[QEMU RFC] hw/mem/cxl_type3: add guard to avoid event log overflow during a DC extent add/release request

Fri, 11 Oct 2024 13:31:40 -0700 

From: Fan Ni <fan...@samsung.com>

One DC extent add/release request can take multiple DC extents.
For each extent in the request, one DC event record will be generated and
isnerted into the event log. All the event records for the request will be
grouped with the More flag (see CXL spec r3.1, Table 8-168 and 8-170).
If an overflow happens during the process, the yet-to-insert records will
get lost, leaving the device in a situation where it notifies the host
only part of the extents involved, and the host never surfacing the
extents received and waiting for the remaining extents.

Add a check in qmp_cxl_process_dynamic_capacity_prescriptive and ensure
the event log does not overflow during the process.

Currently we check the number of extents involved with the event
overflow threshold, do we need to tight the check and compare with
the remaining spot available in the event log?

Signed-off-by: Fan Ni <fan...@samsung.com>
---
 hw/cxl/cxl-events.c         | 2 --
 hw/mem/cxl_type3.c          | 7 +++++++
 include/hw/cxl/cxl_events.h | 3 +++
 3 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/hw/cxl/cxl-events.c b/hw/cxl/cxl-events.c
index 12dee2e467..05d8aae627 100644
--- a/hw/cxl/cxl-events.c
+++ b/hw/cxl/cxl-events.c
@@ -16,8 +16,6 @@
 #include "hw/cxl/cxl.h"
 #include "hw/cxl/cxl_events.h"
 
-/* Artificial limit on the number of events a log can hold */
-#define CXL_TEST_EVENT_OVERFLOW 8
 
 static void reset_overflow(CXLEventLog *log)
 {
diff --git a/hw/mem/cxl_type3.c b/hw/mem/cxl_type3.c
index 3d7289fa84..32668df365 100644
--- a/hw/mem/cxl_type3.c
+++ b/hw/mem/cxl_type3.c
@@ -2015,6 +2015,13 @@ static void 
qmp_cxl_process_dynamic_capacity_prescriptive(const char *path,
         num_extents++;
     }
 
+    if (num_extents > CXL_TEST_EVENT_OVERFLOW) {
+        error_setg(errp,
+                   "at most %d extents allowed in one add/release request",
+                   CXL_TEST_EVENT_OVERFLOW);
+       return;
+    }
+
     /* Create extent list for event being passed to host */
     i = 0;
     list = records;
diff --git a/include/hw/cxl/cxl_events.h b/include/hw/cxl/cxl_events.h
index 38cadaa0f3..2a6b57e3e6 100644
--- a/include/hw/cxl/cxl_events.h
+++ b/include/hw/cxl/cxl_events.h
@@ -12,6 +12,9 @@
 
 #include "qemu/uuid.h"
 
+/* Artificial limit on the number of events a log can hold */
+#define CXL_TEST_EVENT_OVERFLOW 8
+
 /*
  * CXL r3.1 section 8.2.9.2.2: Get Event Records (Opcode 0100h); Table 8-52
  *
-- 
2.43.0

Reply via email to