[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 03/12] sd: sdhci: Fix ADMA dma_memory_read access
From: |
Peter Maydell |
Subject: |
[Qemu-devel] [PULL 03/12] sd: sdhci: Fix ADMA dma_memory_read access |
Date: |
Mon, 4 Aug 2014 14:53:19 +0100 |
From: Peter Crosthwaite <address@hidden>
This dma_memory_read was giving too big a size when begin was non-zero.
This could cause segfaults in some circumstances. Fix.
Signed-off-by: Peter Crosthwaite <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
---
hw/sd/sdhci.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c
index b5a9eee..f9fe700 100644
--- a/hw/sd/sdhci.c
+++ b/hw/sd/sdhci.c
@@ -702,7 +702,8 @@ static void sdhci_do_adma(SDHCIState *s)
length -= block_size - begin;
}
dma_memory_read(&address_space_memory, dscr.addr,
- &s->fifo_buffer[begin], s->data_count);
+ &s->fifo_buffer[begin],
+ s->data_count - begin);
dscr.addr += s->data_count - begin;
if (s->data_count == block_size) {
for (n = 0; n < block_size; n++) {
--
1.9.1
- [Qemu-devel] [PULL 00/12] target-arm queue, Peter Maydell, 2014/08/04
- [Qemu-devel] [PULL 11/12] target-arm: don't hardcode mask values in arm_cpu_handle_mmu_fault, Peter Maydell, 2014/08/04
- [Qemu-devel] [PULL 12/12] target-arm: A64: fix TLB flush instructions, Peter Maydell, 2014/08/04
- [Qemu-devel] [PULL 10/12] target-arm: Fix bit test in sp_el0_access, Peter Maydell, 2014/08/04
- [Qemu-devel] [PULL 02/12] hw/arm/virt: formatting: memory map, Peter Maydell, 2014/08/04
- [Qemu-devel] [PULL 03/12] sd: sdhci: Fix ADMA dma_memory_read access,
Peter Maydell <=
- [Qemu-devel] [PULL 08/12] target-arm: Add ESR_EL2 and 3, Peter Maydell, 2014/08/04
- [Qemu-devel] [PULL 06/12] target-arm: A64: Respect SPSEL when taking exceptions, Peter Maydell, 2014/08/04
- [Qemu-devel] [PULL 09/12] target-arm: Add FAR_EL2 and 3, Peter Maydell, 2014/08/04
- [Qemu-devel] [PULL 01/12] hw/arm/boot: Set PC correctly when loading AArch64 ELF files, Peter Maydell, 2014/08/04
- [Qemu-devel] [PULL 07/12] target-arm: Make far_el1 an array, Peter Maydell, 2014/08/04
- [Qemu-devel] [PULL 05/12] target-arm: A64: Respect SPSEL in ERET SP restore, Peter Maydell, 2014/08/04
- [Qemu-devel] [PULL 04/12] target-arm: A64: Break out aarch64_save/restore_sp, Peter Maydell, 2014/08/04
- Re: [Qemu-devel] [PULL 00/12] target-arm queue, Peter Maydell, 2014/08/04