From: Michael Roth <mdroth@linux.vnet.ibm.com>
To: qemu-devel@nongnu.org
Cc: lersek@redhat.com, qemu-stable@nongnu.org, Petar.Jovanovic@imgtec.com
Subject: [Qemu-devel] [PATCH 50/51] memory: fix limiting of translation at a page boundary
Date: Fri, 21 Feb 2014 02:17:26 -0600 [thread overview]
Message-ID: <1392970647-21528-51-git-send-email-mdroth@linux.vnet.ibm.com> (raw)
In-Reply-To: <1392970647-21528-1-git-send-email-mdroth@linux.vnet.ibm.com>
From: Paolo Bonzini <pbonzini@redhat.com>
Commit 360e607 (address_space_translate: do not cross page boundaries,
2014-01-30) broke MMIO accesses in cases where the section is shorter
than the full register width. This can happen for example with the
Bochs DISPI registers, which are 16 bits wide but have only a 1-byte
long MemoryRegion (if you write to the "second byte" of the register
your access is discarded; it doesn't write only to half of the register).
Restrict the action of commit 360e607 to direct RAM accesses. This
is enough for Xen, since MMIO will not go through the mapcache.
Reported-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
(cherry picked from commit a87f39543a9259f671c5413723311180ee2ad2a8)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
---
exec.c | 29 +++++++++++++++++------------
1 file changed, 17 insertions(+), 12 deletions(-)
diff --git a/exec.c b/exec.c
index df94429..b324fcc 100644
--- a/exec.c
+++ b/exec.c
@@ -266,6 +266,18 @@ address_space_translate_internal(AddressSpaceDispatch *d, hwaddr addr, hwaddr *x
return section;
}
+static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write)
+{
+ if (memory_region_is_ram(mr)) {
+ return !(is_write && mr->readonly);
+ }
+ if (memory_region_is_romd(mr)) {
+ return !is_write;
+ }
+
+ return false;
+}
+
MemoryRegion *address_space_translate(AddressSpace *as, hwaddr addr,
hwaddr *xlat, hwaddr *plen,
bool is_write)
@@ -295,6 +307,11 @@ MemoryRegion *address_space_translate(AddressSpace *as, hwaddr addr,
as = iotlb.target_as;
}
+ if (memory_access_is_direct(mr, is_write)) {
+ hwaddr page = ((addr & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE) - addr;
+ len = MIN(page, len);
+ }
+
*plen = len;
*xlat = addr;
return mr;
@@ -1815,18 +1832,6 @@ static void invalidate_and_set_dirty(hwaddr addr,
xen_modified_memory(addr, length);
}
-static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write)
-{
- if (memory_region_is_ram(mr)) {
- return !(is_write && mr->readonly);
- }
- if (memory_region_is_romd(mr)) {
- return !is_write;
- }
-
- return false;
-}
-
static int memory_access_size(MemoryRegion *mr, unsigned l, hwaddr addr)
{
unsigned access_size_max = mr->ops->valid.max_access_size;
--
1.7.9.5
next prev parent reply other threads:[~2014-02-21 8:19 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-02-21 8:16 [Qemu-devel] Patch Round-up for stable 1.7.1, freeze on 2013-02-27 Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 01/51] virtio-ccw: move virtio_ccw_stop_ioeventfd to virtio_ccw_busdev_unplug Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 02/51] virtio-bus: remove vdev field Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 03/51] virtio-ccw: " Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 04/51] virtio-pci: " Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 05/51] virtio-bus: cleanup plug/unplug interface Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 06/51] virtio-blk: switch exit callback to VirtioDeviceClass Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 07/51] virtio-serial: " Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 08/51] virtio-net: " Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 09/51] virtio-scsi: " Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 10/51] virtio-balloon: " Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 11/51] virtio-rng: " Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 12/51] virtio-pci: add device_unplugged callback Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 13/51] scsi-bus: fix transfer length and direction for VERIFY command Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 14/51] scsi-disk: fix VERIFY emulation Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 15/51] intel-hda: fix position buffer Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 16/51] memory.c: bugfix - ref counting mismatch in memory_region_find Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 17/51] qom: Split out object and class caches Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 18/51] migration: Fix rate limit Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 19/51] vl: add missing transition debug->finish_migrate Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 20/51] x86: only allow real mode to access 32bit without LMA Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 21/51] qdev-monitor: Avoid device_add crashing on non-device driver name Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 22/51] split definitions for exec.c and translate-all.c radix trees Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 23/51] exec: replace leaf with skip Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 24/51] exec: pass hw address to phys_page_find Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 25/51] exec: separate sections and nodes per address space Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 26/51] pc: map PCI address space as catchall region for not mapped addresses Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 27/51] piix: fix 32bit pci hole Michael Roth
2014-02-21 14:15 ` Laszlo Ersek
2014-02-21 8:17 ` [Qemu-devel] [PATCH 28/51] target-mips: fix 64-bit FPU config for user-mode emulation Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 29/51] linux-user: pass correct parameter to do_shmctl() Michael Roth
2014-02-21 9:58 ` Laurent Vivier
2014-02-21 20:14 ` Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 30/51] linux-user: create target_structs header to place ipc_perm and shmid_ds Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 31/51] Fix QEMU build on OpenBSD on x86 archs Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 32/51] tcg/optimize: fix known-zero bits for right shift ops Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 33/51] hpet: fix build with CONFIG_HPET off Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 34/51] block/iscsi: use a bh to schedule co reentrance Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 35/51] qemu_opts_parse(): always check return value Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 36/51] s390x/kvm: Fix diagnose handling Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 37/51] seccomp: exit if seccomp_init() fails Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 38/51] mainstone: Fix duplicate array values for key 'space' Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 39/51] migration: qmp_migrate(): keep working after syntax error Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 40/51] vfio-pci: Release all MSI-X vectors when disabled Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 41/51] block/curl: Implement the libcurl timer callback interface Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 42/51] scsi: Support TEST UNIT READY in the dummy LUN0 Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 43/51] scsi: Assign cancel_io vector for scsi_disk_emulate_ops Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 44/51] virtio-scsi: Cleanup of I/Os that never started Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 45/51] virtio-scsi: Prevent assertion on missed events Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 46/51] KVM: Retry KVM_CREATE_VM on EINTR Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 47/51] i386: Add missing include file for QEMU_PACKED Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 48/51] linux-user: Fix trampoline code for CRIS Michael Roth
2014-02-21 8:17 ` Michael Roth [this message]
2014-02-21 8:17 ` [Qemu-devel] [PATCH 51/51] tcg-arm: The shift count of op_rotl_i32 is in args[2] not args[1] Michael Roth
2014-02-21 10:23 ` [Qemu-devel] Patch Round-up for stable 1.7.1, freeze on 2013-02-27 Paolo Bonzini
2014-03-04 17:04 ` Laszlo Ersek
2014-03-04 17:46 ` Petar Jovanovic
2014-03-04 17:54 ` Michael Roth
2014-03-12 10:53 ` [Qemu-devel] [Qemu-stable] " Michael Tokarev
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1392970647-21528-51-git-send-email-mdroth@linux.vnet.ibm.com \
--to=mdroth@linux.vnet.ibm.com \
--cc=Petar.Jovanovic@imgtec.com \
--cc=lersek@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-stable@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).