From mboxrd@z Thu Jan  1 00:00:00 1970
From: Alexander Graf <agraf@suse.de>
Subject: [PATCH 09/52] Fix DEC truncation for greater than 0xffff_ffff/1000
Date: Fri, 13 Jan 2012 15:31:12 +0100
Message-ID: <1326465115-5976-10-git-send-email-agraf@suse.de>
References: <1326465115-5976-1-git-send-email-agraf@suse.de>
Cc: kvm list <kvm@vger.kernel.org>, Avi Kivity <avi@redhat.com>,
	Marcelo Tosatti <mtosatti@redhat.com>,
	Bharat Bhushan <r65777@freescale.com>,
	Bharat Bhushan <bharat.bhushan@freescale.com>
To: kvm-ppc@vger.kernel.org
Return-path: <kvm-owner@vger.kernel.org>
Received: from cantor2.suse.de ([195.135.220.15]:59528 "EHLO mx2.suse.de"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1758267Ab2AMO6g (ORCPT <rfc822;kvm@vger.kernel.org>);
	Fri, 13 Jan 2012 09:58:36 -0500
In-Reply-To: <1326465115-5976-1-git-send-email-agraf@suse.de>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

From: Bharat Bhushan <r65777@freescale.com>

kvmppc_emulate_dec() uses dec_nsec of type unsigned long and does below calculation:

        dec_nsec = vcpu->arch.dec;
        dec_nsec *= 1000;
This will truncate if DEC value "vcpu->arch.dec" is greater than 0xffff_ffff/1000.
For example : For tb_ticks_per_usec = 4a, we can not set decrementer more than ~58ms.

Signed-off-by: Bharat Bhushan <bharat.bhushan@freescale.com>
Acked-by: Liu Yu <yu.liu@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
---
 arch/powerpc/kvm/emulate.c |   12 +++++++-----
 1 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/arch/powerpc/kvm/emulate.c b/arch/powerpc/kvm/emulate.c
index 141dce3..4337f99 100644
--- a/arch/powerpc/kvm/emulate.c
+++ b/arch/powerpc/kvm/emulate.c
@@ -84,6 +84,7 @@ static int kvmppc_dec_enabled(struct kvm_vcpu *vcpu)
 void kvmppc_emulate_dec(struct kvm_vcpu *vcpu)
 {
 	unsigned long dec_nsec;
+	unsigned long long dec_time;
 
 	pr_debug("mtDEC: %x\n", vcpu->arch.dec);
 #ifdef CONFIG_PPC_BOOK3S
@@ -103,11 +104,12 @@ void kvmppc_emulate_dec(struct kvm_vcpu *vcpu)
 		 * host ticks. */
 
 		hrtimer_try_to_cancel(&vcpu->arch.dec_timer);
-		dec_nsec = vcpu->arch.dec;
-		dec_nsec *= 1000;
-		dec_nsec /= tb_ticks_per_usec;
-		hrtimer_start(&vcpu->arch.dec_timer, ktime_set(0, dec_nsec),
-			      HRTIMER_MODE_REL);
+		dec_time = vcpu->arch.dec;
+		dec_time *= 1000;
+		do_div(dec_time, tb_ticks_per_usec);
+		dec_nsec = do_div(dec_time, NSEC_PER_SEC);
+		hrtimer_start(&vcpu->arch.dec_timer,
+			ktime_set(dec_time, dec_nsec), HRTIMER_MODE_REL);
 		vcpu->arch.dec_jiffies = get_tb();
 	} else {
 		hrtimer_try_to_cancel(&vcpu->arch.dec_timer);
-- 
1.6.0.2