From: Paolo Bonzini <pbonzini@redhat.com>
To: Alex Williamson <alex.williamson@redhat.com>
Cc: rth@twiddle.net, lersek@redhat.com, qemu-devel@nongnu.org,
qemu-stable@nongnu.org
Subject: Re: [Qemu-devel] [PATCH v4] exec: Fix non-power-of-2 sized accesses
Date: Sat, 17 Aug 2013 08:33:51 +0200 [thread overview]
Message-ID: <520F194F.1030501@redhat.com> (raw)
In-Reply-To: <20130816215706.23647.80992.stgit@bling.home>
Il 16/08/2013 23:58, Alex Williamson ha scritto:
> Since commit 23326164 we align access sizes to match the alignment of
> the address, but we don't align the access size itself. This means we
> let illegal access sizes (ex. 3) slip through if the address is
> sufficiently aligned (ex. 4). This results in an abort which would be
> easy for a guest to trigger. Account for aligning the access size.
Is it the same as this?
http://lists.gnu.org/archive/html/qemu-devel/2013-07/msg05398.html
(which perhaps is buggy as your v1/v2/v3 :))?
Paolo
> Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
> Cc: qemu-stable@nongnu.org
> ---
>
> v4: KISS
> v3: Highest power of 2, not lowest
> v2: Remove unnecessary loop condition
>
> exec.c | 18 +++++++++++++-----
> 1 file changed, 13 insertions(+), 5 deletions(-)
>
> diff --git a/exec.c b/exec.c
> index 3ca9381..67a822c 100644
> --- a/exec.c
> +++ b/exec.c
> @@ -1924,12 +1924,20 @@ static int memory_access_size(MemoryRegion *mr, unsigned l, hwaddr addr)
> }
> }
>
> - /* Don't attempt accesses larger than the maximum. */
> - if (l > access_size_max) {
> - l = access_size_max;
> + /* Don't attempt accesses larger than the maximum or unsupported sizes. */
> + if (l >= access_size_max) {
> + return access_size_max;
> + } else {
> + if (l >= 8) {
> + return 8;
> + } else if (l >= 4) {
> + return 4;
> + } else if (l >= 2) {
> + return 2;
> + } else {
> + return 1;
> + }
> }
> -
> - return l;
> }
>
> bool address_space_rw(AddressSpace *as, hwaddr addr, uint8_t *buf,
>
>
>
next prev parent reply other threads:[~2013-08-17 6:34 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-08-16 21:58 [Qemu-devel] [PATCH v4] exec: Fix non-power-of-2 sized accesses Alex Williamson
2013-08-17 6:33 ` Paolo Bonzini [this message]
2013-08-17 15:19 ` Alex Williamson
2013-08-17 8:23 ` Laszlo Ersek
2013-08-17 9:16 ` Laszlo Ersek
2013-08-17 15:14 ` Alex Williamson
2013-08-17 17:58 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=520F194F.1030501@redhat.com \
--to=pbonzini@redhat.com \
--cc=alex.williamson@redhat.com \
--cc=lersek@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-stable@nongnu.org \
--cc=rth@twiddle.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.