Re: [PATCH] pci-host: designware: Limit value range of iATU viewport register

[Peter Maydell <peter.maydell@linaro.org>]

On Mon, 29 Jan 2024 at 06:00, Guenter Roeck <linux@roeck-us.net> wrote:
>
> The latest version of qemu (v8.2.0-869-g7a1dc45af5) crashes when booting
> the mcimx7d-sabre emulation with Linux v5.11 and later.
>
> qemu-system-arm: ../system/memory.c:2750: memory_region_set_alias_offset: Assertion `mr->alias' failed.
>
> Problem is that the Designware PCIe emulation accepts the full value range
> for the iATU Viewport Register. However, both hardware and emulation only
> support four inbound and four outbound viewports.
>
> The Linux kernel determines the number of supported viewports by writing
> 0xff into the viewport register and reading the value back. The expected
> value when reading the register is the highest supported viewport index.

This behaviour by the kernel seems to me to be out of spec.
Looking at the "i.MX6 6Dual/6Quad Applications Processor Referenc
Manual IMXDQRM" it says about the PCIE_PL_iATUVR register field
Region_Index: "Must not be set to a value greater than 3"
(there being 4 regions in this case).
Plus it says elsewhere that software "should" write all-0s to
reserved fields, and bits [7:4] are reserved in this register.

> Match that code by masking the supported viewport value range when the
> register is written. With this change, the Linux kernel reports
>
> imx6q-pcie 33800000.pcie: iATU: unroll F, 4 ob, 4 ib, align 0K, limit 4G
>
> as expected and supported.

However given this is presumably what the hardware does in this
case where the guest does something out of spec, and we definitely
need to do something to avoid asserting, we should take this patch.

>
> Fixes: d64e5eabc4c7 ("pci: Add support for Designware IP block")
> Cc: Andrey Smirnov <andrew.smirnov@gmail.com>
> Cc: Nikita Ostrenkov <n.ostrenkov@gmail.com>
> Signed-off-by: Guenter Roeck <linux@roeck-us.net>
> ---
>  hw/pci-host/designware.c | 2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/hw/pci-host/designware.c b/hw/pci-host/designware.c
> index dd9e389c07..c25d50f1c6 100644
> --- a/hw/pci-host/designware.c
> +++ b/hw/pci-host/designware.c
> @@ -340,6 +340,8 @@ static void designware_pcie_root_config_write(PCIDevice *d, uint32_t address,
>          break;
>
>      case DESIGNWARE_PCIE_ATU_VIEWPORT:
> +        val &= DESIGNWARE_PCIE_ATU_REGION_INBOUND |
> +                (DESIGNWARE_PCIE_NUM_VIEWPORTS - 1);
>          root->atu_viewport = val;
>          break;

Applied to target-arm.next, thanks.

-- PMM