On Fri, 15 Feb 2019 17:16:06 +0100
Eric Auger <eric.auger@xxxxxxxxxx> wrote:
> pci_map_rom/pci_get_rom_size() performs memory access in the ROM.
> In case the Memory Space accesses were disabled, readw() is likely
> to trigger a synchronous external abort on some platforms.
>
> In case memory accesses were disabled, re-enable them before the
> call and disable them back again just after.
>
> Fixes: 89e1f7d4c66d ("vfio: Add PCI device driver")
>
> Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx>
> Suggested-by: Alex Williamson <alex.williamson@xxxxxxxxxx>
Applied to vfio next branch for v5.1. Thanks,
Alex
> ---
> v2 -> v3:
> - follow Alex re-writing
>
> v1 -> v2:
> - also re-enable in case of error
> ---
> drivers/vfio/pci/vfio_pci.c | 25 +++++++++++++++++--------
> 1 file changed, 17 insertions(+), 8 deletions(-)
>
> diff --git a/drivers/vfio/pci/vfio_pci.c b/drivers/vfio/pci/vfio_pci.c
> index ff60bd1ea587..4b0d30f1eabc 100644
> --- a/drivers/vfio/pci/vfio_pci.c
> +++ b/drivers/vfio/pci/vfio_pci.c
> @@ -708,6 +708,7 @@ static long vfio_pci_ioctl(void *device_data,
> {
> void __iomem *io;
> size_t size;
> + u16 orig_cmd;
>
> info.offset = VFIO_PCI_INDEX_TO_OFFSET(info.index);
> info.flags = 0;
> @@ -723,15 +724,23 @@ static long vfio_pci_ioctl(void *device_data,
> break;
> }
>
> - /* Is it really there? */
> - io = pci_map_rom(pdev, &size);
> - if (!io || !size) {
> - info.size = 0;
> - break;
> - }
> - pci_unmap_rom(pdev, io);
> + /*
> + * Is it really there? Enable memory decode for
> + * implicit access in pci_map_rom().
> + */
> + pci_read_config_word(pdev, PCI_COMMAND, &orig_cmd);
> + pci_write_config_word(pdev, PCI_COMMAND,
> + orig_cmd | PCI_COMMAND_MEMORY);
>
> - info.flags = VFIO_REGION_INFO_FLAG_READ;
> + io = pci_map_rom(pdev, &size);
> + if (io) {
> + info.flags = VFIO_REGION_INFO_FLAG_READ;
> + pci_unmap_rom(pdev, io);
> + } else {
> + info.size = 0;
> + }
> +
> + pci_write_config_word(pdev, PCI_COMMAND, orig_cmd);
> break;
> }
> case VFIO_PCI_VGA_REGION_INDEX:
