[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-ppc] [PULL 18/62] spapr: Force SPAPR_MEMORY_BLOCK_SIZE to be a hwa
|
From: |
David Gibson |
|
Subject: |
[Qemu-ppc] [PULL 18/62] spapr: Force SPAPR_MEMORY_BLOCK_SIZE to be a hwaddr (64-bit) |
|
Date: |
Tue, 12 Mar 2019 19:52:32 +1100 |
From: David Gibson <address@hidden>
SPAPR_MEMORY_BLOCK_SIZE is logically a difference in memory addresses, and
hence of type hwaddr which is 64-bit. Previously it wasn't marked as such
which means that it could be treated as 32-bit. That will work in some
circumstances but if multiplied by another 32-bit value it could lead to
a 32-bit overflow and an incorrect result.
One specific instance of this in spapr_lmb_dt_populate() was spotted by
Coverity (CID 1399145).
Reported-by: Peter Maydell <address@hidden>
Signed-off-by: David Gibson <address@hidden>
---
include/hw/ppc/spapr.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h
index ff1bd60615..1311ebe28e 100644
--- a/include/hw/ppc/spapr.h
+++ b/include/hw/ppc/spapr.h
@@ -792,7 +792,7 @@ int spapr_rtc_import_offset(sPAPRRTCState *rtc, int64_t
legacy_offset);
#define TYPE_SPAPR_RNG "spapr-rng"
-#define SPAPR_MEMORY_BLOCK_SIZE (1 << 28) /* 256MB */
+#define SPAPR_MEMORY_BLOCK_SIZE ((hwaddr)1 << 28) /* 256MB */
/*
* This defines the maximum number of DIMM slots we can have for sPAPR
--
2.20.1
- [Qemu-ppc] [PULL 06/62] target/ppc: Implement large decrementer support for TCG, (continued)
- [Qemu-ppc] [PULL 06/62] target/ppc: Implement large decrementer support for TCG, David Gibson, 2019/03/12
- [Qemu-ppc] [PULL 24/62] ppc/pnv: export the xive_router_notify() routine, David Gibson, 2019/03/12
- [Qemu-ppc] [PULL 22/62] ppc: externalize ppc_get_vcpu_by_pir(), David Gibson, 2019/03/12
- [Qemu-ppc] [PULL 12/62] target/ppc/spapr: Enable mitigations by default for pseries-4.0 machine type, David Gibson, 2019/03/12
- [Qemu-ppc] [PULL 13/62] target/ppc: Move exception vector offset computation into a function, David Gibson, 2019/03/12
- [Qemu-ppc] [PULL 05/62] target/ppc/spapr: Add SPAPR_CAP_LARGE_DECREMENTER, David Gibson, 2019/03/12
- [Qemu-ppc] [PULL 21/62] ppc/xive: hardwire the Physical CAM line of the thread context, David Gibson, 2019/03/12
- [Qemu-ppc] [PULL 10/62] target/ppc/spapr: Add SPAPR_CAP_CCF_ASSIST, David Gibson, 2019/03/12
- [Qemu-ppc] [PULL 19/62] target/ppc/spapr: Enable H_PAGE_INIT in-kernel handling, David Gibson, 2019/03/12
- [Qemu-ppc] [PULL 23/62] ppc/xive: export the TIMA memory accessors, David Gibson, 2019/03/12
- [Qemu-ppc] [PULL 18/62] spapr: Force SPAPR_MEMORY_BLOCK_SIZE to be a hwaddr (64-bit),
David Gibson <=
- [Qemu-ppc] [PULL 07/62] target/ppc: Implement large decrementer support for KVM, David Gibson, 2019/03/12
- [Qemu-ppc] [PULL 25/62] ppc/pnv: change the CPU machine_data presenter type to Object *, David Gibson, 2019/03/12
- [Qemu-ppc] [PULL 02/62] vfio/spapr: Rename local systempagesize variable, David Gibson, 2019/03/12
- [Qemu-ppc] [PULL 14/62] target/ppc: Move handling of hardware breakpoints to a separate function, David Gibson, 2019/03/12
- [Qemu-ppc] [PULL 09/62] target/ppc/spapr: Add workaround option to SPAPR_CAP_IBS, David Gibson, 2019/03/12
- [Qemu-ppc] [PULL 04/62] Revert "spapr: support memory unplug for qtest", David Gibson, 2019/03/12
- [Qemu-ppc] [PULL 26/62] ppc/pnv: add a XIVE interrupt controller model for POWER9, David Gibson, 2019/03/12
- [Qemu-ppc] [PULL 08/62] target/ppc/spapr: Enable the large decrementer for pseries-4.0, David Gibson, 2019/03/12
- [Qemu-ppc] [PULL 03/62] spapr: Simulate CAS for qtest, David Gibson, 2019/03/12
- [Qemu-ppc] [PULL 11/62] target/ppc/tcg: make spapr_caps apply cap-[cfpc/sbbc/ibs] non-fatal for tcg, David Gibson, 2019/03/12