Changeset 70050 in vbox

Timestamp:

Dec 10, 2017 5:28:20 PM (7 years ago)

Author:

vboxsync

Message:

Devices/OHCI: Don't touch others member of the endpoint descriptor when writing the head pointer HeadP and embedded flags back to the guest as it might corrupt data updated by the guest inbetween. This can result in TDs not being recognized later on because the linked list contains old data again. Some cleanups for the caching to make it more contained and less spread out over the code

File:

• trunk/src/VBox/Devices/USB/DevOHCI.cpp (modified) (26 diffs)

trunk/src/VBox/Devices/USB/DevOHCI.cpp

@@ -1305 +1305 @@
 }
 
-static void physReadStatsPrint(PCOHCIPHYSREADSTATS p)
+static void physReadStatsPrint(POHCIPHYSREADSTATS p)
 {
     p->ed.cMinReadsPerPage = RT_MIN(p->ed.cMinReadsPerPage, p->ed.cReadsLastPage);
@@ -1401 +1401 @@
 }
 
-static void ohciR3ReadEdCached(POHCI pThis, uint32_t EdAddr, POHCIED pEd)
-{
-    ohciR3PhysReadCacheRead(pThis, pThis->pCacheED, EdAddr, pEd, sizeof(*pEd));
-}
-
-static void ohciR3ReadTdCached(POHCI pThis, uint32_t TdAddr, POHCITD pTd)
-{
-    ohciR3PhysReadCacheRead(pThis, pThis->pCacheTD, TdAddr, pTd, sizeof(*pTd));
-}
-
-
 /**
  * Update any cached ED data with the given endpoint descriptor at the given address.
@@ -1422 +1411 @@
 DECLINLINE(void) ohciR3CacheEdUpdate(POHCI pThis, RTGCPHYS32 EdAddr, PCOHCIED pEd)
 {
-    ohciR3PhysCacheUpdate(pThis->pCacheED, EdAddr, pEd, sizeof(*pEd));
+    ohciR3PhysCacheUpdate(pThis->pCacheED, EdAddr + RT_OFFSETOF(OHCIED, HeadP), &pEd->HeadP, sizeof(uint32_t));
 }
 
@@ -1450 +1439 @@
     physReadStatsUpdateDesc(&g_PhysReadState.all, EdAddr);
 # endif
+#ifdef VBOX_WITH_OHCI_PHYS_READ_CACHE
+    ohciR3PhysReadCacheRead(pThis, pThis->pCacheED, EdAddr, pEd, sizeof(*pEd));
+#else
     ohciR3GetDWords(pThis, EdAddr, (uint32_t *)pEd, sizeof(*pEd) >> 2);
+#endif
 }
 
@@ -1462 +1455 @@
     physReadStatsUpdateDesc(&g_PhysReadState.all, TdAddr);
 # endif
+#ifdef VBOX_WITH_OHCI_PHYS_READ_CACHE
+    ohciR3PhysReadCacheRead(pThis, pThis->pCacheTD, TdAddr, pTd, sizeof(*pTd));
+#else
     ohciR3GetDWords(pThis, TdAddr, (uint32_t *)pTd, sizeof(*pTd) >> 2);
+#endif
 # ifdef LOG_ENABLED
     if (LogIs3Enabled())
@@ -1572 +1569 @@
 # endif
 
-    ohciR3PutDWords(pThis, EdAddr, (uint32_t *)pEd, sizeof(*pEd) >> 2);
+    ohciR3PutDWords(pThis, EdAddr + RT_OFFSETOF(OHCIED, HeadP), &pEd->HeadP, 1);
 #ifdef VBOX_WITH_OHCI_PHYS_READ_CACHE
     ohciR3CacheEdUpdate(pThis, EdAddr, pEd);
@@ -2417 +2414 @@
     }
 }
+
+
+/**
+ * Lock the given OHCI controller instance.
+ *
+ * @returns nothing.
+ * @param   pThis               The OHCI controller instance to lock.
+ */
+DECLINLINE(void) ohciR3Lock(POHCI pThis)
+{
+    RTCritSectEnter(&pThis->CritSect);
+
+# ifdef VBOX_WITH_OHCI_PHYS_READ_CACHE
+    /* Clear all caches here to avoid reading stale data from previous lock holders. */
+    ohciR3PhysReadCacheClear(pThis->pCacheED);
+    ohciR3PhysReadCacheClear(pThis->pCacheTD);
+# endif
+}
+
+
+/**
+ * Unlocks the given OHCI controller instance.
+ *
+ * @returns nothing.
+ * @param   pThis               The OHCI controller instance to unlock.
+ */
+DECLINLINE(void) ohciR3Unlock(POHCI pThis)
+{
+# ifdef VBOX_WITH_OHCI_PHYS_READ_CACHE
+    /*
+     * Clear all caches here to avoid leaving stale data behind (paranoia^2,
+     * already done in ohciR3Lock).
+     */
+    ohciR3PhysReadCacheClear(pThis->pCacheED);
+    ohciR3PhysReadCacheClear(pThis->pCacheTD);
+# endif
+
+    RTCritSectLeave(&pThis->CritSect);
+}
+
 
 /**
@@ -2724 +2761 @@
              pUrb->pszDesc, pUrb->pHci->EdAddr, pUrb->pHci->cTds, pUrb->paTds[0].TdAddr));
 
-    RTCritSectEnter(&pThis->CritSect);
+    ohciR3Lock(pThis);
     pThis->fIdle = false;   /* Mark as active */
 
@@ -2748 +2785 @@
              pUrb->pszDesc, pUrb->pHci->EdAddr, pUrb->pHci->cTds, pUrb->paTds[0].TdAddr, cFmAge));
         STAM_COUNTER_INC(&pThis->StatDroppedUrbs);
-        RTCritSectLeave(&pThis->CritSect);
+        ohciR3Unlock(pThis);
         return;
     }
@@ -2768 +2805 @@
         NOREF(fHasBeenCanceled);
         STAM_COUNTER_INC(&pThis->StatDroppedUrbs);
-        RTCritSectLeave(&pThis->CritSect);
+        ohciR3Unlock(pThis);
         return;
     }
@@ -2783 +2820 @@
     /* finally write back the endpoint descriptor. */
     ohciR3WriteEd(pThis, pUrb->pHci->EdAddr, &Ed);
-
-    RTCritSectLeave(&pThis->CritSect);
+    ohciR3Unlock(pThis);
 }
 
@@ -2818 +2854 @@
     }
 
-    RTCritSectEnter(&pThis->CritSect);
-
+    ohciR3Lock(pThis);
     bool fRetire = false;
     /*
@@ -2853 +2888 @@
     }
 
-    RTCritSectLeave(&pThis->CritSect);
+    ohciR3Unlock(pThis);
     return fRetire;
 }
@@ -2937 +2972 @@
          pUrb->pszDesc, TdAddr, EdAddr, pUrb->cbData));
 
-    RTCritSectLeave(&pThis->CritSect);
+    ohciR3Unlock(pThis);
     int rc = VUSBIRhSubmitUrb(pThis->RootHub.pIRhConn, pUrb, &pThis->RootHub.Led);
-    RTCritSectEnter(&pThis->CritSect);
+    ohciR3Lock(pThis);
     if (RT_SUCCESS(rc))
         return true;
@@ -2997 +3032 @@
 
     /* read the head */
-# ifdef VBOX_WITH_OHCI_PHYS_READ_CACHE
-    ohciR3ReadTdCached(pThis, TdAddr, &Head.Td);
-# else
     ohciR3ReadTd(pThis, TdAddr, &Head.Td);
-# endif
     ohciR3BufInit(&Head.Buf, Head.Td.cbp, Head.Td.be);
     Head.TdAddr = TdAddr;
@@ -3019 +3050 @@
         pCur->pNext = NULL;
         pCur->TdAddr = pTail->Td.NextTD & ED_PTR_MASK;
-# ifdef VBOX_WITH_OHCI_PHYS_READ_CACHE
-        ohciR3ReadTdCached(pThis, pCur->TdAddr, &pCur->Td);
-# else
         ohciR3ReadTd(pThis, pCur->TdAddr, &pCur->Td);
-# endif
         ohciR3BufInit(&pCur->Buf, pCur->Td.cbp, pCur->Td.be);
 
@@ -3114 +3141 @@
     Log(("%s: ohciR3ServiceTdMultiple: submitting cbData=%#x EdAddr=%#010x cTds=%d TdAddr0=%#010x\n",
          pUrb->pszDesc, pUrb->cbData, EdAddr, cTds, TdAddr));
-    RTCritSectLeave(&pThis->CritSect);
+    ohciR3Unlock(pThis);
     int rc = VUSBIRhSubmitUrb(pThis->RootHub.pIRhConn, pUrb, &pThis->RootHub.Led);
-    RTCritSectEnter(&pThis->CritSect);
+    ohciR3Lock(pThis);
     if (RT_SUCCESS(rc))
         return true;
@@ -3341 +3368 @@
     Log(("%s: ohciR3ServiceIsochronousTd: submitting cbData=%#x cIsocPkts=%d EdAddr=%#010x TdAddr=%#010x SF=%#x (%#x)\n",
          pUrb->pszDesc, pUrb->cbData, pUrb->cIsocPkts, EdAddr, ITdAddr, pITd->HwInfo & ITD_HWINFO_SF, pThis->HcFmNumber));
-    RTCritSectLeave(&pThis->CritSect);
+    ohciR3Unlock(pThis);
     int rc = VUSBIRhSubmitUrb(pThis->RootHub.pIRhConn, pUrb, &pThis->RootHub.Led);
-    RTCritSectEnter(&pThis->CritSect);
+    ohciR3Lock(pThis);
     if (RT_SUCCESS(rc))
         return true;
@@ -3529 +3556 @@
     {
         OHCIED Ed;
-# ifdef VBOX_WITH_OHCI_PHYS_READ_CACHE
-        ohciR3ReadEdCached(pThis, EdAddr, &Ed);
-# else
         ohciR3ReadEd(pThis, EdAddr, &Ed);
-# endif
         Assert(!(Ed.hwinfo & ED_HWINFO_ISO)); /* the guest is screwing us */
         if (ohciR3IsEdReady(&Ed))
@@ -3627 +3650 @@
     {
         OHCIED Ed;
-# ifdef VBOX_WITH_OHCI_PHYS_READ_CACHE
-        ohciR3ReadEdCached(pThis, EdAddr, &Ed);
-# else
+
         ohciR3ReadEd(pThis, EdAddr, &Ed);
-# endif
         Assert(!(Ed.hwinfo & ED_HWINFO_ISO)); /* the guest is screwing us */
         if (ohciR3IsEdPresent(&Ed))
@@ -3748 +3768 @@
     {
         OHCIED Ed;
-# ifdef VBOX_WITH_OHCI_PHYS_READ_CACHE
-        ohciR3ReadEdCached(pThis, EdAddr, &Ed);
-# else
+
         ohciR3ReadEd(pThis, EdAddr, &Ed);
-# endif
-
         if (ohciR3IsEdReady(&Ed))
         {
@@ -3916 +3932 @@
             OHCIED Ed;
             OHCITD Td;
-# ifdef VBOX_WITH_OHCI_PHYS_READ_CACHE
-            ohciR3ReadEdCached(pThis, EdAddr, &Ed);
-# else
+
             ohciR3ReadEd(pThis, EdAddr, &Ed);
-# endif
             uint32_t TdAddr = Ed.HeadP & ED_PTR_MASK;
             uint32_t TailP  = Ed.TailP & ED_PTR_MASK;
@@ -3932 +3945 @@
                 do
                 {
-# ifdef VBOX_WITH_OHCI_PHYS_READ_CACHE
-                    ohciR3ReadTdCached(pThis, TdAddr, &Td);
-# else
                     ohciR3ReadTd(pThis, TdAddr, &Td);
-# endif
                     j = ohciR3InFlightFind(pThis, TdAddr);
                     if (j > -1)
@@ -4099 +4108 @@
     POHCI pThis = VUSBIROOTHUBPORT_2_OHCI(pInterface);
 
-    RTCritSectEnter(&pThis->CritSect);
+    ohciR3Lock(pThis);
 
     /* Reset idle detection flag */
@@ -4106 +4115 @@
 # ifdef VBOX_WITH_OHCI_PHYS_READ_STATS
     physReadStatsReset(&g_PhysReadState);
-# endif
-
-# ifdef VBOX_WITH_OHCI_PHYS_READ_CACHE
-    ohciR3PhysReadCacheClear(pThis->pCacheED);
-    ohciR3PhysReadCacheClear(pThis->pCacheTD);
 # endif
 
@@ -4128 +4132 @@
 # endif
 
-    RTCritSectLeave(&pThis->CritSect);
-
+    ohciR3Unlock(pThis);
     return pThis->fIdle;
 }