Re: [Qemu-devel] [PATCH] dma: rc4030: limit interval timer reload value

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] dma: rc4030: limit interval timer reload value

From:	Paolo Bonzini
Subject:	Re: [Qemu-devel] [PATCH] dma: rc4030: limit interval timer reload value
Date:	Thu, 10 Nov 2016 15:50:07 +0100
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0


On 10/11/2016 06:56, Gonglei (Arei) wrote:
> Any ideas about this fix?

It seems sensible, but perhaps the field is even smaller.  Let's CC
Hervé and Aurelien as I don't have a datasheet for this device.

Also, s->itr is used here:

    tm_hz = 1000 / (s->itr + 1);

    timer_mod(s->periodic_timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
                   NANOSECONDS_PER_SECOND / tm_hz);

and this is the same as

    timer_mod(s->periodic_timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
              NANOSECONDS_PER_SECOND / 1000 * (s->itr + 1));

so perhaps it's better to do it like that.

Paolo

>> -----Original Message-----
>> From: Qemu-devel
>> [mailto:address@hidden On
>> Behalf Of P J P
>> Sent: Wednesday, October 12, 2016 8:38 PM
>> To: Qemu Developers
>> Cc: Paolo Bonzini; Huawei PSIRT; Prasad J Pandit; Michael S. Tsirkin
>> Subject: [Qemu-devel] [PATCH] dma: rc4030: limit interval timer reload value
>>
>> From: Prasad J Pandit <address@hidden>
>>
>> The JAZZ RC4030 chipset emulator has a periodic timer and
>> associated interval reload register. The reload value is used
>> as divider when computing timer's next tick value. If reload
>> value is large, it could lead to divide by zero error. Limit
>> the interval reload value to avoid it.
>>
>> Reported-by: Huawei PSIRT <address@hidden>
>> Signed-off-by: Prasad J Pandit <address@hidden>
>> ---
>>  hw/dma/rc4030.c | 2 +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/hw/dma/rc4030.c b/hw/dma/rc4030.c
>> index 2f2576f..c1b4997 100644
>> --- a/hw/dma/rc4030.c
>> +++ b/hw/dma/rc4030.c
>> @@ -460,7 +460,7 @@ static void rc4030_write(void *opaque, hwaddr addr,
>> uint64_t data,
>>          break;
>>      /* Interval timer reload */
>>      case 0x0228:
>> -        s->itr = val;
>> +        s->itr = val & 0x01FF;
>>          qemu_irq_lower(s->timer_irq);
>>          set_next_tick(s);
>>          break;
>> --
>> 2.5.5
>>
> 
> 
>

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] [PATCH] dma: rc4030: limit interval timer reload value, Gonglei (Arei), 2016/11/10
- Re: [Qemu-devel] [PATCH] dma: rc4030: limit interval timer reload value, Paolo Bonzini <=
  - Re: [Qemu-devel] [PATCH] dma: rc4030: limit interval timer reload value, Hervé Poussineau, 2016/11/16
    - Re: [Qemu-devel] [PATCH] dma: rc4030: limit interval timer reload value, Gonglei (Arei), 2016/11/16
    - Re: [Qemu-devel] [PATCH] dma: rc4030: limit interval timer reload value, P J P, 2016/11/16
    - Re: [Qemu-devel] [PATCH] dma: rc4030: limit interval timer reload value, Hervé Poussineau, 2016/11/16
    - Re: [Qemu-devel] [PATCH] dma: rc4030: limit interval timer reload value, Paolo Bonzini, 2016/11/17

Prev by Date: Re: [Qemu-devel] [PULL 12/47] virtio: remove ioeventfd_disabled altogether
Next by Date: Re: [Qemu-devel] [PATCH 0/4] make SMBUS/SATA/PIT configurable and introduce
Previous by thread: Re: [Qemu-devel] [PATCH] dma: rc4030: limit interval timer reload value
Next by thread: Re: [Qemu-devel] [PATCH] dma: rc4030: limit interval timer reload value
Index(es):
- Date
- Thread