From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:34502)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <dgibson@ozlabs.org>) id 1ZM60n-0008WD-Cd
	for qemu-devel@nongnu.org; Sun, 02 Aug 2015 23:02:02 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <dgibson@ozlabs.org>) id 1ZM60k-0001ZM-6s
	for qemu-devel@nongnu.org; Sun, 02 Aug 2015 23:02:01 -0400
Date: Mon, 3 Aug 2015 12:51:09 +1000
From: David Gibson <david@gibson.dropbear.id.au>
Message-ID: <20150803025109.GE15727@voom.fritz.box>
References: <1438557800-6947-1-git-send-email-gwshan@linux.vnet.ibm.com>
	<1438557800-6947-3-git-send-email-gwshan@linux.vnet.ibm.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="+SfteS7bOf3dGlBC"
Content-Disposition: inline
In-Reply-To: <1438557800-6947-3-git-send-email-gwshan@linux.vnet.ibm.com>
Subject: Re: [Qemu-devel] [PATCH RESEND v2 2/3] sPAPR: Support RTAS call ibm, {open,
 close}-errinjct
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Gavin Shan <gwshan@linux.vnet.ibm.com>
Cc: aik@ozlabs.ru, qemu-ppc@nongnu.org, qemu-devel@nongnu.org


--+SfteS7bOf3dGlBC
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Aug 03, 2015 at 09:23:19AM +1000, Gavin Shan wrote:
> The patch supports RTAS calls "ibm,{open,close}-errinjct" to
> manupliate the token, which is passed to RTAS call "ibm,errinjct"
> to indicate the valid context for error injection. Each VM is
> permitted to have only one token at once and we simply have one
> random number for that.
>=20
> Signed-off-by: Gavin Shan <gwshan@linux.vnet.ibm.com>
> ---
>  hw/ppc/spapr_rtas.c    | 71 ++++++++++++++++++++++++++++++++++++++++++++=
++++++
>  include/hw/ppc/spapr.h |  9 ++++++-
>  2 files changed, 79 insertions(+), 1 deletion(-)
>=20
> diff --git a/hw/ppc/spapr_rtas.c b/hw/ppc/spapr_rtas.c
> index e99e25f..0a9c904 100644
> --- a/hw/ppc/spapr_rtas.c
> +++ b/hw/ppc/spapr_rtas.c
> @@ -604,6 +604,73 @@ out:
>      rtas_st(rets, 0, rc);
>  }
> =20
> +static void rtas_ibm_open_errinjct(PowerPCCPU *cpu,
> +                                   sPAPRMachineState *spapr,
> +                                   uint32_t token, uint32_t nargs,
> +                                   target_ulong args, uint32_t nret,
> +                                   target_ulong rets)
> +{
> +    int32_t ret;
> +
> +    /* Sanity check on number of arguments */
> +    if ((nargs !=3D 0) || (nret !=3D 2)) {
> +        ret =3D RTAS_OUT_PARAM_ERROR;
> +        goto out;
> +    }
> +
> +    /* Check if we already had token */
> +    if (spapr->errinjct_token) {
> +        ret =3D RTAS_OUT_TOKEN_OPENED;
> +        goto out;
> +    }
> +
> +    /* Grab random number as token */
> +    spapr->errinjct_token =3D random();

I don't quite understand the function of this token.   Using random()
seems a very, very odd way of doing things.  Is it supposed to be a
security thing?

> +    if (spapr->errinjct_token =3D=3D 0) {
> +        ret =3D RTAS_OUT_BUSY;

AFAICT, this gives a 1 in RAND_MAX chance of returning RTAS_OUT_BUSY
for no particular reason.

> +        goto out;
> +    }
> +
> +    rtas_st(rets, 0, spapr->errinjct_token);
> +    ret =3D RTAS_OUT_SUCCESS;
> +out:
> +    rtas_st(rets, 1, ret);
> +}
> +
> +static void rtas_ibm_close_errinjct(PowerPCCPU *cpu,
> +                                    sPAPRMachineState *spapr,
> +                                    uint32_t token, uint32_t nargs,
> +                                    target_ulong args, uint32_t nret,
> +                                    target_ulong rets)
> +{
> +    uint32_t open_token;
> +    int32_t ret;
> +
> +    /* Sanity check on number of arguments */
> +    if ((nargs !=3D 1) || (nret !=3D 1)) {
> +        ret =3D RTAS_OUT_PARAM_ERROR;
> +        goto out;
> +    }
> +
> +    /* Check if we had opened token */
> +    if (!spapr->errinjct_token) {
> +        ret =3D RTAS_OUT_CLOSE_ERROR;
> +        goto out;
> +    }
> +
> +    /* Match with the passed token */
> +    open_token =3D rtas_ld(args, 0);
> +    if (spapr->errinjct_token !=3D open_token) {
> +        ret =3D RTAS_OUT_CLOSE_ERROR;
> +        goto out;
> +    }
> +
> +    spapr->errinjct_token =3D 0;
> +    ret =3D RTAS_OUT_SUCCESS;
> +out:
> +    rtas_st(rets, 0, ret);
> +}
> +
>  static struct rtas_call {
>      const char *name;
>      spapr_rtas_fn fn;
> @@ -754,6 +821,10 @@ static void core_rtas_register_types(void)
>                          rtas_get_sensor_state);
>      spapr_rtas_register(RTAS_IBM_CONFIGURE_CONNECTOR, "ibm,configure-con=
nector",
>                          rtas_ibm_configure_connector);
> +    spapr_rtas_register(RTAS_IBM_OPEN_ERRINJCT, "ibm,open-errinjct",
> +                        rtas_ibm_open_errinjct);
> +    spapr_rtas_register(RTAS_IBM_CLOSE_ERRINJCT, "ibm,close-errinjct",
> +                        rtas_ibm_close_errinjct);
>  }
> =20
>  type_init(core_rtas_register_types)
> diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h
> index b6cb0d0..30d9854 100644
> --- a/include/hw/ppc/spapr.h
> +++ b/include/hw/ppc/spapr.h
> @@ -73,6 +73,9 @@ struct sPAPRMachineState {
>      int htab_fd;
>      bool htab_fd_stale;
> =20
> +    /* Error injection token */
> +    uint32_t errinjct_token;
> +
>      /* RTAS state */
>      QTAILQ_HEAD(, sPAPRConfigureConnectorState) ccs_list;
> =20
> @@ -412,6 +415,8 @@ int spapr_allocate_irq_block(int num, bool lsi, bool =
msi);
>  #define RTAS_OUT_BUSY               -2
>  #define RTAS_OUT_PARAM_ERROR        -3
>  #define RTAS_OUT_NOT_SUPPORTED      -3
> +#define RTAS_OUT_TOKEN_OPENED       -4
> +#define RTAS_OUT_CLOSE_ERROR        -4
>  #define RTAS_OUT_NOT_AUTHORIZED     -9002
> =20
>  /* RTAS tokens */
> @@ -455,8 +460,10 @@ int spapr_allocate_irq_block(int num, bool lsi, bool=
 msi);
>  #define RTAS_IBM_SET_SLOT_RESET                 (RTAS_TOKEN_BASE + 0x23)
>  #define RTAS_IBM_CONFIGURE_PE                   (RTAS_TOKEN_BASE + 0x24)
>  #define RTAS_IBM_SLOT_ERROR_DETAIL              (RTAS_TOKEN_BASE + 0x25)
> +#define RTAS_IBM_OPEN_ERRINJCT                  (RTAS_TOKEN_BASE + 0x26)
> +#define RTAS_IBM_CLOSE_ERRINJCT                 (RTAS_TOKEN_BASE + 0x27)
> =20
> -#define RTAS_TOKEN_MAX                          (RTAS_TOKEN_BASE + 0x26)
> +#define RTAS_TOKEN_MAX                          (RTAS_TOKEN_BASE + 0x28)
> =20
>  /* RTAS ibm,get-system-parameter token values */
>  #define RTAS_SYSPARM_SPLPAR_CHARACTERISTICS      20

--=20
David Gibson			| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you.  NOT _the_ _other_
				| _way_ _around_!
http://www.ozlabs.org/~dgibson

--+SfteS7bOf3dGlBC
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJVvtccAAoJEGw4ysog2bOSPTUP+wTtgTJyA8ftPAxd56opfiDY
RIewkUFW+t1/z+6mbpKN13l1eiy/XpcHeRtB8EoapLox9NkxQ8+0LawiBMM0XSPA
8G3R6lZlLIWbSU4tRUPWi7VA7hEfanrLlx58bPOm9SCkyVN/JGFlW2DzIRFP2sbT
uMQPhqEfBJjbAJeGHBZoF32dknIz7ZSpxQACtWLN4DnpIUm7d4SJYQ9MwEFkyEkz
ybSlQ+CVYqoRhSSDnMaW3AZu85+X8EaEMxuzvg0hrO9Hkfez37uUpnSaH4psFr7A
BfpZv8eqHIngvSD1YNg1cqPTvTvp/qe6qycubrNIQtOCpSOQ8sNOw9ApQwJ6pSwh
7EFLLfhbrH9J/kqheDcsVH4VnZDpNrBTnrwYyfMqa5KH0fliIkxu0NVhBTZfI0Tl
0j0zpvhzuAipB7eCFy5O5xnm2mksVQDOJMXN6hfKX2CiMz70an69hyOnTPLEsJXy
B3mCTRIIGvWFSL8h7xctoxuh0bH1EOt/XivAhdFpkButvLbXkU09tpJCwsVTftbq
OoNLXuQSyM6YunXWhKgQeHMojxSUanQL1Za+VzXpctZ1KOR0oPewPx0ZYexjViQP
Ni7s4JQlsK0L8nqT/ILu+CzC7elYYGmLLv6jckBrMvCr/2l/pZSaKiTNicHTVLYT
gMtI6ENwu2UB6cVmHCfI
=29xz
-----END PGP SIGNATURE-----

--+SfteS7bOf3dGlBC--