From nobody Mon Feb 9 11:32:05 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=linux.intel.com ARC-Seal: i=1; a=rsa-sha256; t=1652106746; cv=none; d=zohomail.com; s=zohoarc; b=gQfTpC4cXsOGnWxqt6fHACOwY20nl10DahxQOhxYyYmazhRZxWHK7iPykdcqgOlvF4yPhJdhyUEogEbRaVFLAdIiewDJBenkUK9GgJdlCSiiRtd8eJ9czAVer0/SIBUeMnNnGQYn0YdUry+VqbsgWOgVYUuQOVpq/YQu15CJd4U= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1652106746; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=6a1bndGvPjjDiPFvA+NbFWInuxLtPMLiW1UrbfICtIo=; b=PceGRRbDeqmv1GqTzn/WOl5absC6RJuH8l4XRMvxxIG+g5NBoB9MLWJtNUe/3Bt4lHz00rwgUeLIh78EBK6fC28dY1q1XvQ/r8kmq1U8BFqXEQvx2aFu34RuS0htSoxhCRc+hAydLfSuS8zKhYHirNYStK0H1zDaTl0EexnC8/I= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=@intel.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1652106746654353.74171023011274; Mon, 9 May 2022 07:32:26 -0700 (PDT) Received: from localhost ([::1]:37064 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1no4Qz-0005hq-Lo for importer@patchew.org; Mon, 09 May 2022 10:32:25 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:38598) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1no4EQ-0002Mp-SZ; Mon, 09 May 2022 10:19:26 -0400 Received: from mga05.intel.com ([192.55.52.43]:24353) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1no4EP-0001Ef-4p; Mon, 09 May 2022 10:19:26 -0400 Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 May 2022 07:19:23 -0700 Received: from lmaniak-dev.elements.local ([10.55.249.72]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 May 2022 07:19:19 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1652105965; x=1683641965; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=T3j6nnZa5/IGQxypAhVXl35cX7LvpTIlvzv6DpCG0+E=; b=VIMSV9xkiMKjU6wGiJzIOjxjkYjxogVy8jgaQyNgTLqtbgdrmApo69Jp sPIJEoGOpnrGjyBLvyggW+XjekpBNDIiv0uFNs54Vwh7x84IZBdvRmY4Y 8QAV1zBrzgmXHpZdvj9NQulyCN1Bc3qBYaDywS5nLVwDhldK8iSitHV4b JyR7lKABllhIHunvJTiGbrAwWVpPTFJPdHgIfGKhC6PcHA1kN2qCDQBrs yAOaVnKIQjEVT2vPDhNouQr8puSA4pnpy5XrD+hLI0J+0DXmj6kAFW6Cz C2BdIEImBANF2BRPhnmAIjPWHbOxxPICW+T/uxIwR5vx0xcnapwtPj8Wq Q==; X-IronPort-AV: E=McAfee;i="6400,9594,10342"; a="355490911" X-IronPort-AV: E=Sophos;i="5.91,211,1647327600"; d="scan'208";a="355490911" X-IronPort-AV: E=Sophos;i="5.91,211,1647327600"; d="scan'208";a="622987381" From: Lukasz Maniak To: qemu-devel@nongnu.org Cc: qemu-block@nongnu.org, ani@anisinha.ca, armbru@redhat.com, f4bug@amsat.org, fam@euphon.net, hreitz@redhat.com, imammedo@redhat.com, its@irrelevant.dk, kbusch@kernel.org, k.jensen@samsung.com, kwolf@redhat.com, lukasz.gieryk@linux.intel.com, lukasz.maniak@linux.intel.com, marcel.apfelbaum@gmail.com, mst@redhat.com, stefanha@redhat.com, xypron.glpk@gmx.de Subject: [PATCH v8 12/12] hw/acpi: Make the PCI hot-plug aware of SR-IOV Date: Mon, 9 May 2022 16:16:20 +0200 Message-Id: <20220509141620.3868733-13-lukasz.maniak@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220509141620.3868733-1-lukasz.maniak@linux.intel.com> References: <20220509141620.3868733-1-lukasz.maniak@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: none client-ip=192.55.52.43; envelope-from=lukasz.maniak@linux.intel.com; helo=mga05.intel.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.082, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @intel.com) X-ZM-MESSAGEID: 1652106748963100001 From: =C5=81ukasz Gieryk PCI device capable of SR-IOV support is a new, still-experimental feature with only a single working example of the Nvme device. This patch in an attempt to fix a double-free problem when a SR-IOV-capable Nvme device is hot-unplugged in the following scenario: Qemu CLI: Acked-by: Michael S. Tsirkin Reviewed-by: Klaus Jensen Reviewed-by: Michael S. Tsirkin --------- -device pcie-root-port,slot=3D0,id=3Drp0 -device nvme-subsys,id=3Dsubsys0 -device nvme,id=3Dnvme0,bus=3Drp0,serial=3Ddeadbeef,subsys=3Dsubsys0,sriov_= max_vfs=3D1,sriov_vq_flexible=3D2,sriov_vi_flexible=3D1 Guest OS: --------- sudo nvme virt-mgmt /dev/nvme0 -c 0 -r 1 -a 1 -n 0 sudo nvme virt-mgmt /dev/nvme0 -c 0 -r 0 -a 1 -n 0 echo 1 > /sys/bus/pci/devices/0000:01:00.0/reset sleep 1 echo 1 > /sys/bus/pci/devices/0000:01:00.0/sriov_numvfs nvme virt-mgmt /dev/nvme0 -c 1 -r 1 -a 8 -n 1 nvme virt-mgmt /dev/nvme0 -c 1 -r 0 -a 8 -n 2 nvme virt-mgmt /dev/nvme0 -c 1 -r 0 -a 9 -n 0 sleep 2 echo 01:00.1 > /sys/bus/pci/drivers/nvme/bind Qemu monitor: ------------- device_del nvme0 Explanation of the problem and the proposed solution: 1) The current SR-IOV implementation assumes it=E2=80=99s the PhysicalFunct= ion that creates and deletes VirtualFunctions. 2) It=E2=80=99s a design decision (the Nvme device at least) for the VFs to= be of the same class as PF. Effectively, they share the dc->hotpluggable value. 3) When a VF is created, it=E2=80=99s added as a child node to PF=E2=80=99s= PCI bus slot. 4) Monitor/device_del triggers the ACPI mechanism. The implementation is not aware of SR/IOV and ejects PF=E2=80=99s PCI slot, directly unrealizi= ng all hot-pluggable (!acpi_pcihp_pc_no_hotplug) children nodes. 5) VFs are unrealized directly, and it doesn=E2=80=99t work well with (1). SR/IOV structures are not updated, so when it=E2=80=99s PF=E2=80=99s tur= n to be unrealized, it works on stale pointers to already-deleted VFs. The proposed fix is to make the PCI ACPI code aware of SR/IOV. Signed-off-by: =C5=81ukasz Gieryk Acked-by: Michael S. Tsirkin Reviewed-by: Klaus Jensen Reviewed-by: Michael S. Tsirkin --- hw/acpi/pcihp.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/hw/acpi/pcihp.c b/hw/acpi/pcihp.c index bf65bbea494..84d75e6b846 100644 --- a/hw/acpi/pcihp.c +++ b/hw/acpi/pcihp.c @@ -192,8 +192,12 @@ static bool acpi_pcihp_pc_no_hotplug(AcpiPciHpState *s= , PCIDevice *dev) * ACPI doesn't allow hotplug of bridge devices. Don't allow * hot-unplug of bridge devices unless they were added by hotplug * (and so, not described by acpi). + * + * Don't allow hot-unplug of SR-IOV Virtual Functions, as they + * will be removed implicitly, when Physical Function is unplugged. */ - return (pc->is_bridge && !dev->qdev.hotplugged) || !dc->hotpluggable; + return (pc->is_bridge && !dev->qdev.hotplugged) || !dc->hotpluggable || + pci_is_vf(dev); } =20 static void acpi_pcihp_eject_slot(AcpiPciHpState *s, unsigned bsel, unsign= ed slots) --=20 2.25.1