git: e8b3ca9a1d02 - stable/15 - vmm: Initialize AMD IOMMU command buffers
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 02 Mar 2026 00:51:16 UTC
The branch stable/15 has been updated by chuck:
URL: https://cgit.FreeBSD.org/src/commit/?id=e8b3ca9a1d02298b379fb034348b446bcaaf0974
commit e8b3ca9a1d02298b379fb034348b446bcaaf0974
Author: Chuck Tuffli <chuck@FreeBSD.org>
AuthorDate: 2025-11-12 15:39:29 +0000
Commit: Chuck Tuffli <chuck@FreeBSD.org>
CommitDate: 2026-03-01 15:39:10 +0000
vmm: Initialize AMD IOMMU command buffers
The driver communicates with the AMD IOMMU by writing to the tail of a
fixed length command ring buffer. After issuing cmd_max commands, the
tail pointer wraps back to the beginning of the ring buffer. Now, each
command buffer entry will contain content from previous commands which
may set bits in fields marked as Reserved for the current command. In
some cases, the hardware will return an ILLEGAL_COMMAND_ERROR event when
this occurs.
Fix is to memset the command buffer prior to use.
PR: 270966
(cherry picked from commit 6e68cd8666e14db265f00e9ee59b670ca2964e0d)
---
sys/amd64/vmm/amd/amdvi_hw.c | 10 +---------
1 file changed, 1 insertion(+), 9 deletions(-)
diff --git a/sys/amd64/vmm/amd/amdvi_hw.c b/sys/amd64/vmm/amd/amdvi_hw.c
index 831c31277570..4dd0339654a9 100644
--- a/sys/amd64/vmm/amd/amdvi_hw.c
+++ b/sys/amd64/vmm/amd/amdvi_hw.c
@@ -274,6 +274,7 @@ amdvi_get_cmd_tail(struct amdvi_softc *softc)
tail = (struct amdvi_cmd *)((uint8_t *)softc->cmd +
ctrl->cmd_tail);
+ memset(tail, 0, sizeof(*tail));
return (tail);
}
@@ -316,7 +317,6 @@ amdvi_cmd_cmp(struct amdvi_softc *softc, const uint64_t data)
uint64_t pa;
cmd = amdvi_get_cmd_tail(softc);
- KASSERT(cmd != NULL, ("Cmd is NULL"));
pa = vtophys(&softc->cmp_data);
cmd->opcode = AMDVI_CMP_WAIT_OPCODE;
@@ -334,7 +334,6 @@ amdvi_cmd_inv_dte(struct amdvi_softc *softc, uint16_t devid)
struct amdvi_cmd *cmd;
cmd = amdvi_get_cmd_tail(softc);
- KASSERT(cmd != NULL, ("Cmd is NULL"));
cmd->opcode = AMDVI_INVD_DTE_OPCODE;
cmd->word0 = devid;
amdvi_update_cmd_tail(softc);
@@ -352,7 +351,6 @@ amdvi_cmd_inv_iommu_pages(struct amdvi_softc *softc, uint16_t domain_id,
struct amdvi_cmd *cmd;
cmd = amdvi_get_cmd_tail(softc);
- KASSERT(cmd != NULL, ("Cmd is NULL"));
cmd->opcode = AMDVI_INVD_PAGE_OPCODE;
cmd->word1 = domain_id;
@@ -383,7 +381,6 @@ amdvi_cmd_inv_iotlb(struct amdvi_softc *softc, uint16_t devid)
qlen, RID2PCI_STR(devid));
}
cmd = amdvi_get_cmd_tail(softc);
- KASSERT(cmd != NULL, ("Cmd is NULL"));
#ifdef AMDVI_DEBUG_CMD
device_printf(softc->dev, "Invalidate IOTLB devID 0x%x"
@@ -406,7 +403,6 @@ amdvi_cmd_inv_intr_map(struct amdvi_softc *softc,
struct amdvi_cmd *cmd;
cmd = amdvi_get_cmd_tail(softc);
- KASSERT(cmd != NULL, ("Cmd is NULL"));
cmd->opcode = AMDVI_INVD_INTR_OPCODE;
cmd->word0 = devid;
amdvi_update_cmd_tail(softc);
@@ -420,10 +416,6 @@ amdvi_cmd_inv_intr_map(struct amdvi_softc *softc,
static void
amdvi_inv_domain(struct amdvi_softc *softc, uint16_t domain_id)
{
- struct amdvi_cmd *cmd __diagused;
-
- cmd = amdvi_get_cmd_tail(softc);
- KASSERT(cmd != NULL, ("Cmd is NULL"));
/*
* See section 3.3.3 of IOMMU spec rev 2.0, software note