Commit 32420522 authored Aug 13, 2014 by Alexey Kardashevskiy Committed by Alexander Graf Sep 08, 2014

spapr_pci: Fix config space corruption



When disabling MSI/MSIX via "ibm,change-msi" RTAS call, no check was made
if MSI or MSIX is actually supported and the MSI message was reset
unconditionally. If this happened on a device which does not support MSI
(but does support MSIX, otherwise "ibm,change-msi" would not be called),
this device would have PCIDevice::msi_cap field (MSI capability offset)
set to zero and writing a vector would actually clear PCI status.

This clears MSI message only if MSI or MSIX is present on a device.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>

parent b981289c

hw/ppc/spapr_pci.c

+6 −2

Original line number	Diff line number	Diff line
		@@ -262,7 +262,6 @@ static void rtas_ibm_change_msi(PowerPCCPU cpu, sPAPREnvironment spapr,
		unsigned int irq, max_irqs = 0, num = 0;
		sPAPRPHBState *phb = NULL;
		PCIDevice *pdev = NULL;
		bool msix = false;
		spapr_pci_msi *msi;
		int *config_addr_key;

		@@ -300,7 +299,12 @@ static void rtas_ibm_change_msi(PowerPCCPU cpu, sPAPREnvironment spapr,
		}

		xics_free(spapr->icp, msi->first_irq, msi->num);
		spapr_msi_setmsg(pdev, 0, msix, 0, num);
		if (msi_present(pdev)) {
		spapr_msi_setmsg(pdev, 0, false, 0, num);
		}
		if (msix_present(pdev)) {
		spapr_msi_setmsg(pdev, 0, true, 0, num);
		}
		g_hash_table_remove(phb->msi, &config_addr);

		trace_spapr_pci_msi("Released MSIs", config_addr);