|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH v9 01/10] xen/arm: observe itargets setting in vgic_enable_irqs and vgic_disable_irqs
vgic_enable_irqs should enable irq delivery to the vcpu specified by
GICD_ITARGETSR, rather than the vcpu that wrote to GICD_ISENABLER.
Similarly vgic_disable_irqs should use the target vcpu specified by
itarget to disable irqs.
itargets can be set to a mask but vgic_get_target_vcpu always returns
the lower vcpu in the mask.
Correctly initialize itargets for SPIs.
Ignore bits in GICD_ITARGETSR corresponding to invalid vcpus.
Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>
Acked-by: Julien Grall <julien.grall@xxxxxxxxxx>
Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
---
Changes in v9:
- move vgic_get_target_vcpu declaration to vgic.h;
- move _vgic_get_target_vcpu to vgic-v2.c and name it
vgic_v2_get_target_vcpu;
- introduce get_target_vcpu to vgic_ops.
Changes in v8:
- rebase on ab78724fc5628318b172b4344f7280621a151e1b.
Changes in v7:
- add ASSERT to _vgic_get_target_vcpu;
- add comment to vgic_distr_mmio_write.
Changes in v6:
- add assert and bug_on;
- add in-code comments;
- move additional check on itargets writing from the following patch to
this patch;
- sizeof(itargets) instead of 8*sizeof(itargets[0]);
- remove the unneeded cast of &target for find_first_bit.
Changes in v5:
- improve in-code comments;
- use vgic_rank_irq;
- use bit masks to write-ignore GICD_ITARGETSR;
- introduce an version of vgic_get_target_vcpu that doesn't take the
rank lock;
- keep the rank lock while enabling/disabling irqs;
- use find_first_bit instead of find_next_bit;
- check for zero writes to GICD_ITARGETSR.
Changes in v4:
- remove assert that could allow a guest to crash Xen;
- add itargets validation to vgic_distr_mmio_write;
- export vgic_get_target_vcpu.
Changes in v3:
- add assert in get_target_vcpu;
- rename get_target_vcpu to vgic_get_target_vcpu.
Changes in v2:
- refactor the common code in get_target_vcpu;
- unify PPI and SPI paths;
- correctly initialize itargets for SPI;
- use byte_read.
---
xen/arch/arm/vgic-v2.c | 42 ++++++++++++++++++++++++++++++++++++++----
xen/arch/arm/vgic.c | 43 ++++++++++++++++++++++++++++++++++---------
xen/include/asm-arm/vgic.h | 5 +++++
3 files changed, 77 insertions(+), 13 deletions(-)
diff --git a/xen/arch/arm/vgic-v2.c b/xen/arch/arm/vgic-v2.c
index 2102e43..63d4f65 100644
--- a/xen/arch/arm/vgic-v2.c
+++ b/xen/arch/arm/vgic-v2.c
@@ -298,12 +298,12 @@ static int vgic_v2_distr_mmio_write(struct vcpu *v,
mmio_info_t *info)
vgic_lock_rank(v, rank);
tr = rank->ienable;
rank->ienable |= *r;
- vgic_unlock_rank(v, rank);
/* The virtual irq is derived from register offset.
* The register difference is word difference. So divide by
2(DABT_WORD)
* to get Virtual irq number */
vgic_enable_irqs(v, (*r) & (~tr),
(gicd_reg - GICD_ISENABLER) >> DABT_WORD);
+ vgic_unlock_rank(v, rank);
return 1;
case GICD_ICENABLER ... GICD_ICENABLERN:
@@ -313,12 +313,12 @@ static int vgic_v2_distr_mmio_write(struct vcpu *v,
mmio_info_t *info)
vgic_lock_rank(v, rank);
tr = rank->ienable;
rank->ienable &= ~*r;
- vgic_unlock_rank(v, rank);
/* The virtual irq is derived from register offset.
* The register difference is word difference. So divide by
2(DABT_WORD)
* to get Virtual irq number */
vgic_disable_irqs(v, (*r) & tr,
(gicd_reg - GICD_ICENABLER) >> DABT_WORD);
+ vgic_unlock_rank(v, rank);
return 1;
case GICD_ISPENDR ... GICD_ISPENDRN:
@@ -359,13 +359,29 @@ static int vgic_v2_distr_mmio_write(struct vcpu *v,
mmio_info_t *info)
if ( dabt.size != DABT_BYTE && dabt.size != DABT_WORD ) goto bad_width;
rank = vgic_rank_offset(v, 8, gicd_reg - GICD_ITARGETSR, DABT_WORD);
if ( rank == NULL) goto write_ignore;
+ /* 8-bit vcpu mask for this domain */
+ BUG_ON(v->domain->max_vcpus > 8);
+ tr = (1 << v->domain->max_vcpus) - 1;
+ if ( dabt.size == 2 )
+ tr = tr | (tr << 8) | (tr << 16) | (tr << 24);
+ else
+ tr = (tr << (8 * (gicd_reg & 0x3)));
+ tr &= *r;
+ /* ignore zero writes */
+ if ( !tr )
+ goto write_ignore;
+ /* For word reads ignore writes where any single byte is zero */
+ if ( dabt.size == 2 &&
+ !((tr & 0xff) && (tr & (0xff << 8)) &&
+ (tr & (0xff << 16)) && (tr & (0xff << 24))))
+ goto write_ignore;
vgic_lock_rank(v, rank);
if ( dabt.size == DABT_WORD )
rank->itargets[REG_RANK_INDEX(8, gicd_reg - GICD_ITARGETSR,
- DABT_WORD)] = *r;
+ DABT_WORD)] = tr;
else
vgic_byte_write(&rank->itargets[REG_RANK_INDEX(8,
- gicd_reg - GICD_ITARGETSR, DABT_WORD)], *r, gicd_reg);
+ gicd_reg - GICD_ITARGETSR, DABT_WORD)], tr, gicd_reg);
vgic_unlock_rank(v, rank);
return 1;
@@ -460,6 +476,23 @@ static const struct mmio_handler_ops
vgic_v2_distr_mmio_handler = {
.write_handler = vgic_v2_distr_mmio_write,
};
+static struct vcpu *vgic_v2_get_target_vcpu(struct vcpu *v, unsigned int irq)
+{
+ unsigned long target;
+ struct vcpu *v_target;
+ struct vgic_irq_rank *rank = vgic_rank_irq(v, irq);
+ ASSERT(spin_is_locked(&rank->lock));
+
+ target = vgic_byte_read(rank->itargets[(irq%32)/4], 0, irq % 4);
+ /* 1-N SPI should be delivered as pending to all the vcpus in the
+ * mask, but here we just return the first vcpu for simplicity and
+ * because it would be too slow to do otherwise. */
+ target = find_first_bit(&target, 8);
+ ASSERT(target >= 0 && target < v->domain->max_vcpus);
+ v_target = v->domain->vcpu[target];
+ return v_target;
+}
+
static int vgic_v2_vcpu_init(struct vcpu *v)
{
int i;
@@ -487,6 +520,7 @@ static int vgic_v2_domain_init(struct domain *d)
static const struct vgic_ops vgic_v2_ops = {
.vcpu_init = vgic_v2_vcpu_init,
.domain_init = vgic_v2_domain_init,
+ .get_target_vcpu = vgic_v2_get_target_vcpu,
};
int vgic_v2_init(struct domain *d)
diff --git a/xen/arch/arm/vgic.c b/xen/arch/arm/vgic.c
index 1948316..ebfec83 100644
--- a/xen/arch/arm/vgic.c
+++ b/xen/arch/arm/vgic.c
@@ -48,7 +48,7 @@ struct vgic_irq_rank *vgic_rank_offset(struct vcpu *v, int b,
int n,
return NULL;
}
-static struct vgic_irq_rank *vgic_rank_irq(struct vcpu *v, unsigned int irq)
+struct vgic_irq_rank *vgic_rank_irq(struct vcpu *v, unsigned int irq)
{
return vgic_rank_offset(v, 8, irq, DABT_WORD);
}
@@ -96,7 +96,13 @@ int domain_vgic_init(struct domain *d)
INIT_LIST_HEAD(&d->arch.vgic.pending_irqs[i].lr_queue);
}
for (i=0; i<DOMAIN_NR_RANKS(d); i++)
+ {
spin_lock_init(&d->arch.vgic.shared_irqs[i].lock);
+ /* By default deliver to CPU0 */
+ memset(d->arch.vgic.shared_irqs[i].itargets,
+ 0x1,
+ sizeof(d->arch.vgic.shared_irqs[i].itargets));
+ }
d->arch.vgic.handler->domain_init(d);
@@ -146,19 +152,35 @@ int vcpu_vgic_free(struct vcpu *v)
return 0;
}
+/* takes the rank lock */
+struct vcpu *vgic_get_target_vcpu(struct vcpu *v, unsigned int irq)
+{
+ struct domain *d = v->domain;
+ struct vcpu *v_target;
+ struct vgic_irq_rank *rank = vgic_rank_irq(v, irq);
+
+ vgic_lock_rank(v, rank);
+ v_target = d->arch.vgic.handler->get_target_vcpu(v, irq);
+ vgic_unlock_rank(v, rank);
+ return v_target;
+}
+
void vgic_disable_irqs(struct vcpu *v, uint32_t r, int n)
{
+ struct domain *d = v->domain;
const unsigned long mask = r;
struct pending_irq *p;
unsigned int irq;
unsigned long flags;
int i = 0;
+ struct vcpu *v_target;
while ( (i = find_next_bit(&mask, 32, i)) < 32 ) {
irq = i + (32 * n);
- p = irq_to_pending(v, irq);
+ v_target = d->arch.vgic.handler->get_target_vcpu(v, irq);
+ p = irq_to_pending(v_target, irq);
clear_bit(GIC_IRQ_GUEST_ENABLED, &p->status);
- gic_remove_from_queues(v, irq);
+ gic_remove_from_queues(v_target, irq);
if ( p->desc != NULL )
{
spin_lock_irqsave(&p->desc->lock, flags);
@@ -171,29 +193,32 @@ void vgic_disable_irqs(struct vcpu *v, uint32_t r, int n)
void vgic_enable_irqs(struct vcpu *v, uint32_t r, int n)
{
+ struct domain *d = v->domain;
const unsigned long mask = r;
struct pending_irq *p;
unsigned int irq;
unsigned long flags;
int i = 0;
+ struct vcpu *v_target;
while ( (i = find_next_bit(&mask, 32, i)) < 32 ) {
irq = i + (32 * n);
- p = irq_to_pending(v, irq);
+ v_target = d->arch.vgic.handler->get_target_vcpu(v, irq);
+ p = irq_to_pending(v_target, irq);
set_bit(GIC_IRQ_GUEST_ENABLED, &p->status);
/* We need to force the first injection of evtchn_irq because
* evtchn_upcall_pending is already set by common code on vcpu
* creation. */
- if ( irq == v->domain->arch.evtchn_irq &&
+ if ( irq == v_target->domain->arch.evtchn_irq &&
vcpu_info(current, evtchn_upcall_pending) &&
list_empty(&p->inflight) )
- vgic_vcpu_inject_irq(v, irq);
+ vgic_vcpu_inject_irq(v_target, irq);
else {
unsigned long flags;
- spin_lock_irqsave(&v->arch.vgic.lock, flags);
+ spin_lock_irqsave(&v_target->arch.vgic.lock, flags);
if ( !list_empty(&p->inflight) && !test_bit(GIC_IRQ_GUEST_VISIBLE,
&p->status) )
- gic_raise_guest_irq(v, irq, p->priority);
- spin_unlock_irqrestore(&v->arch.vgic.lock, flags);
+ gic_raise_guest_irq(v_target, irq, p->priority);
+ spin_unlock_irqrestore(&v_target->arch.vgic.lock, flags);
}
if ( p->desc != NULL )
{
diff --git a/xen/include/asm-arm/vgic.h b/xen/include/asm-arm/vgic.h
index 19eed7e..81a3eef 100644
--- a/xen/include/asm-arm/vgic.h
+++ b/xen/include/asm-arm/vgic.h
@@ -91,6 +91,9 @@ struct vgic_ops {
int (*vcpu_init)(struct vcpu *v);
/* Domain specific initialization of vGIC */
int (*domain_init)(struct domain *d);
+ /* Get the target vcpu for a given virq. The rank lock is already taken
+ * when calling this. */
+ struct vcpu *(*get_target_vcpu)(struct vcpu *v, unsigned int irq);
};
/* Number of ranks of interrupt registers for a domain */
@@ -151,10 +154,12 @@ enum gic_sgi_mode;
extern int domain_vgic_init(struct domain *d);
extern void domain_vgic_free(struct domain *d);
extern int vcpu_vgic_init(struct vcpu *v);
+extern struct vcpu *vgic_get_target_vcpu(struct vcpu *v, unsigned int irq);
extern void vgic_vcpu_inject_irq(struct vcpu *v, unsigned int irq);
extern void vgic_clear_pending_irqs(struct vcpu *v);
extern struct pending_irq *irq_to_pending(struct vcpu *v, unsigned int irq);
extern struct vgic_irq_rank *vgic_rank_offset(struct vcpu *v, int b, int n,
int s);
+extern struct vgic_irq_rank *vgic_rank_irq(struct vcpu *v, unsigned int irq);
extern void vgic_disable_irqs(struct vcpu *v, uint32_t r, int n);
extern void vgic_enable_irqs(struct vcpu *v, uint32_t r, int n);
extern void register_vgic_ops(struct domain *d, const struct vgic_ops *ops);
--
1.7.10.4
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |