From mboxrd@z Thu Jan  1 00:00:00 1970
From: Tim Deegan <tim@xen.org>
Subject: Re: hvmemul_rep_movs() vs MMIO
Date: Fri, 20 Sep 2013 13:47:09 +0100
Message-ID: <20130920124709.GC65886@ocelot.phlegethon.org>
References: <523C51A302000078000F4E1A@nat28.tlf.novell.com>
	<20130920120502.GB65886@ocelot.phlegethon.org>
	<523C5EB302000078000F4EA6@nat28.tlf.novell.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
Received: from mail6.bemta3.messagelabs.com ([195.245.230.39])
	by lists.xen.org with esmtp (Exim 4.72) (envelope-from <tim@xen.org>)
	id 1VN075-0002Rt-KD
	for xen-devel@lists.xenproject.org; Fri, 20 Sep 2013 12:47:11 +0000
Content-Disposition: inline
In-Reply-To: <523C5EB302000078000F4EA6@nat28.tlf.novell.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Jan Beulich <JBeulich@suse.com>
Cc: xen-devel <xen-devel@lists.xenproject.org>
List-Id: xen-devel@lists.xenproject.org

At 13:41 +0100 on 20 Sep (1379684515), Jan Beulich wrote:
> >>> On 20.09.13 at 14:05, Tim Deegan <tim@xen.org> wrote:
> > At 12:46 +0100 on 20 Sep (1379681171), Jan Beulich wrote:
> >> Tim,
> >> 
> >> was it really intended for "x86/hvm: use unlocked p2m lookups in
> >> hvmemul_rep_movs()" to special case p2m_mmio_dm but not
> >> p2m_mmio_direct?
> > 
> > Hmm.  It certainly doesn't seem to handle that case very well now, but
> > I'm not sure the code before was any better.  AFAICT it would have
> > passed mmio_direct accesses to hvmemul_do_mmio(), which would send them
> > to qemu.
> 
> Hmm, wait - if MMIO of a passed through device, other than for
> its port I/O, doesn't get intercepted at all, but instead gets taken
> care of by there being a valid gfn->mfn translation in place, then
> indeed before and after your change things aren't handled well.
> Perhaps we should bail from there if either side is p2m_mmio_direct
> as well as if both sides are p2m_mmio_dm:

Sounds OK to me.  Clearly mmio-mmio string operations aren't something
we need to make go fast. :)

Reviewed-by: Tim Deegan <tim@xen.org>

> --- a/xen/arch/x86/hvm/emulate.c
> +++ b/xen/arch/x86/hvm/emulate.c
> @@ -799,6 +799,10 @@ static int hvmemul_rep_movs(
>      (void) get_gfn_query_unlocked(current->domain, sgpa >> PAGE_SHIFT, &sp2mt);
>      (void) get_gfn_query_unlocked(current->domain, dgpa >> PAGE_SHIFT, &dp2mt);
>  
> +    if ( sp2mt == p2m_mmio_direct || dp2mt == p2m_mmio_direct ||
> +         (sp2mt == p2m_mmio_dm && dp2mt == p2m_mmio_dm) )
> +        return X86EMUL_UNHANDLEABLE;
> +
>      if ( sp2mt == p2m_mmio_dm )
>          return hvmemul_do_mmio(
>              sgpa, reps, bytes_per_rep, dgpa, IOREQ_READ, df, NULL);
> 
> Jan
>