Re: [PATCH] MdeModulePkg/PciBusDxe: GetBarAttributes() returns Host address

[Laszlo Ersek <lersek@redhat.com>]

On 09/12/17 17:49, Ard Biesheuvel wrote:
> On 12 September 2017 at 01:40, Laszlo Ersek <lersek@redhat.com> wrote:
>> On 09/12/17 08:44, Ard Biesheuvel wrote:
>>> On 12 September 2017 at 06:01, Ni, Ruiyu <ruiyu.ni@intel.com> wrote:
>>>> Laszlo,
>>>> Your understanding is: DeviceAddress = HostAddress + AddressTranslationOffset
>>>> But my patch assumes: HostAddress = DeviceAddress + AddressTranslationOffset
>>>>
>>>> They are totally different. If I follow your understanding, the patch is wrong!
>>>> Since UEFI spec doesn't describe "apply to" in sentence " Offset to apply to the
>>>> Starting address of a BAR to convert it to a PCI address" very clearly, I quoted
>>>> the statement from ACPI spec.
>>>> Your understanding to "apply to" is "add", my understanding is "minus".
>>>>
>>>
>>> Even though we are stretching the ACPI definition of a QWord
>>> descriptor beyond its original meaning, I don't think there is a lot
>>> of ambiguity here, to be honest. The AddrRangeMin field contains the
>>> address on the secondary side of a bridge, and the primary value can
>>> be obtained by 'applying' the ATO. In my opinion, applying a (positive
>>> or negative) offset implies addition, not subtraction, as subtraction
>>> involves negating the second addend before applying it. And the
>>> secondary side of the host bridge is clearly the PCI side.
>>
>> Wait, now I'm even more confused.
>>
>> (1) Up-thread you wrote, "AddrRangeMin is indeed already defined to be a
>> host address [...]".
>>
> 
> Yes.
> 
>> (2) Here you write, "the secondary side of the host bridge is clearly
>> the PCI side [...] The AddrRangeMin field contains the address on the
>> secondary side of a bridge". --> This means that AddrRangeMin is a PCI
>> address.
>>
> 
> Right. Now *I* am even more confused.
> 
>> Thus, to me these statements appear to conflict.
>>
> 
> Yes they do, apologies.
> 
>>> It does mean the offset field is signed, though.
>>>
>>> So I don't agree with the conclusion that no clarification is
>>> required. We need to make sure the spec is crystal clear in this
>>> regard. But I do agree with the change, I think it is the only
>>> solution that makes sense.
>>
>> My understanding of "Table 121. QWORD Address Space Descriptor" is:
>>
>> - AddrRangeMin --> host address.
>>
>> - ATO --> the UINT64 value that the *caller* of GetBarAttributes() has
>>   to add, in UINT64 modular arithmetic, to AddrRangeMin, to calculate
>>   the PCI address, after GetBarAttributes() returns.
>>
>> Now, if I understand the *patch* correctly,
>>
>> - the current (pre-patch) code returns a PCI address in
>>   "Descriptor->AddrRangeMin", which is wrong,
>>
>> - in addition, we already have the ATO, in
>>   "Descriptor->AddrTranslationOffset", that we have to add to the PCI
>>   address, to end up with a host address.
>>
>> If that's the case, then I think the patch is good, but it is
>> incomplete. Namely,
>>
>> - To return a host address to the caller in "Descriptor->AddrRangeMin",
>>   we add the ATO to it, fetched from the Root Bridge IO protocol. Great.
>>
>> - However, think of what happens when the caller wants to recompute the
>>   PCI address! According to the UEFI spec, the ATO that the caller gets
>>   in the QWORD descriptor has to be *added* to AddrRangeMin. This means
>>   that, the client code would ultimately result in:
>>
>>   ClientSidePciAddress == (OriginalPciAddress + OriginalATO) + OriginalATO
>>
>> This makes no sense. In order to end up with the original PCI address,
>> the client side ATO must be the modular UINT64 *negative* of the
>> original ATO, so that they ultimately cancel out on the client side,
>> like this:
>>
>>   ClientSidePciAddress == (OriginalPciAddress + OriginalATO) + ClientSideATO
>>                        == (OriginalPciAddress + OriginalATO) + (-OriginalATO)
>>                        == OriginalPciAddress
>>
>> Therefore, I think that the patch must, *in addition*, negate the ATO
>> before returning, like this:
>>
>> +      Descriptor->AddrRangeMin += Descriptor->AddrTranslationOffset;
>> +      Descriptor->AddrTranslationOffset = (-Descriptor->AddrTranslationOffset);
>>
> 
> Ugh. I think you're right. But now, I am no longer convinced
> AddrRangeMin should contain the host address, given that we are
> inverting the sense of both the AddrRangeMin field and the translation
> offset.
> 
> So IIUC, if we were to decide that AddrRangeMin contains the raw BAR
> value, and the translation offset that needs to be applied to produce
> the CPU address is added to it, we are quite close to the intent of
> the definition of QWord, and our PCI I/O code is correct. Only in this
> case, we need to fix all users of the protocol (i.e., GOP producers)

I'd be totally OK with that...

> Given the low likelihood that this ever worked correctly for cases
> where the translation offset != 0, I think that is perhaps the best
> course of action.

...as long as the USWG agreed to invert the sense of the fields in the
UEFI spec, based on which the GOPs should be updated.

In practice this would mean reverting
<https://mantis.uefi.org/mantis/view.php?id=1502>. By now the fix for
Mantis#1502 has been in three released versions of the spec (one of the
2.5 Errata, 2.6 and 2.7).

I'm fine both ways, as long as code and spec are consistent. From a
development perspective though, I think the spec is harder to change
than the code, no matter how ugly the code ends up.

Thanks!
Laszlo