From patchwork Thu Jul 10 18:13:14 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefano Stabellini X-Patchwork-Id: 33450 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-pd0-f198.google.com (mail-pd0-f198.google.com [209.85.192.198]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id A77B7203C0 for ; Thu, 10 Jul 2014 18:16:00 +0000 (UTC) Received: by mail-pd0-f198.google.com with SMTP id y10sf57085347pdj.1 for ; Thu, 10 Jul 2014 11:16:00 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:from:to:date:message-id:in-reply-to :references:mime-version:cc:subject:precedence:list-id :list-unsubscribe:list-post:list-help:list-subscribe:sender :errors-to:x-original-sender:x-original-authentication-results :mailing-list:list-archive:content-type:content-transfer-encoding; bh=io1fVGvIbI7t5jR1KrMUMQCw+uFCRoZWU63D6A+cfck=; b=dmq+uW5nCK7KxY4CqDY9zMmlHWYas1SgToVf6Git8ey1q2VGMFCLCs5Ps3R0MwKRZn VrpQ7mjwOcRbhP6px0Tn40PUCl9aCNkW85u430pEeN/sA0omBbABoBvEHTad6dHNU4cj z4VYOSlrjFzNLulPguGGeWmn/FiyLUWyPywdK6H6DsCkgPNnfSOIyWpfATpJFhoG0uaF +F0D+zL8e3NmkMoZhWY44Cfe7trjeDUpPzGzp4bs8L6DzsI29T+N/jG5XZfNoe1CFDjB zKlFSu5TGjVu2YZX5nAddLtmdDdGWFN11kJszc0dLPqDRpYkuSaIxm+w8DXtKrKhzyuK 1CMw== X-Gm-Message-State: ALoCoQmBn8QOtN716O0VT2WXkwmiPi1T5ts5jE8nOZNgY5UzEclhGwwsVTNKzkz32DzFVLRLrBKM X-Received: by 10.66.237.4 with SMTP id uy4mr1014612pac.40.1405016157293; Thu, 10 Jul 2014 11:15:57 -0700 (PDT) X-BeenThere: patchwork-forward@linaro.org Received: by 10.140.51.3 with SMTP id t3ls150448qga.82.gmail; Thu, 10 Jul 2014 11:15:57 -0700 (PDT) X-Received: by 10.221.34.13 with SMTP id sq13mr23320983vcb.16.1405016157181; Thu, 10 Jul 2014 11:15:57 -0700 (PDT) Received: from mail-vc0-f172.google.com (mail-vc0-f172.google.com [209.85.220.172]) by mx.google.com with ESMTPS id l3si17925285vdv.50.2014.07.10.11.15.57 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 10 Jul 2014 11:15:57 -0700 (PDT) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.220.172 as permitted sender) client-ip=209.85.220.172; Received: by mail-vc0-f172.google.com with SMTP id hy10so11276625vcb.31 for ; Thu, 10 Jul 2014 11:15:57 -0700 (PDT) X-Received: by 10.58.207.84 with SMTP id lu20mr3514446vec.9.1405016157084; Thu, 10 Jul 2014 11:15:57 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.221.37.5 with SMTP id tc5csp156631vcb; Thu, 10 Jul 2014 11:15:56 -0700 (PDT) X-Received: by 10.52.119.179 with SMTP id kv19mr39360067vdb.3.1405016156320; Thu, 10 Jul 2014 11:15:56 -0700 (PDT) Received: from lists.xen.org (lists.xen.org. [50.57.142.19]) by mx.google.com with ESMTPS id xx2si7610536vdc.54.2014.07.10.11.15.55 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Thu, 10 Jul 2014 11:15:56 -0700 (PDT) Received-SPF: none (google.com: xen-devel-bounces@lists.xen.org does not designate permitted sender hosts) client-ip=50.57.142.19; Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1X5IrT-0008NK-Tt; Thu, 10 Jul 2014 18:14:27 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1X5IrS-0008N8-6G for xen-devel@lists.xensource.com; Thu, 10 Jul 2014 18:14:26 +0000 Received: from [85.158.137.68:42313] by server-3.bemta-3.messagelabs.com id BC/CF-25808-108DEB35; Thu, 10 Jul 2014 18:14:25 +0000 X-Env-Sender: Stefano.Stabellini@citrix.com X-Msg-Ref: server-6.tower-31.messagelabs.com!1405016062!10780858!1 X-Originating-IP: [66.165.176.89] X-SpamReason: No, hits=0.0 required=7.0 tests=sa_preprocessor: VHJ1c3RlZCBJUDogNjYuMTY1LjE3Ni44OSA9PiAyMDMwMDc=\n X-StarScan-Received: X-StarScan-Version: 6.11.3; banners=-,-,- X-VirusChecked: Checked Received: (qmail 5314 invoked from network); 10 Jul 2014 18:14:24 -0000 Received: from smtp.citrix.com (HELO SMTP.CITRIX.COM) (66.165.176.89) by server-6.tower-31.messagelabs.com with RC4-SHA encrypted SMTP; 10 Jul 2014 18:14:24 -0000 X-IronPort-AV: E=Sophos;i="5.01,639,1400025600"; d="scan'208";a="151491042" Received: from accessns.citrite.net (HELO FTLPEX01CL01.citrite.net) ([10.9.154.239]) by FTLPIPO01.CITRIX.COM with ESMTP; 10 Jul 2014 18:14:22 +0000 Received: from ukmail1.uk.xensource.com (10.80.16.128) by smtprelay.citrix.com (10.13.107.78) with Microsoft SMTP Server id 14.3.181.6; Thu, 10 Jul 2014 14:14:21 -0400 Received: from kaball.uk.xensource.com ([10.80.2.59]) by ukmail1.uk.xensource.com with esmtp (Exim 4.69) (envelope-from ) id 1X5IrH-00037s-Tq; Thu, 10 Jul 2014 19:14:15 +0100 From: Stefano Stabellini To: Date: Thu, 10 Jul 2014 19:13:14 +0100 Message-ID: <1405016003-19131-1-git-send-email-stefano.stabellini@eu.citrix.com> X-Mailer: git-send-email 1.7.9.5 In-Reply-To: References: MIME-Version: 1.0 X-DLP: MIA2 Cc: julien.grall@citrix.com, Ian.Campbell@citrix.com, Stefano Stabellini Subject: [Xen-devel] [PATCH v8 01/10] xen/arm: observe itargets setting in vgic_enable_irqs and vgic_disable_irqs X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Post: , List-Help: , List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: stefano.stabellini@eu.citrix.com X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.220.172 as permitted sender) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 List-Archive: vgic_enable_irqs should enable irq delivery to the vcpu specified by GICD_ITARGETSR, rather than the vcpu that wrote to GICD_ISENABLER. Similarly vgic_disable_irqs should use the target vcpu specified by itarget to disable irqs. itargets can be set to a mask but vgic_get_target_vcpu always returns the lower vcpu in the mask. Correctly initialize itargets for SPIs. Ignore bits in GICD_ITARGETSR corresponding to invalid vcpus. Signed-off-by: Stefano Stabellini Acked-by: Julien Grall Acked-by: Ian Campbell --- Changes in v8: - rebase on ab78724fc5628318b172b4344f7280621a151e1b. Changes in v7: - add ASSERT to _vgic_get_target_vcpu; - add comment to vgic_distr_mmio_write. Changes in v6: - add assert and bug_on; - add in-code comments; - move additional check on itargets writing from the following patch to this patch; - sizeof(itargets) instead of 8*sizeof(itargets[0]); - remove the unneeded cast of &target for find_first_bit. Changes in v5: - improve in-code comments; - use vgic_rank_irq; - use bit masks to write-ignore GICD_ITARGETSR; - introduce an version of vgic_get_target_vcpu that doesn't take the rank lock; - keep the rank lock while enabling/disabling irqs; - use find_first_bit instead of find_next_bit; - check for zero writes to GICD_ITARGETSR. Changes in v4: - remove assert that could allow a guest to crash Xen; - add itargets validation to vgic_distr_mmio_write; - export vgic_get_target_vcpu. Changes in v3: - add assert in get_target_vcpu; - rename get_target_vcpu to vgic_get_target_vcpu. Changes in v2: - refactor the common code in get_target_vcpu; - unify PPI and SPI paths; - correctly initialize itargets for SPI; - use byte_read. --- xen/arch/arm/vgic-v2.c | 24 +++++++++++++++---- xen/arch/arm/vgic.c | 56 ++++++++++++++++++++++++++++++++++++++------- xen/include/asm-arm/gic.h | 2 ++ 3 files changed, 70 insertions(+), 12 deletions(-) diff --git a/xen/arch/arm/vgic-v2.c b/xen/arch/arm/vgic-v2.c index 2102e43..9629cbe 100644 --- a/xen/arch/arm/vgic-v2.c +++ b/xen/arch/arm/vgic-v2.c @@ -298,12 +298,12 @@ static int vgic_v2_distr_mmio_write(struct vcpu *v, mmio_info_t *info) vgic_lock_rank(v, rank); tr = rank->ienable; rank->ienable |= *r; - vgic_unlock_rank(v, rank); /* The virtual irq is derived from register offset. * The register difference is word difference. So divide by 2(DABT_WORD) * to get Virtual irq number */ vgic_enable_irqs(v, (*r) & (~tr), (gicd_reg - GICD_ISENABLER) >> DABT_WORD); + vgic_unlock_rank(v, rank); return 1; case GICD_ICENABLER ... GICD_ICENABLERN: @@ -313,12 +313,12 @@ static int vgic_v2_distr_mmio_write(struct vcpu *v, mmio_info_t *info) vgic_lock_rank(v, rank); tr = rank->ienable; rank->ienable &= ~*r; - vgic_unlock_rank(v, rank); /* The virtual irq is derived from register offset. * The register difference is word difference. So divide by 2(DABT_WORD) * to get Virtual irq number */ vgic_disable_irqs(v, (*r) & tr, (gicd_reg - GICD_ICENABLER) >> DABT_WORD); + vgic_unlock_rank(v, rank); return 1; case GICD_ISPENDR ... GICD_ISPENDRN: @@ -359,13 +359,29 @@ static int vgic_v2_distr_mmio_write(struct vcpu *v, mmio_info_t *info) if ( dabt.size != DABT_BYTE && dabt.size != DABT_WORD ) goto bad_width; rank = vgic_rank_offset(v, 8, gicd_reg - GICD_ITARGETSR, DABT_WORD); if ( rank == NULL) goto write_ignore; + /* 8-bit vcpu mask for this domain */ + BUG_ON(v->domain->max_vcpus > 8); + tr = (1 << v->domain->max_vcpus) - 1; + if ( dabt.size == 2 ) + tr = tr | (tr << 8) | (tr << 16) | (tr << 24); + else + tr = (tr << (8 * (gicd_reg & 0x3))); + tr &= *r; + /* ignore zero writes */ + if ( !tr ) + goto write_ignore; + /* For word reads ignore writes where any single byte is zero */ + if ( dabt.size == 2 && + !((tr & 0xff) && (tr & (0xff << 8)) && + (tr & (0xff << 16)) && (tr & (0xff << 24)))) + goto write_ignore; vgic_lock_rank(v, rank); if ( dabt.size == DABT_WORD ) rank->itargets[REG_RANK_INDEX(8, gicd_reg - GICD_ITARGETSR, - DABT_WORD)] = *r; + DABT_WORD)] = tr; else vgic_byte_write(&rank->itargets[REG_RANK_INDEX(8, - gicd_reg - GICD_ITARGETSR, DABT_WORD)], *r, gicd_reg); + gicd_reg - GICD_ITARGETSR, DABT_WORD)], tr, gicd_reg); vgic_unlock_rank(v, rank); return 1; diff --git a/xen/arch/arm/vgic.c b/xen/arch/arm/vgic.c index 1948316..5b0b2da 100644 --- a/xen/arch/arm/vgic.c +++ b/xen/arch/arm/vgic.c @@ -96,7 +96,13 @@ int domain_vgic_init(struct domain *d) INIT_LIST_HEAD(&d->arch.vgic.pending_irqs[i].lr_queue); } for (i=0; iarch.vgic.shared_irqs[i].lock); + /* By default deliver to CPU0 */ + memset(d->arch.vgic.shared_irqs[i].itargets, + 0x1, + sizeof(d->arch.vgic.shared_irqs[i].itargets)); + } d->arch.vgic.handler->domain_init(d); @@ -146,6 +152,36 @@ int vcpu_vgic_free(struct vcpu *v) return 0; } +/* the rank lock is already taken */ +static struct vcpu *_vgic_get_target_vcpu(struct vcpu *v, unsigned int irq) +{ + unsigned long target; + struct vcpu *v_target; + struct vgic_irq_rank *rank = vgic_rank_irq(v, irq); + ASSERT(spin_is_locked(&rank->lock)); + + target = vgic_byte_read(rank->itargets[(irq%32)/4], 0, irq % 4); + /* 1-N SPI should be delivered as pending to all the vcpus in the + * mask, but here we just return the first vcpu for simplicity and + * because it would be too slow to do otherwise. */ + target = find_first_bit(&target, 8); + ASSERT(target >= 0 && target < v->domain->max_vcpus); + v_target = v->domain->vcpu[target]; + return v_target; +} + +/* takes the rank lock */ +struct vcpu *vgic_get_target_vcpu(struct vcpu *v, unsigned int irq) +{ + struct vcpu *v_target; + struct vgic_irq_rank *rank = vgic_rank_irq(v, irq); + + vgic_lock_rank(v, rank); + v_target = _vgic_get_target_vcpu(v, irq); + vgic_unlock_rank(v, rank); + return v_target; +} + void vgic_disable_irqs(struct vcpu *v, uint32_t r, int n) { const unsigned long mask = r; @@ -153,12 +189,14 @@ void vgic_disable_irqs(struct vcpu *v, uint32_t r, int n) unsigned int irq; unsigned long flags; int i = 0; + struct vcpu *v_target; while ( (i = find_next_bit(&mask, 32, i)) < 32 ) { irq = i + (32 * n); - p = irq_to_pending(v, irq); + v_target = _vgic_get_target_vcpu(v, irq); + p = irq_to_pending(v_target, irq); clear_bit(GIC_IRQ_GUEST_ENABLED, &p->status); - gic_remove_from_queues(v, irq); + gic_remove_from_queues(v_target, irq); if ( p->desc != NULL ) { spin_lock_irqsave(&p->desc->lock, flags); @@ -176,24 +214,26 @@ void vgic_enable_irqs(struct vcpu *v, uint32_t r, int n) unsigned int irq; unsigned long flags; int i = 0; + struct vcpu *v_target; while ( (i = find_next_bit(&mask, 32, i)) < 32 ) { irq = i + (32 * n); - p = irq_to_pending(v, irq); + v_target = _vgic_get_target_vcpu(v, irq); + p = irq_to_pending(v_target, irq); set_bit(GIC_IRQ_GUEST_ENABLED, &p->status); /* We need to force the first injection of evtchn_irq because * evtchn_upcall_pending is already set by common code on vcpu * creation. */ - if ( irq == v->domain->arch.evtchn_irq && + if ( irq == v_target->domain->arch.evtchn_irq && vcpu_info(current, evtchn_upcall_pending) && list_empty(&p->inflight) ) - vgic_vcpu_inject_irq(v, irq); + vgic_vcpu_inject_irq(v_target, irq); else { unsigned long flags; - spin_lock_irqsave(&v->arch.vgic.lock, flags); + spin_lock_irqsave(&v_target->arch.vgic.lock, flags); if ( !list_empty(&p->inflight) && !test_bit(GIC_IRQ_GUEST_VISIBLE, &p->status) ) - gic_raise_guest_irq(v, irq, p->priority); - spin_unlock_irqrestore(&v->arch.vgic.lock, flags); + gic_raise_guest_irq(v_target, irq, p->priority); + spin_unlock_irqrestore(&v_target->arch.vgic.lock, flags); } if ( p->desc != NULL ) { diff --git a/xen/include/asm-arm/gic.h b/xen/include/asm-arm/gic.h index a0c07bf..6410280 100644 --- a/xen/include/asm-arm/gic.h +++ b/xen/include/asm-arm/gic.h @@ -320,6 +320,8 @@ struct gic_hw_operations { void register_gic_ops(const struct gic_hw_operations *ops); +struct vcpu *vgic_get_target_vcpu(struct vcpu *v, unsigned int irq); + #endif /* __ASSEMBLY__ */ #endif