offset(MemoryRegion *mr);
+
+/**
  * memory_region_is_ram: check whether a memory region is random access
  *
  * Returns %true is a memory region is random access.
diff --git a/memory.c b/memory.c
index ef0be1c..7445032 100644
--- a/memory.c
+++ b/memory.c
@@ -1307,6 +1307,16 @@ uint64_t memory_region_size(MemoryRegion *mr)
     return int128_get64(mr->size);
 }
 
+hwaddr memory_region_get_address_space_offset(MemoryRegion *mr)
+{
+    MemoryRegion *p;
+    hwaddr result = 0x0;
+
+    for (p = mr; p != NULL; result += p->addr, p = p->container);
+
+    return result;
+}
+
 const char *memory_region_name(const MemoryRegion *mr)
 {
     if (!mr->name) {
-- 
1.7.10.4

[Qemu-devel] [PATCH 2/2] kvm-openpic: Filter region add callbacks based on memory region offset

[Bogdan Purcareata]

This is done due to the fact that the kvm-openpic region_add callbacks can be
invoked for sections generated from other memory regions as well. These
callbacks should handle only requests for the kvm-openpic memory region.

The patch fixes a bug on target-ppc occuring when the "e500-pci-bar0" memory
region is added. This memory region registers an alias to the "e500-ccsr" memory
region, which further contains the "kvm-openpic" subregion. Due to this alias,
the kvm_openpic_region_add is called once more, with an offset within the
"e500-pci-bar" memory region. This generates the remapping of the
in-kernel MPIC at a wrong offset.

The fix consists in an additional filter in kvm_openpic_region_add to consider
only addresses matching the start of the kvm-openpic memory region.

Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Mihai Caraman <mihai.caraman@freescale.com>
---
 hw/intc/openpic_kvm.c |    5 +++++
 1 file changed, 5 insertions(+)

diff --git a/hw/intc/openpic_kvm.c b/hw/intc/openpic_kvm.c
index e3bce04..b02de40 100644
--- a/hw/intc/openpic_kvm.c
+++ b/hw/intc/openpic_kvm.c
@@ -128,6 +128,11 @@ static void kvm_openpic_region_add(MemoryListener *listener,
         return;
     }
 
+    /* Ignore events on regions that are not at the MPIC offset */
+    if (section->offset_within_address_space !=
+            memory_region_address_space_offset(section->mr))
+        return;
+
     reg_base = section->offset_within_address_space;
 
     attr.group = KVM_DEV_MPIC_GRP_MISC;
-- 
1.7.10.4

[Qemu-devel] [PATCH 1/2] memory: Add MemoryRegion get address space offset helper function

[Bogdan Purcareata]

Adding this function would allow a MemoryRegion to compute its start address
within the AddressSpace. This is done recursively based on mr->container.

Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
---
 include/exec/memory.h |    8 ++++++++
 memory.c              |   10 ++++++++++
 2 files changed, 18 insertions(+)

diff --git a/include/exec/memory.h b/include/exec/memory.h
index d165b27..7503819 100644
--- a/include/exec/memory.h
+++ b/include/exec/memory.h
@@ -444,6 +444,14 @@ struct Object *memory_region_owner(MemoryRegion *mr);
 uint64_t memory_region_size(MemoryRegion *mr);
 
 /**
+ * memory_region_get_address_space_offset: get a memory region's address
+ * within the address space
+ *
+ * @mr: the memory region being queried.
+ */
+hwaddr memory_region_get_address_space_offset(MemoryRegion *mr);
+
+/**
  * memory_region_is_ram: check whether a memory region is random access
  *
  * Returns %true is a memory region is random access.
diff --git a/memory.c b/memory.c
index ef0be1c..7445032 100644
--- a/memory.c
+++ b/memory.c
@@ -1307,6 +1307,16 @@ uint64_t memory_region_size(MemoryRegion *mr)
     return int128_get64(mr->size);
 }
 
+hwaddr memory_region_get_address_space_offset(MemoryRegion *mr)
+{
+    MemoryRegion *p;
+    hwaddr result = 0x0;
+
+    for (p = mr; p != NULL; result += p->addr, p = p->container);
+
+    return result;
+}
+
 const char *memory_region_name(const MemoryRegion *mr)
 {
     if (!mr->name) {
-- 
1.7.10.4