On Mon, 1 Feb 2021, Ben Widawsky wrote:
> > > > > +static int cxl_mem_setup_mailbox(struct cxl_mem *cxlm)
> > > > > +{
> > > > > + const int cap = cxl_read_mbox_reg32(cxlm,
> > > > > CXLDEV_MB_CAPS_OFFSET);
> > > > > +
> > > > > + cxlm->mbox.payload_size =
> > > > > + 1 << CXL_GET_FIELD(cap, CXLDEV_MB_CAP_PAYLOAD_SIZE);
> > > > > +
> > > > > + /* 8.2.8.4.3 */
> > > > > + if (cxlm->mbox.payload_size < 256) {
> > > > > + dev_err(&cxlm->pdev->dev, "Mailbox is too small (%zub)",
> > > > > + cxlm->mbox.payload_size);
> > > > > + return -ENXIO;
> > > > > + }
> > > >
> > > > Any reason not to check cxlm->mbox.payload_size > (1 << 20) as well and
> > > > return ENXIO if true?
> > >
> > > If some crazy vendor wanted to ship a mailbox larger than 1M, why should
> > > the
> > > driver not allow it?
> > >
> >
> > Because the spec disallows it :)
>
> I don't see it being the driver's responsibility to enforce spec correctness
> though. In certain cases, I need to use the spec, like I have to pick /some/
> mailbox timeout. For other cases...
>
> I'm not too familiar with what other similar drivers may or may not do in
> situations like this. The current 256 limit is mostly a reflection of that
> being
> too small to even support advertised mandatory commands. So things can't work
> in
> that scenario, but things can work if they have a larger register size (so
> long
> as the BAR advertises enough space).
>
I don't think things can work above 1MB, either, though. Section
8.2.8.4.5 specifies 20 bits to define the payload length, if this is
larger than cxlm->mbox.payload_size it would venture into the reserved
bits of the command register.
So is the idea to allow cxl_mem_setup_mailbox() to succeed with a payload
size > 1MB and then only check 20 bits for the command register?
