On Mon, 1 Feb 2021, Ben Widawsky wrote: > > > > > +static int cxl_mem_setup_mailbox(struct cxl_mem *cxlm) > > > > > +{ > > > > > + const int cap = cxl_read_mbox_reg32(cxlm, CXLDEV_MB_CAPS_OFFSET); > > > > > + > > > > > + cxlm->mbox.payload_size = > > > > > + 1 << CXL_GET_FIELD(cap, CXLDEV_MB_CAP_PAYLOAD_SIZE); > > > > > + > > > > > + /* 8.2.8.4.3 */ > > > > > + if (cxlm->mbox.payload_size < 256) { > > > > > + dev_err(&cxlm->pdev->dev, "Mailbox is too small (%zub)", > > > > > + cxlm->mbox.payload_size); > > > > > + return -ENXIO; > > > > > + } > > > > > > > > Any reason not to check cxlm->mbox.payload_size > (1 << 20) as well and > > > > return ENXIO if true? > > > > > > If some crazy vendor wanted to ship a mailbox larger than 1M, why should the > > > driver not allow it? > > > > > > > Because the spec disallows it :) > > I don't see it being the driver's responsibility to enforce spec correctness > though. In certain cases, I need to use the spec, like I have to pick /some/ > mailbox timeout. For other cases... > > I'm not too familiar with what other similar drivers may or may not do in > situations like this. The current 256 limit is mostly a reflection of that being > too small to even support advertised mandatory commands. So things can't work in > that scenario, but things can work if they have a larger register size (so long > as the BAR advertises enough space). > I don't think things can work above 1MB, either, though. Section 8.2.8.4.5 specifies 20 bits to define the payload length, if this is larger than cxlm->mbox.payload_size it would venture into the reserved bits of the command register. So is the idea to allow cxl_mem_setup_mailbox() to succeed with a payload size > 1MB and then only check 20 bits for the command register?