From 6bbba130993de09d0623eafe648b978351cb49f9 Mon Sep 17 00:00:00 2001 From: Xiao Wang Date: Thu, 16 Aug 2018 08:17:07 +0100 Subject: [PATCH 2/4] e1000e: Prevent MSI/MSI-X storms RH-Author: Xiao Wang Message-id: <1534407427-44794-3-git-send-email-jasowang@redhat.com> Patchwork-id: 81853 O-Subject: [RHEL-8.0 qemu-kvm PATCH 2/2] e1000e: Prevent MSI/MSI-X storms Bugzilla: 1596024 RH-Acked-by: wexu@redhat.com RH-Acked-by: Thomas Huth RH-Acked-by: Paolo Bonzini From: Jan Kiszka Only signal MSI/MSI-X events on rising edges. So far we re-triggered the interrupt sources even if the guest did no consumed the pending one, easily causing interrupt storms. Issue was observable with Linux 4.16 e1000e driver when MSI-X was used. Vector 2 was causing interrupt storms after the driver activated the device. Signed-off-by: Jan Kiszka Signed-off-by: Jason Wang (cherry picked from commit 4712c158c5276fd3c401152f4bb5c3fccf185946) Signed-off-by: Danilo C. L. de Paula --- hw/net/e1000e_core.c | 11 +++++++++++ hw/net/e1000e_core.h | 2 ++ 2 files changed, 13 insertions(+) diff --git a/hw/net/e1000e_core.c b/hw/net/e1000e_core.c index 9504891..2a221c2 100644 --- a/hw/net/e1000e_core.c +++ b/hw/net/e1000e_core.c @@ -2023,6 +2023,7 @@ e1000e_msix_notify_one(E1000ECore *core, uint32_t cause, uint32_t int_cfg) effective_eiac = core->mac[EIAC] & cause; core->mac[ICR] &= ~effective_eiac; + core->msi_causes_pending &= ~effective_eiac; if (!(core->mac[CTRL_EXT] & E1000_CTRL_EXT_IAME)) { core->mac[IMS] &= ~effective_eiac; @@ -2119,6 +2120,13 @@ e1000e_send_msi(E1000ECore *core, bool msix) { uint32_t causes = core->mac[ICR] & core->mac[IMS] & ~E1000_ICR_ASSERTED; + core->msi_causes_pending &= causes; + causes ^= core->msi_causes_pending; + if (causes == 0) { + return; + } + core->msi_causes_pending |= causes; + if (msix) { e1000e_msix_notify(core, causes); } else { @@ -2156,6 +2164,9 @@ e1000e_update_interrupt_state(E1000ECore *core) core->mac[ICS] = core->mac[ICR]; interrupts_pending = (core->mac[IMS] & core->mac[ICR]) ? true : false; + if (!interrupts_pending) { + core->msi_causes_pending = 0; + } trace_e1000e_irq_pending_interrupts(core->mac[ICR] & core->mac[IMS], core->mac[ICR], core->mac[IMS]); diff --git a/hw/net/e1000e_core.h b/hw/net/e1000e_core.h index 7d8ff41..63a1551 100644 --- a/hw/net/e1000e_core.h +++ b/hw/net/e1000e_core.h @@ -109,6 +109,8 @@ struct E1000Core { NICState *owner_nic; PCIDevice *owner; void (*owner_start_recv)(PCIDevice *d); + + uint32_t msi_causes_pending; }; void -- 1.8.3.1