From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53262) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XpEi3-00018B-AM for qemu-devel@nongnu.org; Fri, 14 Nov 2014 06:06:41 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XpEhx-0001oC-2V for qemu-devel@nongnu.org; Fri, 14 Nov 2014 06:06:35 -0500 Received: from mx1.redhat.com ([209.132.183.28]:44128) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XpEhw-0001o0-Qt for qemu-devel@nongnu.org; Fri, 14 Nov 2014 06:06:29 -0500 From: Stefan Hajnoczi Date: Fri, 14 Nov 2014 11:05:53 +0000 Message-Id: <1415963157-30103-8-git-send-email-stefanha@redhat.com> In-Reply-To: <1415963157-30103-1-git-send-email-stefanha@redhat.com> References: <1415963157-30103-1-git-send-email-stefanha@redhat.com> Subject: [Qemu-devel] [PULL for-2.2 07/11] ahci: Reorder error cases in handle_cmd List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: Peter Maydell , John Snow , Stefan Hajnoczi From: John Snow Error checking in ahci's handle_cmd is re-ordered so that we initialize as few things as possible before we've done our sanity checking. This simplifies returning from this call in case of an error. A check to make sure the DMA memory map succeeds with the correct size is also added, and the debug print of the command fis is cleaned up with its size corrected. Signed-off-by: John Snow Reviewed-by: Paolo Bonzini Message-id: 1415058979-16604-4-git-send-email-jsnow@redhat.com Signed-off-by: Stefan Hajnoczi --- hw/ide/ahci.c | 29 ++++++++++++++--------------- 1 file changed, 14 insertions(+), 15 deletions(-) diff --git a/hw/ide/ahci.c b/hw/ide/ahci.c index 43da363..578a93b 100644 --- a/hw/ide/ahci.c +++ b/hw/ide/ahci.c @@ -961,38 +961,37 @@ static int handle_cmd(AHCIState *s, int port, int slot) return -1; } - cmd = &((AHCICmdHdr *)s->dev[port].lst)[slot]; - if (!s->dev[port].lst) { DPRINTF(port, "error: lst not given but cmd handled"); return -1; } - + cmd = &((AHCICmdHdr *)s->dev[port].lst)[slot]; /* remember current slot handle for later */ s->dev[port].cur_cmd = cmd; + /* The device we are working for */ + ide_state = &s->dev[port].port.ifs[0]; + if (!ide_state->blk) { + DPRINTF(port, "error: guest accessed unused port"); + return -1; + } + opts = le32_to_cpu(cmd->opts); tbl_addr = le64_to_cpu(cmd->tbl_addr); - cmd_len = 0x80; cmd_fis = dma_memory_map(s->as, tbl_addr, &cmd_len, DMA_DIRECTION_FROM_DEVICE); - if (!cmd_fis) { DPRINTF(port, "error: guest passed us an invalid cmd fis\n"); return -1; - } - - /* The device we are working for */ - ide_state = &s->dev[port].port.ifs[0]; - - if (!ide_state->blk) { - DPRINTF(port, "error: guest accessed unused port"); + } else if (cmd_len != 0x80) { + ahci_trigger_irq(s, &s->dev[port], PORT_IRQ_HBUS_ERR); + DPRINTF(port, "error: dma_memory_map failed: " + "(len(%02"PRIx64") != 0x80)\n", + cmd_len); goto out; } - - debug_print_fis(cmd_fis, 0x90); - //debug_print_fis(cmd_fis, (opts & AHCI_CMD_HDR_CMD_FIS_LEN) * 4); + debug_print_fis(cmd_fis, 0x80); switch (cmd_fis[0]) { case SATA_FIS_TYPE_REGISTER_H2D: -- 2.1.0