From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:57629)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <borntraeger@de.ibm.com>) id 1SPwCz-0002OJ-2B
	for qemu-devel@nongnu.org; Thu, 03 May 2012 09:36:45 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <borntraeger@de.ibm.com>) id 1SPwCo-0005Fh-T0
	for qemu-devel@nongnu.org; Thu, 03 May 2012 09:36:36 -0400
Received: from e06smtp13.uk.ibm.com ([195.75.94.109]:46425)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <borntraeger@de.ibm.com>) id 1SPwCo-0005FK-KA
	for qemu-devel@nongnu.org; Thu, 03 May 2012 09:36:26 -0400
Received: from /spool/local
	by e06smtp13.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use
	Only! Violators will be prosecuted
	for <qemu-devel@nongnu.org> from <borntraeger@de.ibm.com>;
	Thu, 3 May 2012 14:36:23 +0100
Received: from d06av02.portsmouth.uk.ibm.com (d06av02.portsmouth.uk.ibm.com
	[9.149.37.228])
	by d06nrmr1307.portsmouth.uk.ibm.com (8.13.8/8.13.8/NCO v10.0) with
	ESMTP id q43DaKPh2748598
	for <qemu-devel@nongnu.org>; Thu, 3 May 2012 14:36:20 +0100
Received: from d06av02.portsmouth.uk.ibm.com (loopback [127.0.0.1])
	by d06av02.portsmouth.uk.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with
	ESMTP id q43DaJ3d007116
	for <qemu-devel@nongnu.org>; Thu, 3 May 2012 07:36:19 -0600
Message-ID: <4FA289D1.60700@de.ibm.com>
Date: Thu, 03 May 2012 15:36:17 +0200
From: Christian Borntraeger <borntraeger@de.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: [Qemu-devel] S390: file size checking in load_image_targphys and
 certain ram sizes
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Alexander Graf <agraf@suse.de>, Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: "qemu-devel@nongnu.org" <qemu-devel@nongnu.org>


Ben, Alex,

commit 17df768c1e4580f03301d18ea938d3557d441911
    load_image_targphys() should enforce the max size

caused some problems with external kernel and specific ram sizes on s390:

We load the external kernel with

[...]
            kernel_size = load_image_targphys(kernel_filename, 0, ram_size);
[...]

The problem is now, that load_image_targphys has max_sz as an int (32bit), but 
ram_size is a ram_addr_t (64bit).
So for a ramsize of lets say 3GB the comparison in load_image_targphys fails:

    if (size > max_sz) {
        return -1;
    }

There are several potential ways of solving, suggestions for a better solution
than the patch below are welcome.



diff --git a/hw/loader.c b/hw/loader.c
index 415cdce..8a6c99d 100644
--- a/hw/loader.c
+++ b/hw/loader.c
@@ -103,7 +103,7 @@ ssize_t read_targphys(const char *name,
 
 /* return the size or -1 if error */
 int load_image_targphys(const char *filename,
-                       target_phys_addr_t addr, int max_sz)
+                       target_phys_addr_t addr, uint64_t max_sz)
 {
     int size;
 
diff --git a/hw/loader.h b/hw/loader.h
index fbcaba9..5cfa6df 100644
--- a/hw/loader.h
+++ b/hw/loader.h
@@ -4,7 +4,7 @@
 /* loader.c */
 int get_image_size(const char *filename);
 int load_image(const char *filename, uint8_t *addr); /* deprecated */
-int load_image_targphys(const char *filename, target_phys_addr_t, int max_sz);
+int load_image_targphys(const char *filename, target_phys_addr_t, uint64_t);
 int load_elf(const char *filename, uint64_t (*translate_fn)(void *, uint64_t),
              void *translate_opaque, uint64_t *pentry, uint64_t *lowaddr,
              uint64_t *highaddr, int big_endian, int elf_machine,