From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:40897)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ido@wizery.com>) id 1bxdBk-0002KH-Qu
	for qemu-devel@nongnu.org; Fri, 21 Oct 2016 13:01:01 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ido@wizery.com>) id 1bxdBg-0000Gj-V0
	for qemu-devel@nongnu.org; Fri, 21 Oct 2016 13:01:00 -0400
Received: from mail-pf0-x242.google.com ([2607:f8b0:400e:c00::242]:33377)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <ido@wizery.com>) id 1bxdBg-0000G0-NU
	for qemu-devel@nongnu.org; Fri, 21 Oct 2016 13:00:56 -0400
Received: by mail-pf0-x242.google.com with SMTP id i85so9121811pfa.0
	for <qemu-devel@nongnu.org>; Fri, 21 Oct 2016 10:00:55 -0700 (PDT)
From: Ido Yariv <ido@wizery.com>
Date: Fri, 21 Oct 2016 13:00:33 -0400
Message-Id: <1477069233-19180-1-git-send-email-ido@wizery.com>
Subject: [Qemu-devel] [PATCH] vfio/pci: fix out-of-sync BAR information on
 reset
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Alex Williamson <alex.williamson@redhat.com>
Cc: qemu-devel@nongnu.org, Ido Yariv <ido@wizery.com>

When a PCI device is reset, pci_do_device_reset resets all BAR addresses
in the relevant PCIDevice's config buffer.

The VFIO configuration space stays untouched, so the guest OS may choose
to skip restoring the BAR addresses as they would seem intact. The PCI
device may be left non-operational.
One example of such a scenario is when the guest exits S3.

Fix this by resetting the BAR addresses in the VFIO configuration space
as well.

Signed-off-by: Ido Yariv <ido@wizery.com>
---
 hw/vfio/pci.c | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/hw/vfio/pci.c b/hw/vfio/pci.c
index 65d30fd..9e1dee0 100644
--- a/hw/vfio/pci.c
+++ b/hw/vfio/pci.c
@@ -1922,11 +1922,41 @@ static void vfio_pci_pre_reset(VFIOPCIDevice *vdev)
 static void vfio_pci_post_reset(VFIOPCIDevice *vdev)
 {
     Error *err = NULL;
+    int nr;
 
     vfio_intx_enable(vdev, &err);
     if (err) {
         error_reportf_err(err, ERR_PREFIX, vdev->vbasedev.name);
     }
+
+    for (nr = 0; nr < PCI_NUM_REGIONS - 1; ++nr) {
+        VFIOBAR *bar = &vdev->bars[nr];
+        off_t addr = vdev->config_offset + PCI_BASE_ADDRESS_0 + (4 * nr);
+        uint32_t org = 0;
+        uint64_t val = 0;
+        uint32_t len;
+
+        if (!bar->region.size) {
+            continue;
+        }
+
+        if (pread(vdev->vbasedev.fd, &org, sizeof(org), addr) < 0) {
+            error_report("%s(%s) read bar %d failed: %m", __func__,
+                         vdev->vbasedev.name, nr);
+            continue;
+        }
+
+        val = le32_to_cpu(org);
+        val &= (bar->ioport ? ~PCI_BASE_ADDRESS_IO_MASK :
+                              ~PCI_BASE_ADDRESS_MEM_MASK);
+        val = cpu_to_le64(val);
+
+        len = bar->mem64 ? sizeof(uint64_t) : sizeof(uint32_t);
+        if (pwrite(vdev->vbasedev.fd, &val, len, addr) != len) {
+            error_report("%s(%s) reset bar %d failed: %m", __func__,
+                         vdev->vbasedev.name, nr);
+        }
+    }
 }
 
 static bool vfio_pci_host_match(PCIHostDeviceAddress *addr, const char *name)
-- 
2.7.4