On Mon, Jun 24, 2019 at 06:11:11PM +0800, Auger Eric wrote:
> Hi Yan,
>
> On 6/24/19 10:39 AM, Yan Zhao wrote:
> > if an entry has parts out of scope of notifier's range, print warning
> > message.
> >
> > Out of scope mapping/unmapping would cause problem, as in below case:
> >
> > 1. initially there are two notifiers with ranges
> > 0-0xfedfffff, 0xfef00000-0xffffffffffffffff,
> > IOVAs from 0x3c000000 - 0x3c1fffff is in shadow page table.
> >
> > 2. in vfio, memory_region_register_iommu_notifier() is followed by
> > memory_region_iommu_replay(), which will first call address space
> > unmap,
> > and walk and add back all entries in vtd shadow page table. e.g.
> > (1) for notifier 0-0xfedfffff,
> > IOVAs from 0 - 0xffffffff get unmapped,
> > and IOVAs from 0x3c000000 - 0x3c1fffff get mapped
> > (2) for notifier 0xfef00000-0xffffffffffffffff
> > IOVAs from 0 - 0x7fffffffff get unmapped,
> > but IOVAs from 0x3c000000 - 0x3c1fffff cannot get mapped back.
> >
> > Cc: Auger Eric <eric.au...@redhat.com>
> > Signed-off-by: Yan Zhao <yan.y.z...@intel.com>
> >
> > ---
> > v3:
> > refined code style and message format
> >
> > v2:
> > 1. added a local variable entry_end (Auger Eric)
> > 2. using PRIx64 as format for address range in warning message
> > (Auger Eric)
> > ---
> > memory.c | 13 +++++++++++--
> > 1 file changed, 11 insertions(+), 2 deletions(-)
> >
> > diff --git a/memory.c b/memory.c
> > index 0a089a7..c7154ab 100644
> > --- a/memory.c
> > +++ b/memory.c
> > @@ -1937,13 +1937,13 @@ void memory_region_notify_one(IOMMUNotifier
> > *notifier,
> > IOMMUTLBEntry *entry)
> > {
> > IOMMUNotifierFlag request_flags;
> > + hwaddr entry_end = entry->iova + entry->addr_mask;
> >
> > /*
> > * Skip the notification if the notification does not overlap
> > * with registered range.
> > */
> > - if (notifier->start > entry->iova + entry->addr_mask ||
> > - notifier->end < entry->iova) {
> > + if (notifier->start > entry_end || notifier->end < entry->iova) {
> > return;
> > }
> >
> > @@ -1953,6 +1953,15 @@ void memory_region_notify_one(IOMMUNotifier
> > *notifier,
> > request_flags = IOMMU_NOTIFIER_UNMAP;
> > }
> >
> > + if (entry->iova < notifier->start || entry_end > notifier->end) {
> > + warn_report("%s IOMMUTLBEntry 0x%" PRIx64 " - 0x%" PRIx64
> > + " outside of notifier scope 0x%" PRIx64 " - 0x%" PRIx64,
> > + (request_flags == IOMMU_NOTIFIER_MAP) ?
> > + "Mapping" : "Unmapping",
> > + entry->iova, entry->iova + entry->addr_mask,
> entry_end as well.
>
> Then shouldn't we assert in that case?
>
Yes, assert is good. I'll change warning to assert then.
Thanks
Yan
> Thanks
>
> Eric
> > + notifier->start, notifier->end);
> > + }
> > +
> > if (notifier->notifier_flags & request_flags) {
> > notifier->notify(notifier, entry);
> > }
> >
