On Tue, Nov 08, 2016 at 10:24:18AM -0500, Peter Xu wrote:
> On Tue, Nov 08, 2016 at 11:52:35AM +0100, Alexander Gordeev wrote:
> > On Wed, Oct 26, 2016 at 03:47:04PM +0800, Peter Xu wrote:
> > > +static inline void vtd_writel(unsigned int reg, uint32_t value)
> > > +{
> > > + *(uint32_t *)(Q35_HOST_BRIDGE_IOMMU_ADDR + reg) = value;
> > > +}
> > > +
> > > +static inline void vtd_writeq(unsigned int reg, uint64_t value)
> > > +{
> > > + *(uint64_t *)(Q35_HOST_BRIDGE_IOMMU_ADDR + reg) = value;
> > > +}
> > > +
> > > +static inline uint32_t vtd_readl(unsigned int reg)
> > > +{
> > > + return *(uint32_t *)(Q35_HOST_BRIDGE_IOMMU_ADDR + reg);
> > > +}
> > > +
> > > +static inline uint64_t vtd_readq(unsigned int reg)
> > > +{
> > > + return *(uint64_t *)(Q35_HOST_BRIDGE_IOMMU_ADDR + reg);
> > > +}
> >
> > Is it safe to use memory dereference here?
> > By contrast, Linux seems uses read*()/write*() accessors.
>
> Looks like Linux is using memory barrior and volatile keywords to do
> the protection (build_mmio_read() for x86). I think at least I can add
> volatile here for each read/write to make it safer. Do you think
> that'll suffice here? E.g.:
>
> static inline uint64_t vtd_readq(unsigned int reg)
> {
> return *(volatile uint64_t *)(Q35_HOST_BRIDGE_IOMMU_ADDR + reg);
> }
Yeah, I think with volatile it is better. But I am still missing
why not just use read/write which already exist and use volatile:
static inline u64 __raw_readq(const volatile void *addr)
{
assert(sizeof(unsigned long) == sizeof(u64));
return *(const volatile u64 *)addr;
}
> Thanks,
>
> -- peterx
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
