qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] vfio: add check for memory region overflow cond

From: Alex Williamson
Subject: Re: [Qemu-devel] [PATCH] vfio: add check for memory region overflow condition
Date: Mon, 21 Mar 2016 16:34:41 -0600 
On Mon, 21 Mar 2016 18:00:50 -0400
Bandan Das <address@hidden> wrote:

> vfio_listener_region_add for a iommu mr results in
> an overflow assert since emulated iommu memory region is initialized
> with UINT64_MAX. Add a check just like memory_region_size()
> does.
> 
> Signed-off-by: Bandan Das <address@hidden>
> ---
>  hw/vfio/common.c | 7 ++++++-
>  1 file changed, 6 insertions(+), 1 deletion(-)
> 
> diff --git a/hw/vfio/common.c b/hw/vfio/common.c
> index fb588d8..269244b 100644
> --- a/hw/vfio/common.c
> +++ b/hw/vfio/common.c
> @@ -349,7 +349,12 @@ static void vfio_listener_region_add(MemoryListener 
> *listener,
>      if (int128_ge(int128_make64(iova), llend)) {
>          return;
>      }
> -    end = int128_get64(llend);
> +
> +    if (int128_eq(llend, int128_2_64())) {
> +            end = UINT64_MAX;
> +    } else {
> +            end = int128_get64(llend);
> +    }
>  
>      if ((iova < container->min_iova) || ((end - 1) > container->max_iova)) {
>          error_report("vfio: IOMMU container %p can't map guest IOVA region"

But now all the calculations where we use end-1 are wrong.  See the
discussion with Pierre Morel in the January qemu-devel archives.
There's a solution in there, but I never saw a follow-up from Pierre
with a revised patch.  Thanks,

Alex
reply via email to
[Prev in Thread] Current Thread [Next in Thread]