[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 16/22] exec: Respect as_translate_internal length cla
From: |
Paolo Bonzini |
Subject: |
[Qemu-devel] [PULL 16/22] exec: Respect as_translate_internal length clamp |
Date: |
Tue, 28 Apr 2015 16:40:23 +0200 |
From: Peter Crosthwaite <address@hidden>
address_space_translate_internal will clamp the *plen length argument
based on the size of the memory region being queried. The iommu walker
logic in addresss_space_translate was ignoring this by discarding the
post fn call value of *plen. Fix by just always using *plen as the
length argument throughout the fn, removing the len local variable.
This fixes a bootloader bug when a single elf section spans multiple
QEMU memory regions.
Signed-off-by: Peter Crosthwaite <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
---
exec.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/exec.c b/exec.c
index 065f5e8..4717928 100644
--- a/exec.c
+++ b/exec.c
@@ -380,7 +380,6 @@ MemoryRegion *address_space_translate(AddressSpace *as,
hwaddr addr,
IOMMUTLBEntry iotlb;
MemoryRegionSection *section;
MemoryRegion *mr;
- hwaddr len = *plen;
rcu_read_lock();
for (;;) {
@@ -395,7 +394,7 @@ MemoryRegion *address_space_translate(AddressSpace *as,
hwaddr addr,
iotlb = mr->iommu_ops->translate(mr, addr, is_write);
addr = ((iotlb.translated_addr & ~iotlb.addr_mask)
| (addr & iotlb.addr_mask));
- len = MIN(len, (addr | iotlb.addr_mask) - addr + 1);
+ *plen = MIN(*plen, (addr | iotlb.addr_mask) - addr + 1);
if (!(iotlb.perm & (1 << is_write))) {
mr = &io_mem_unassigned;
break;
@@ -406,10 +405,9 @@ MemoryRegion *address_space_translate(AddressSpace *as,
hwaddr addr,
if (xen_enabled() && memory_access_is_direct(mr, is_write)) {
hwaddr page = ((addr & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE) - addr;
- len = MIN(page, len);
+ *plen = MIN(page, *plen);
}
- *plen = len;
*xlat = addr;
rcu_read_unlock();
return mr;
--
2.3.5
- [Qemu-devel] [PULL 06/22] dma-helpers: Fix race condition of continue_after_map_failure and dma_aio_cancel, (continued)
- [Qemu-devel] [PULL 06/22] dma-helpers: Fix race condition of continue_after_map_failure and dma_aio_cancel, Paolo Bonzini, 2015/04/28
- [Qemu-devel] [PULL 07/22] memory: add memory_region_ram_resize, Paolo Bonzini, 2015/04/28
- [Qemu-devel] [PULL 08/22] acpi-build: remove dependency from ram_addr.h, Paolo Bonzini, 2015/04/28
- [Qemu-devel] [PULL 09/22] sun4m: fix slavio sysctrl and led register sizes, Paolo Bonzini, 2015/04/28
- [Qemu-devel] [PULL 10/22] sb16: remove useless mixer_write_indexw, Paolo Bonzini, 2015/04/28
- [Qemu-devel] [PULL 11/22] gus: clean up MemoryRegionPortio, Paolo Bonzini, 2015/04/28
- [Qemu-devel] [PULL 12/22] ide: there is only one data port, Paolo Bonzini, 2015/04/28
- [Qemu-devel] [PULL 13/22] ioport: remove wrong comment, Paolo Bonzini, 2015/04/28
- [Qemu-devel] [PULL 14/22] ioport: loosen assertions on emulation of 16-bit ports, Paolo Bonzini, 2015/04/28
- [Qemu-devel] [PULL 15/22] ioport: reserve the whole range of an I/O port in the AddressSpace, Paolo Bonzini, 2015/04/28
- [Qemu-devel] [PULL 16/22] exec: Respect as_translate_internal length clamp,
Paolo Bonzini <=
- [Qemu-devel] [PULL 18/22] milkymist: do not modify libs-softmmu, Paolo Bonzini, 2015/04/28
- [Qemu-devel] [PULL 17/22] configure: Add support for tcmalloc, Paolo Bonzini, 2015/04/28
- [Qemu-devel] [PULL 19/22] Makefile.target: prepend $libs_softmmu to $LIBS, Paolo Bonzini, 2015/04/28
- [Qemu-devel] [PULL 21/22] translate-all: use bitmap helpers for PageDesc's bitmap, Paolo Bonzini, 2015/04/28
- [Qemu-devel] [PULL 20/22] target-i386: disable LINT0 after reset, Paolo Bonzini, 2015/04/28
- [Qemu-devel] [PULL 22/22] nbd/trivial: fix type cast for ioctl, Paolo Bonzini, 2015/04/28
- Re: [Qemu-devel] [PULL 00/22] Memory, TCG, NBD, build system changes for 2015-04-27, Peter Maydell, 2015/04/28