[PATCH 3/3] usb: xhci: Notify xen when DbC is unsafe to use

From: Connor Davis
Date: Tue May 11 2021 - 20:18:36 EST

Next message: Stephen Rothwell: "linux-next: manual merge of the amdgpu tree with the drm-misc tree"
Previous message: Connor Davis: "[PATCH 2/3] xen: Export dbgp functions when CONFIG_XEN_DOM0 is enabled"
In reply to: Boris Ostrovsky: "Re: [PATCH 2/3] xen: Export dbgp functions when CONFIG_XEN_DOM0 is enabled"
Next in thread: Greg Kroah-Hartman: "Re: [PATCH 3/3] usb: xhci: Notify xen when DbC is unsafe to use"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

When running as a dom0 guest on Xen, check if the USB3 debug
capability is enabled before xHCI reset, suspend, and resume. If it
is, call xen_dbgp_reset_prep() to notify Xen that it is unsafe to touch
MMIO registers until the next xen_dbgp_external_startup().

This notification allows Xen to avoid undefined behavior resulting
from MMIO access when the host controller's CNR bit is set or when
the device transitions to D3hot.

Signed-off-by: Connor Davis <connojdavis@xxxxxxxxx>
---
drivers/usb/host/xhci-dbgcap.h | 6 ++++
drivers/usb/host/xhci.c | 57 ++++++++++++++++++++++++++++++++++
drivers/usb/host/xhci.h | 1 +
3 files changed, 64 insertions(+)

diff --git a/drivers/usb/host/xhci-dbgcap.h b/drivers/usb/host/xhci-dbgcap.h
index c70b78d504eb..24784b82a840 100644
--- a/drivers/usb/host/xhci-dbgcap.h
+++ b/drivers/usb/host/xhci-dbgcap.h
@@ -227,4 +227,10 @@ static inline int xhci_dbc_resume(struct xhci_hcd *xhci)
return 0;
}
#endif /* CONFIG_USB_XHCI_DBGCAP */
+
+#ifdef CONFIG_XEN_DOM0
+int xen_dbgp_reset_prep(struct usb_hcd *hcd);
+int xen_dbgp_external_startup(struct usb_hcd *hcd);
+#endif /* CONFIG_XEN_DOM0 */
+
#endif /* __LINUX_XHCI_DBGCAP_H */
diff --git a/drivers/usb/host/xhci.c b/drivers/usb/host/xhci.c
index ca9385d22f68..afe44169183f 100644
--- a/drivers/usb/host/xhci.c
+++ b/drivers/usb/host/xhci.c
@@ -37,6 +37,57 @@ static unsigned long long quirks;
module_param(quirks, ullong, S_IRUGO);
MODULE_PARM_DESC(quirks, "Bit flags for quirks to be enabled as default");

+#ifdef CONFIG_XEN_DOM0
+#include <xen/xen.h>
+
+static void xhci_dbc_external_reset_prep(struct xhci_hcd *xhci)
+{
+ struct dbc_regs __iomem *regs;
+ void __iomem *base;
+ int dbc_cap;
+
+ if (!xen_initial_domain())
+ return;
+
+ base = &xhci->cap_regs->hc_capbase;
+ dbc_cap = xhci_find_next_ext_cap(base, 0, XHCI_EXT_CAPS_DEBUG);
+
+ if (!dbc_cap)
+ return;
+
+ xhci->external_dbc = 0;
+ regs = base + dbc_cap;
+
+ if (readl(&regs->control) & DBC_CTRL_DBC_ENABLE) {
+ if (xen_dbgp_reset_prep(xhci_to_hcd(xhci)))
+ xhci_dbg_trace(xhci, trace_xhci_dbg_init,
+ "// Failed to reset external DBC");
+ else {
+ xhci->external_dbc = 1;
+ xhci_dbg_trace(xhci, trace_xhci_dbg_init,
+ "// Completed reset of external DBC");
+ }
+ }
+}
+
+static void xhci_dbc_external_reset_done(struct xhci_hcd *xhci)
+{
+ if (!xen_initial_domain() || !xhci->external_dbc)
+ return;
+
+ if (xen_dbgp_external_startup(xhci_to_hcd(xhci)))
+ xhci->external_dbc = 0;
+}
+#else
+static void xhci_dbc_external_reset_prep(struct xhci_hcd *xhci)
+{
+}
+
+static void xhci_dbc_external_reset_done(struct xhci_hcd *xhci)
+{
+}
+#endif
+
static bool td_on_ring(struct xhci_td *td, struct xhci_ring *ring)
{
struct xhci_segment *seg = ring->first_seg;
@@ -180,6 +231,8 @@ int xhci_reset(struct xhci_hcd *xhci)
return 0;
}

+ xhci_dbc_external_reset_prep(xhci);
+
xhci_dbg_trace(xhci, trace_xhci_dbg_init, "// Reset the HC");
command = readl(&xhci->op_regs->command);
command |= CMD_RESET;
@@ -211,6 +264,8 @@ int xhci_reset(struct xhci_hcd *xhci)
*/
ret = xhci_handshake(&xhci->op_regs->status,
STS_CNR, 0, 10 * 1000 * 1000);
+ if (!ret)
+ xhci_dbc_external_reset_done(xhci);

xhci->usb2_rhub.bus_state.port_c_suspend = 0;
xhci->usb2_rhub.bus_state.suspended_ports = 0;
@@ -991,6 +1046,7 @@ int xhci_suspend(struct xhci_hcd *xhci, bool do_wakeup)
return 0;

xhci_dbc_suspend(xhci);
+ xhci_dbc_external_reset_prep(xhci);

/* Don't poll the roothubs on bus suspend. */
xhci_dbg(xhci, "%s: stopping port polling.\n", __func__);
@@ -1225,6 +1281,7 @@ int xhci_resume(struct xhci_hcd *xhci, bool hibernated)
spin_unlock_irq(&xhci->lock);

xhci_dbc_resume(xhci);
+ xhci_dbc_external_reset_done(xhci);

done:
if (retval == 0) {
diff --git a/drivers/usb/host/xhci.h b/drivers/usb/host/xhci.h
index 2595a8f057c4..61d8efc9eef2 100644
--- a/drivers/usb/host/xhci.h
+++ b/drivers/usb/host/xhci.h
@@ -1920,6 +1920,7 @@ struct xhci_hcd {
struct list_head regset_list;

void *dbc;
+ int external_dbc;
/* platform-specific data -- must come last */
unsigned long priv[] __aligned(sizeof(s64));
};
--
2.31.1

Next message: Stephen Rothwell: "linux-next: manual merge of the amdgpu tree with the drm-misc tree"
Previous message: Connor Davis: "[PATCH 2/3] xen: Export dbgp functions when CONFIG_XEN_DOM0 is enabled"
In reply to: Boris Ostrovsky: "Re: [PATCH 2/3] xen: Export dbgp functions when CONFIG_XEN_DOM0 is enabled"
Next in thread: Greg Kroah-Hartman: "Re: [PATCH 3/3] usb: xhci: Notify xen when DbC is unsafe to use"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]