diff options
| author | Chuck Tuffli <chuck@FreeBSD.org> | 2025-11-12 15:39:29 +0000 |
|---|---|---|
| committer | Chuck Tuffli <chuck@FreeBSD.org> | 2025-11-12 15:39:29 +0000 |
| commit | 6e68cd8666e14db265f00e9ee59b670ca2964e0d (patch) | |
| tree | 966fa46ffc2190325bfac6e06e0ba9964e756a8b | |
| parent | 7bcd3a04c8695d797665289ed48ff2d84afb8ac4 (diff) | |
vmm: Initialize AMD IOMMU command buffers
The driver communicates with the AMD IOMMU by writing to the tail of a
fixed length command ring buffer. After issuing cmd_max commands, the
tail pointer wraps back to the beginning of the ring buffer. Now, each
command buffer entry will contain content from previous commands which
may set bits in fields marked as Reserved for the current command. In
some cases, the hardware will return an ILLEGAL_COMMAND_ERROR event when
this occurs.
Fix is to memset the command buffer prior to use.
PR: 270966
Reviewed by: corvink, kib, markj
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D53692
| -rw-r--r-- | sys/amd64/vmm/amd/amdvi_hw.c | 10 |
1 files changed, 1 insertions, 9 deletions
diff --git a/sys/amd64/vmm/amd/amdvi_hw.c b/sys/amd64/vmm/amd/amdvi_hw.c index 831c31277570..4dd0339654a9 100644 --- a/sys/amd64/vmm/amd/amdvi_hw.c +++ b/sys/amd64/vmm/amd/amdvi_hw.c @@ -274,6 +274,7 @@ amdvi_get_cmd_tail(struct amdvi_softc *softc) tail = (struct amdvi_cmd *)((uint8_t *)softc->cmd + ctrl->cmd_tail); + memset(tail, 0, sizeof(*tail)); return (tail); } @@ -316,7 +317,6 @@ amdvi_cmd_cmp(struct amdvi_softc *softc, const uint64_t data) uint64_t pa; cmd = amdvi_get_cmd_tail(softc); - KASSERT(cmd != NULL, ("Cmd is NULL")); pa = vtophys(&softc->cmp_data); cmd->opcode = AMDVI_CMP_WAIT_OPCODE; @@ -334,7 +334,6 @@ amdvi_cmd_inv_dte(struct amdvi_softc *softc, uint16_t devid) struct amdvi_cmd *cmd; cmd = amdvi_get_cmd_tail(softc); - KASSERT(cmd != NULL, ("Cmd is NULL")); cmd->opcode = AMDVI_INVD_DTE_OPCODE; cmd->word0 = devid; amdvi_update_cmd_tail(softc); @@ -352,7 +351,6 @@ amdvi_cmd_inv_iommu_pages(struct amdvi_softc *softc, uint16_t domain_id, struct amdvi_cmd *cmd; cmd = amdvi_get_cmd_tail(softc); - KASSERT(cmd != NULL, ("Cmd is NULL")); cmd->opcode = AMDVI_INVD_PAGE_OPCODE; cmd->word1 = domain_id; @@ -383,7 +381,6 @@ amdvi_cmd_inv_iotlb(struct amdvi_softc *softc, uint16_t devid) qlen, RID2PCI_STR(devid)); } cmd = amdvi_get_cmd_tail(softc); - KASSERT(cmd != NULL, ("Cmd is NULL")); #ifdef AMDVI_DEBUG_CMD device_printf(softc->dev, "Invalidate IOTLB devID 0x%x" @@ -406,7 +403,6 @@ amdvi_cmd_inv_intr_map(struct amdvi_softc *softc, struct amdvi_cmd *cmd; cmd = amdvi_get_cmd_tail(softc); - KASSERT(cmd != NULL, ("Cmd is NULL")); cmd->opcode = AMDVI_INVD_INTR_OPCODE; cmd->word0 = devid; amdvi_update_cmd_tail(softc); @@ -420,10 +416,6 @@ amdvi_cmd_inv_intr_map(struct amdvi_softc *softc, static void amdvi_inv_domain(struct amdvi_softc *softc, uint16_t domain_id) { - struct amdvi_cmd *cmd __diagused; - - cmd = amdvi_get_cmd_tail(softc); - KASSERT(cmd != NULL, ("Cmd is NULL")); /* * See section 3.3.3 of IOMMU spec rev 2.0, software note |