[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] pci: Remove partial overrun checking from pci_h
From: |
David Gibson |
Subject: |
Re: [Qemu-devel] [PATCH] pci: Remove partial overrun checking from pci_host_config_{read, write} common |
Date: |
Wed, 25 Apr 2012 22:21:10 +1000 |
User-agent: |
Mutt/1.5.21 (2010-09-15) |
On Wed, Apr 25, 2012 at 11:08:12AM +0300, Michael S. Tsirkin wrote:
> On Mon, Apr 16, 2012 at 02:16:24PM +1000, David Gibson wrote:
> > Currently the pci_host_config_{read,write}_common() functions clamp the
> > given access size to prevent it from overruning the size of config space.
> > This does not protect against "total" overruns (that is where the start
> > address is outside config space), but given some correct but rather subtle
> > assumptions does handle partial overruns (addr is within config space, but
> > the access size overruns it) as a truncated read or write.
> >
> > A truncated read or write is vanishingly unlikely to be performed by real
> > hardware, but more importantly, this code path will never be executed. The
> > callers of pci_host_config_{read,write}_common() already check that the
> > access is not a total overrun and is naturally aligned.
>
> ./hw/pcie_host.c does not do this.
Uh, yes. I had assumed that the alignment checking was done in the
general MMIO accessor paths, but it looks like it isn't.
--
David Gibson | I'll have my music baroque, and my code
david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson