On Mon, 1 Feb 2021, Ben Widawsky wrote:
> > > > > > > > +static int cxl_mem_setup_mailbox(struct cxl_mem *cxlm)
> > > > > > > > +{
> > > > > > > > + const int cap = cxl_read_mbox_reg32(cxlm, CXLDEV_MB_CAPS_OFFSET);
> > > > > > > > +
> > > > > > > > + cxlm->mbox.payload_size =
> > > > > > > > + 1 << CXL_GET_FIELD(cap, CXLDEV_MB_CAP_PAYLOAD_SIZE);
> > > > > > > > +
> > > > > > > > + /* 8.2.8.4.3 */
> > > > > > > > + if (cxlm->mbox.payload_size < 256) {
> > > > > > > > + dev_err(&cxlm->pdev->dev, "Mailbox is too small (%zub)",
> > > > > > > > + cxlm->mbox.payload_size);
> > > > > > > > + return -ENXIO;
> > > > > > > > + }
> > > > > > >
> > > > > > > Any reason not to check cxlm->mbox.payload_size > (1 << 20) as well and
> > > > > > > return ENXIO if true?
> > > > > >
> > > > > > If some crazy vendor wanted to ship a mailbox larger than 1M, why should the
> > > > > > driver not allow it?
> > > > > >
> > > > >
> > > > > Because the spec disallows it :)
> > > >
> > > > I don't see it being the driver's responsibility to enforce spec correctness
> > > > though. In certain cases, I need to use the spec, like I have to pick /some/
> > > > mailbox timeout. For other cases...
> > > >
> > > > I'm not too familiar with what other similar drivers may or may not do in
> > > > situations like this. The current 256 limit is mostly a reflection of that being
> > > > too small to even support advertised mandatory commands. So things can't work in
> > > > that scenario, but things can work if they have a larger register size (so long
> > > > as the BAR advertises enough space).
> > > >
> > >
> > > I don't think things can work above 1MB, either, though. Section
> > > 8.2.8.4.5 specifies 20 bits to define the payload length, if this is
> > > larger than cxlm->mbox.payload_size it would venture into the reserved
> > > bits of the command register.
> > >
> > > So is the idea to allow cxl_mem_setup_mailbox() to succeed with a payload
> > > size > 1MB and then only check 20 bits for the command register?
> >
> > So it's probably a spec bug, but actually the payload size is 21 bits... I'll
> > check if that was a mistake.
>
> Well I guess they wanted to be able to specify 1M exactly... Spec should
> probably say you can't go over 1M
>
I think that's what 8.2.8.4.3 says, no? And then 8.2.8.4.5 says you
can use up to Payload Size. That's why my recommendation was to enforce
this in cxl_mem_setup_mailbox() up front.
