On Mon, 1 Feb 2021, Ben Widawsky wrote:

> > > > > +static int cxl_mem_setup_mailbox(struct cxl_mem *cxlm)
> > > > > +{
> > > > > +     const int cap = cxl_read_mbox_reg32(cxlm, 
> > > > > CXLDEV_MB_CAPS_OFFSET);
> > > > > +
> > > > > +     cxlm->mbox.payload_size =
> > > > > +             1 << CXL_GET_FIELD(cap, CXLDEV_MB_CAP_PAYLOAD_SIZE);
> > > > > +
> > > > > +     /* 8.2.8.4.3 */
> > > > > +     if (cxlm->mbox.payload_size < 256) {
> > > > > +             dev_err(&cxlm->pdev->dev, "Mailbox is too small (%zub)",
> > > > > +                     cxlm->mbox.payload_size);
> > > > > +             return -ENXIO;
> > > > > +     }
> > > > 
> > > > Any reason not to check cxlm->mbox.payload_size > (1 << 20) as well and 
> > > > return ENXIO if true?
> > > 
> > > If some crazy vendor wanted to ship a mailbox larger than 1M, why should 
> > > the
> > > driver not allow it?
> > > 
> > 
> > Because the spec disallows it :)
> 
> I don't see it being the driver's responsibility to enforce spec correctness
> though. In certain cases, I need to use the spec, like I have to pick /some/
> mailbox timeout. For other cases... 
> 
> I'm not too familiar with what other similar drivers may or may not do in
> situations like this. The current 256 limit is mostly a reflection of that 
> being
> too small to even support advertised mandatory commands. So things can't work 
> in
> that scenario, but things can work if they have a larger register size (so 
> long
> as the BAR advertises enough space).
> 

I don't think things can work above 1MB, either, though.  Section 
8.2.8.4.5 specifies 20 bits to define the payload length, if this is 
larger than cxlm->mbox.payload_size it would venture into the reserved 
bits of the command register.

So is the idea to allow cxl_mem_setup_mailbox() to succeed with a payload 
size > 1MB and then only check 20 bits for the command register?

Reply via email to