From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:55329)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mst@redhat.com>) id 1Z2ePs-0003tk-VX
	for qemu-devel@nongnu.org; Wed, 10 Jun 2015 07:43:34 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <mst@redhat.com>) id 1Z2ePo-0004FQ-Ub
	for qemu-devel@nongnu.org; Wed, 10 Jun 2015 07:43:32 -0400
Received: from mx1.redhat.com ([209.132.183.28]:35220)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mst@redhat.com>) id 1Z2ePo-0004F2-PA
	for qemu-devel@nongnu.org; Wed, 10 Jun 2015 07:43:28 -0400
Date: Wed, 10 Jun 2015 13:43:24 +0200
From: "Michael S. Tsirkin" <mst@redhat.com>
Message-ID: <20150610134158-mutt-send-email-mst@redhat.com>
References: <553524690200007800073D57@mail.emea.novell.com>
	<20150420162712-mutt-send-email-mst@redhat.com>
	<20150607082252-mutt-send-email-mst@redhat.com>
	<557563A10200007800081D1F@mail.emea.novell.com>
	<55754DAB.2070102@citrix.com>
	<557576760200007800081DC8@mail.emea.novell.com>
	<20150608113130-mutt-send-email-mst@redhat.com>
	<557590BA020000780008201C@mail.emea.novell.com>
	<20150608131214-mutt-send-email-mst@redhat.com>
	<5577FCC70200007800082E51@mail.emea.novell.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <5577FCC70200007800082E51@mail.emea.novell.com>
Subject: Re: [Qemu-devel] [Xen-devel] [PATCH][XSA-126] xen: limit guest
 control of PCI command register
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Jan Beulich <JBeulich@suse.com>
Cc: xen-devel@lists.xensource.com, pmatouse@redhat.com, Stefano Stabellini <stefano.stabellini@eu.citrix.com>, Andrew Cooper <andrew.cooper3@citrix.com>, qemu-devel@nongnu.org, Malcolm Crossley <malcolm.crossley@citrix.com>

On Wed, Jun 10, 2015 at 08:00:55AM +0100, Jan Beulich wrote:
> >>> On 08.06.15 at 13:28, <mst@redhat.com> wrote:
> > On Mon, Jun 08, 2015 at 11:55:22AM +0100, Jan Beulich wrote:
> >> while function 0 has
> >> 
> >> 0x10: Base Address Register 0  = 0xca23000c (Memory space, 64-bit access, prefetchable)
> >> 0x18: Base Address Register 2  = 0xca24000c (Memory space, 64-bit access, prefetchable)
> >> 0x20: Base Address Register 4  = 0xca25000c (Memory space, 64-bit access, prefetchable)
> >> 
> >> and function 1
> >> 
> >> 0x10: Base Address Register 0  = 0xca20000c (Memory space, 64-bit access, prefetchable)
> >> 0x18: Base Address Register 2  = 0xca21000c (Memory space, 64-bit access, prefetchable)
> >> 0x20: Base Address Register 4  = 0xca22000c (Memory space, 64-bit access, prefetchable)
> >> 
> >> > Does the sibling device have a BAR overlapping the address?
> >> 
> >> No, its BARs are fully separate.
> > 
> > Judging from the above, it's actually function 1's BAR 2 that
> > is accessed? Are you saying disabling memory on function 0
> > breaks function 2 somehow?
> 
> Oops, just noticed I didn't reply to this. Not sure how you
> come to that conclusion - the ITP log says that the bad write is to
> 0xca25004c.
> 
> 
> Jan

Look at the bridge configuration though - looks like it
will only forward transactions to 0xca21XXXX.
Anything else will be terminated by the bridge itself.

-- 
MST