Re: [Qemu-ppc] [PULL 06/11] hw/ide: Emulate SiI3112 SATA controller

qemu-ppc

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-ppc] [PULL 06/11] hw/ide: Emulate SiI3112 SATA controller

From:	Peter Maydell
Subject:	Re: [Qemu-ppc] [PULL 06/11] hw/ide: Emulate SiI3112 SATA controller
Date:	Thu, 18 Jan 2018 12:07:40 +0000

On 11 January 2018 at 04:59, David Gibson <address@hidden> wrote:
> From: BALATON Zoltan <address@hidden>
>
> This is a common generic PCI SATA controller that is also used in PCs
> but more importantly guests running on the Sam460ex board prefer this
> card and have a driver for it (unlike for other SATA controllers
> already emulated).
>
> Signed-off-by: BALATON Zoltan <address@hidden>
> Acked-by: John Snow <address@hidden>
> Signed-off-by: David Gibson <address@hidden>
> ---

> +    case 0x10:
> +        val = d->i.bmdma[0].cmd;
> +        val |= (d->regs[0].confstat & (1UL << 11) ? (1 << 4) : 0); 
> /*SATAINT0*/
> +        val |= (d->regs[1].confstat & (1UL << 11) ? (1 << 6) : 0); 
> /*SATAINT1*/
> +        val |= (d->i.bmdma[1].status & BM_STATUS_INT ? (1 << 14) : 0);
> +        val |= d->i.bmdma[0].status << 16;
> +        val |= d->i.bmdma[1].status << 24;
> +        break;

Hi. Coverity points out (CID 1385151) that the << 24 here will
potentially inadvertently set the high 32 bits of val if the top
bit in bmdma[1].status is 1. (This is because in x << 24 where
x is uint8_t x gets promoted to signed int, and then when that
signed int with a high bit set is converted to uint64_t for the
logical or it's done by sign-extending.

Adding a cast, like
  val |= (uint32_t)d->i.bmdma[1].status << 24;

should fix this.

thanks
-- PMM

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-ppc] [PULL 02/11] sm501: Add panel hardware cursor registers also to read function, (continued)
- [Qemu-ppc] [PULL 02/11] sm501: Add panel hardware cursor registers also to read function, David Gibson, 2018/01/11
- [Qemu-ppc] [PULL 03/11] sm501: Add some more unimplemented registers, David Gibson, 2018/01/11
  - Re: [Qemu-ppc] [PULL 03/11] sm501: Add some more unimplemented registers, Peter Maydell, 2018/01/18
    - Re: [Qemu-ppc] [PULL 03/11] sm501: Add some more unimplemented registers, BALATON Zoltan, 2018/01/18
- [Qemu-ppc] [PULL 10/11] hw/ppc: Remove the deprecated spapr-pci-vfio-host-bridge device, David Gibson, 2018/01/11
- [Qemu-ppc] [PULL 09/11] Update dtc to fix compilation problem on Mac OS 10.6, David Gibson, 2018/01/11
- [Qemu-ppc] [PULL 05/11] spapr_pci: use warn_report(), David Gibson, 2018/01/11
- [Qemu-ppc] [PULL 11/11] spapr: Correct compatibility mode setting for hotplugged CPUs, David Gibson, 2018/01/11
- [Qemu-ppc] [PULL 04/11] ppc4xx_i2c: Implement basic I2C functions, David Gibson, 2018/01/11
- [Qemu-ppc] [PULL 06/11] hw/ide: Emulate SiI3112 SATA controller, David Gibson, 2018/01/11
  - Re: [Qemu-ppc] [PULL 06/11] hw/ide: Emulate SiI3112 SATA controller, Peter Maydell <=
    - Re: [Qemu-ppc] [PULL 06/11] hw/ide: Emulate SiI3112 SATA controller, BALATON Zoltan, 2018/01/18
  - Re: [Qemu-ppc] [PULL 06/11] hw/ide: Emulate SiI3112 SATA controller, Peter Maydell, 2018/01/18
- [Qemu-ppc] [PULL 07/11] ppc/pnv: change powernv_ prefix to pnv_ for overall naming consistency, David Gibson, 2018/01/11
- [Qemu-ppc] [PULL 08/11] target/ppc: more use of the PPC_*() macros, David Gibson, 2018/01/11
- [Qemu-ppc] [PULL 01/11] pseries: Update SLOF firmware image to qemu-slof-20171214, David Gibson, 2018/01/11
- Re: [Qemu-ppc] [PULL 00/11] ppc-for-2.12 queue 20180111, Peter Maydell, 2018/01/11

Prev by Date: Re: [Qemu-ppc] [PULL 03/11] sm501: Add some more unimplemented registers
Next by Date: Re: [Qemu-ppc] [PULL 06/11] hw/ide: Emulate SiI3112 SATA controller
Previous by thread: [Qemu-ppc] [PULL 06/11] hw/ide: Emulate SiI3112 SATA controller
Next by thread: Re: [Qemu-ppc] [PULL 06/11] hw/ide: Emulate SiI3112 SATA controller
Index(es):
- Date
- Thread