* [Qemu-devel] [PATCH] nand: fix address overflow
@ 2015-11-10 13:25 Rabin Vincent
2015-11-10 15:09 ` Paolo Bonzini
0 siblings, 1 reply; 5+ messages in thread
From: Rabin Vincent @ 2015-11-10 13:25 UTC (permalink / raw)
To: kwolf; +Cc: qemu-devel, qemu-block, Rabin Vincent
The shifts of the address mask and value shift beyond 32 bits when there
are 5 address cycles.
Signed-off-by: Rabin Vincent <rabin.vincent@axis.com>
---
hw/block/nand.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/block/nand.c b/hw/block/nand.c
index 61d2cec..a68266f 100644
--- a/hw/block/nand.c
+++ b/hw/block/nand.c
@@ -522,8 +522,8 @@ void nand_setio(DeviceState *dev, uint32_t value)
if (s->ale) {
unsigned int shift = s->addrlen * 8;
- unsigned int mask = ~(0xff << shift);
- unsigned int v = value << shift;
+ uint64_t mask = ~(0xffull << shift);
+ uint64_t v = (uint64_t)value << shift;
s->addr = (s->addr & mask) | v;
s->addrlen ++;
--
1.7.10.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [Qemu-devel] [PATCH] nand: fix address overflow
2015-11-10 13:25 [Qemu-devel] [PATCH] nand: fix address overflow Rabin Vincent
@ 2015-11-10 15:09 ` Paolo Bonzini
2015-11-13 4:23 ` Peter Crosthwaite
0 siblings, 1 reply; 5+ messages in thread
From: Paolo Bonzini @ 2015-11-10 15:09 UTC (permalink / raw)
To: Rabin Vincent, kwolf
Cc: qemu-trivial@nongnu.org, qemu-devel, qemu-block, Rabin Vincent
On 10/11/2015 14:25, Rabin Vincent wrote:
> The shifts of the address mask and value shift beyond 32 bits when there
> are 5 address cycles.
>
> Signed-off-by: Rabin Vincent <rabin.vincent@axis.com>
> ---
> hw/block/nand.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/hw/block/nand.c b/hw/block/nand.c
> index 61d2cec..a68266f 100644
> --- a/hw/block/nand.c
> +++ b/hw/block/nand.c
> @@ -522,8 +522,8 @@ void nand_setio(DeviceState *dev, uint32_t value)
>
> if (s->ale) {
> unsigned int shift = s->addrlen * 8;
> - unsigned int mask = ~(0xff << shift);
> - unsigned int v = value << shift;
> + uint64_t mask = ~(0xffull << shift);
> + uint64_t v = (uint64_t)value << shift;
>
> s->addr = (s->addr & mask) | v;
> s->addrlen ++;
>
Cc: qemu-trivial@nongnu.org
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [Qemu-devel] [PATCH] nand: fix address overflow
2015-11-10 15:09 ` Paolo Bonzini
@ 2015-11-13 4:23 ` Peter Crosthwaite
2015-11-13 9:32 ` Paolo Bonzini
0 siblings, 1 reply; 5+ messages in thread
From: Peter Crosthwaite @ 2015-11-13 4:23 UTC (permalink / raw)
To: Paolo Bonzini, qemu-stable
Cc: Kevin Wolf, Rabin Vincent, qemu-block, qemu-trivial@nongnu.org,
qemu-devel@nongnu.org Developers, Rabin Vincent
On Tue, Nov 10, 2015 at 7:09 AM, Paolo Bonzini <pbonzini@redhat.com> wrote:
>
>
> On 10/11/2015 14:25, Rabin Vincent wrote:
>> The shifts of the address mask and value shift beyond 32 bits when there
>> are 5 address cycles.
>>
>> Signed-off-by: Rabin Vincent <rabin.vincent@axis.com>
>> ---
>> hw/block/nand.c | 4 ++--
>> 1 file changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/hw/block/nand.c b/hw/block/nand.c
>> index 61d2cec..a68266f 100644
>> --- a/hw/block/nand.c
>> +++ b/hw/block/nand.c
>> @@ -522,8 +522,8 @@ void nand_setio(DeviceState *dev, uint32_t value)
>>
>> if (s->ale) {
>> unsigned int shift = s->addrlen * 8;
>> - unsigned int mask = ~(0xff << shift);
>> - unsigned int v = value << shift;
>> + uint64_t mask = ~(0xffull << shift);
>> + uint64_t v = (uint64_t)value << shift;
>>
>> s->addr = (s->addr & mask) | v;
>> s->addrlen ++;
>>
>
> Cc: qemu-trivial@nongnu.org
> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
This is a bugfix right? IIUC This would not have worked for accesses
to devices above column address 255 at all. Should this go to
stable/2.5?
Regards,
Peter
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [Qemu-devel] [PATCH] nand: fix address overflow
2015-11-13 4:23 ` Peter Crosthwaite
@ 2015-11-13 9:32 ` Paolo Bonzini
2015-11-13 11:04 ` Kevin Wolf
0 siblings, 1 reply; 5+ messages in thread
From: Paolo Bonzini @ 2015-11-13 9:32 UTC (permalink / raw)
To: Peter Crosthwaite, Michael Tokarev
Cc: Kevin Wolf, Rabin Vincent, qemu-block, qemu-trivial, qemu-stable,
qemu-devel@nongnu.org Developers, Rabin Vincent
> > On 10/11/2015 14:25, Rabin Vincent wrote:
> >> The shifts of the address mask and value shift beyond 32 bits when there
> >> are 5 address cycles.
> >>
> >> Signed-off-by: Rabin Vincent <rabin.vincent@axis.com>
> >> ---
> >> hw/block/nand.c | 4 ++--
> >> 1 file changed, 2 insertions(+), 2 deletions(-)
> >>
> >> diff --git a/hw/block/nand.c b/hw/block/nand.c
> >> index 61d2cec..a68266f 100644
> >> --- a/hw/block/nand.c
> >> +++ b/hw/block/nand.c
> >> @@ -522,8 +522,8 @@ void nand_setio(DeviceState *dev, uint32_t value)
> >>
> >> if (s->ale) {
> >> unsigned int shift = s->addrlen * 8;
> >> - unsigned int mask = ~(0xff << shift);
> >> - unsigned int v = value << shift;
> >> + uint64_t mask = ~(0xffull << shift);
> >> + uint64_t v = (uint64_t)value << shift;
> >>
> >> s->addr = (s->addr & mask) | v;
> >> s->addrlen ++;
> >>
> >
> > Cc: qemu-trivial@nongnu.org
> > Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
>
> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
>
> This is a bugfix right? IIUC This would not have worked for accesses
> to devices above column address 255 at all. Should this go to
> stable/2.5?
Yes, it should. Michael, are you planning to send another pull
request during hard freeze?
Paolo
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [Qemu-devel] [PATCH] nand: fix address overflow
2015-11-13 9:32 ` Paolo Bonzini
@ 2015-11-13 11:04 ` Kevin Wolf
0 siblings, 0 replies; 5+ messages in thread
From: Kevin Wolf @ 2015-11-13 11:04 UTC (permalink / raw)
To: Paolo Bonzini
Cc: Rabin Vincent, qemu-block, qemu-trivial, Michael Tokarev,
qemu-stable, qemu-devel@nongnu.org Developers, Peter Crosthwaite,
Rabin Vincent
Am 13.11.2015 um 10:32 hat Paolo Bonzini geschrieben:
> > > On 10/11/2015 14:25, Rabin Vincent wrote:
> > >> The shifts of the address mask and value shift beyond 32 bits when there
> > >> are 5 address cycles.
> > >>
> > >> Signed-off-by: Rabin Vincent <rabin.vincent@axis.com>
> > >> ---
> > >> hw/block/nand.c | 4 ++--
> > >> 1 file changed, 2 insertions(+), 2 deletions(-)
> > >>
> > >> diff --git a/hw/block/nand.c b/hw/block/nand.c
> > >> index 61d2cec..a68266f 100644
> > >> --- a/hw/block/nand.c
> > >> +++ b/hw/block/nand.c
> > >> @@ -522,8 +522,8 @@ void nand_setio(DeviceState *dev, uint32_t value)
> > >>
> > >> if (s->ale) {
> > >> unsigned int shift = s->addrlen * 8;
> > >> - unsigned int mask = ~(0xff << shift);
> > >> - unsigned int v = value << shift;
> > >> + uint64_t mask = ~(0xffull << shift);
> > >> + uint64_t v = (uint64_t)value << shift;
> > >>
> > >> s->addr = (s->addr & mask) | v;
> > >> s->addrlen ++;
> > >>
> > >
> > > Cc: qemu-trivial@nongnu.org
> > > Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
> >
> > Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
> >
> > This is a bugfix right? IIUC This would not have worked for accesses
> > to devices above column address 255 at all. Should this go to
> > stable/2.5?
>
> Yes, it should. Michael, are you planning to send another pull
> request during hard freeze?
The block layer catch-all entry in MAINTAINERS says that it's mine, so
I'll just take it through my block tree.
Kevin
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2015-11-13 11:04 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-11-10 13:25 [Qemu-devel] [PATCH] nand: fix address overflow Rabin Vincent
2015-11-10 15:09 ` Paolo Bonzini
2015-11-13 4:23 ` Peter Crosthwaite
2015-11-13 9:32 ` Paolo Bonzini
2015-11-13 11:04 ` Kevin Wolf
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).