hw/acpi/nvdimm: Fix for NVDIMM incorrect DSM output buffer length

As per ACPI spec 6.3, Table 19-419 Object Conversion Rules, if the Buffer Field <= to the size of an Integer (in bits), it will be treated as an integer. Moreover, the integer size depends on DSDT tables revision number. If revision number is < 2, integer size is 32 bits, otherwise it is 64 bits. Current NVDIMM common DSM aml code (NCAL) uses CreateField() for creating DSM output buffer. This creates an issue in arm/virt platform where DSDT revision number is 2 and results in DSM buffer with a wrong size(8 bytes) gets returned when actual length is < 8 bytes. This causes guest kernel to report, "nfit ACPI0012:00: found a zero length table '0' parsing nfit" In order to fix this, aml code is now modified such that it builds the DSM output buffer in a byte by byte fashion when length is smaller than Integer size. Suggested-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Shameer Kolothum <shameerali.kolothum.thodi@huawei.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Message-Id: <20200421125934.14952-2-shameerali.kolothum.thodi@huawei.com> Acked-by: Peter Maydell <peter.maydell@linaro.org> Tested-by: Eric Auger <eric.auger@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
author: Shameer Kolothum <shameerali.kolothum.thodi@huawei.com> 2020-04-21 13:59:28 +0100
committer: Michael S. Tsirkin <mst@redhat.com> 2020-05-04 10:25:02 -0400
commit: 71b0269ae9a80cfd28c3b5946748b92ac8821334 (patch)
tree: c4f5164229076a6b10db54df2d9189dcef8f7dd0 /hw/acpi
parent: e3a99063af7bc78e51c19cb007acb646d381a9c7 (diff)
download: qemu-71b0269ae9a80cfd28c3b5946748b92ac8821334.zip
qemu-71b0269ae9a80cfd28c3b5946748b92ac8821334.tar.gz
qemu-71b0269ae9a80cfd28c3b5946748b92ac8821334.tar.bz2
1 files changed, 37 insertions, 3 deletions
diff --git a/hw/acpi/nvdimm.c b/hw/acpi/nvdimm.c
index eb6a37b..df07907 100644
--- a/hw/acpi/nvdimm.c
+++ b/hw/acpi/nvdimm.c
@@ -938,6 +938,7 @@ static void nvdimm_build_common_dsm(Aml *dev)
     Aml *method, *ifctx, *function, *handle, *uuid, *dsm_mem, *elsectx2;
     Aml *elsectx, *unsupport, *unpatched, *expected_uuid, *uuid_invalid;
     Aml *pckg, *pckg_index, *pckg_buf, *field, *dsm_out_buf, *dsm_out_buf_size;
+    Aml *whilectx, *offset;
     uint8_t byte_list[1];
 
     method = aml_method(NVDIMM_COMMON_DSM, 5, AML_SERIALIZED);
@@ -1091,13 +1092,46 @@ static void nvdimm_build_common_dsm(Aml *dev)
     /* RLEN is not included in the payload returned to guest. */
     aml_append(method, aml_subtract(aml_name(NVDIMM_DSM_OUT_BUF_SIZE),
                aml_int(4), dsm_out_buf_size));
+
+    /*
+     * As per ACPI spec 6.3, Table 19-419 Object Conversion Rules, if
+     * the Buffer Field <= to the size of an Integer (in bits), it will
+     * be treated as an integer. Moreover, the integer size depends on
+     * DSDT tables revision number. If revision number is < 2, integer
+     * size is 32 bits, otherwise it is 64 bits.
+     * Because of this CreateField() canot be used if RLEN < Integer Size.
+     *
+     * Also please note that APCI ASL operator SizeOf() doesn't support
+     * Integer and there isn't any other way to figure out the Integer
+     * size. Hence we assume 8 byte as Integer size and if RLEN < 8 bytes,
+     * build dsm_out_buf byte by byte.
+     */
+    ifctx = aml_if(aml_lless(dsm_out_buf_size, aml_int(8)));
+    offset = aml_local(2);
+    aml_append(ifctx, aml_store(aml_int(0), offset));
+    aml_append(ifctx, aml_name_decl("TBUF", aml_buffer(1, NULL)));
+    aml_append(ifctx, aml_store(aml_buffer(0, NULL), dsm_out_buf));
+
+    whilectx = aml_while(aml_lless(offset, dsm_out_buf_size));
+    /* Copy 1 byte at offset from ODAT to temporary buffer(TBUF). */
+    aml_append(whilectx, aml_store(aml_derefof(aml_index(
+                                   aml_name(NVDIMM_DSM_OUT_BUF), offset)),
+                                   aml_index(aml_name("TBUF"), aml_int(0))));
+    aml_append(whilectx, aml_concatenate(dsm_out_buf, aml_name("TBUF"),
+                                         dsm_out_buf));
+    aml_append(whilectx, aml_increment(offset));
+    aml_append(ifctx, whilectx);
+
+    aml_append(ifctx, aml_return(dsm_out_buf));
+    aml_append(method, ifctx);
+
+    /* If RLEN >= Integer size, just use CreateField() operator */
     aml_append(method, aml_store(aml_shiftleft(dsm_out_buf_size, aml_int(3)),
                                  dsm_out_buf_size));
     aml_append(method, aml_create_field(aml_name(NVDIMM_DSM_OUT_BUF),
                aml_int(0), dsm_out_buf_size, "OBUF"));
-    aml_append(method, aml_concatenate(aml_buffer(0, NULL), aml_name("OBUF"),
-                                       dsm_out_buf));
-    aml_append(method, aml_return(dsm_out_buf));
+    aml_append(method, aml_return(aml_name("OBUF")));
+
     aml_append(dev, method);
 }
author	Shameer Kolothum <shameerali.kolothum.thodi@huawei.com>	2020-04-21 13:59:28 +0100
committer	Michael S. Tsirkin <mst@redhat.com>	2020-05-04 10:25:02 -0400
commit	71b0269ae9a80cfd28c3b5946748b92ac8821334 (patch)
tree	c4f5164229076a6b10db54df2d9189dcef8f7dd0 /hw/acpi
parent	e3a99063af7bc78e51c19cb007acb646d381a9c7 (diff)
download	qemu-71b0269ae9a80cfd28c3b5946748b92ac8821334.zip qemu-71b0269ae9a80cfd28c3b5946748b92ac8821334.tar.gz qemu-71b0269ae9a80cfd28c3b5946748b92ac8821334.tar.bz2