[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v2 3/3] edu: uses uint64_t in dma operation
|
From: |
Li Qiang |
|
Subject: |
Re: [Qemu-devel] [PATCH v2 3/3] edu: uses uint64_t in dma operation |
|
Date: |
Mon, 22 Apr 2019 09:21:00 +0800 |
Philippe Mathieu-Daudé <address@hidden> 于2019年4月21日周日 下午6:32写道:
> On 4/20/19 6:14 PM, Li Qiang wrote:
> > The dma related variable is dma_addr_t, it is uint64_t in
> > x64 platform. Change these usage from uint32_to uint64_t to
> > avoid trancation.
>
> "to avoid address truncation"?
>
>
The dma.dst/src/cnt..is from guest and is 64-bits. But in 'edu_dma_timer',
it is assigned to uint32_t, If it is 0xffffffff 00000000, it will be ok by
the check
but it is of course not allowed.
Though this is just an edu device, I think we should avoid this.
Thanks,
Li Qiang
> >
> > Signed-off-by: Li Qiang <address@hidden>
> > ---
> > Change since v1:
> > Fix format compile error on Windows
> >
> > hw/misc/edu.c | 15 ++++++++-------
> > 1 file changed, 8 insertions(+), 7 deletions(-)
> >
> > diff --git a/hw/misc/edu.c b/hw/misc/edu.c
> > index 4018dddcb8..f4a6d5f1c5 100644
> > --- a/hw/misc/edu.c
> > +++ b/hw/misc/edu.c
> > @@ -98,23 +98,24 @@ static void edu_lower_irq(EduState *edu, uint32_t
> val)
> > }
> > }
> >
> > -static bool within(uint32_t addr, uint32_t start, uint32_t end)
> > +static bool within(uint64_t addr, uint64_t start, uint64_t end)
>
> OK.
>
> > {
> > return start <= addr && addr < end;
> > }
> >
> > -static void edu_check_range(uint32_t addr, uint32_t size1, uint32_t
> start,
> > +static void edu_check_range(uint64_t addr, uint64_t size1, uint64_t
> start,
> > uint32_t size2)
>
> OK for addr. MMIO range is 1MiB so you can keep uint32_t for
> size1/size2. Up to the maintainer (personally I'd prefer keep u32).
>
> Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
>
> > {
> > - uint32_t end1 = addr + size1;
> > - uint32_t end2 = start + size2;
> > + uint64_t end1 = addr + size1;
> > + uint64_t end2 = start + size2;
> >
> > if (within(addr, start, end2) &&
> > end1 > addr && within(end1, start, end2)) {
> > return;
> > }
> >
> > - hw_error("EDU: DMA range 0x%.8x-0x%.8x out of bounds
> (0x%.8x-0x%.8x)!",
> > + hw_error("EDU: DMA range 0x%016"PRIx64"-0x%016"PRIx64
> > + " out of bounds (0x%016"PRIx64"-0x%016"PRIx64")!",
> > addr, end1 - 1, start, end2 - 1);
> > }
> >
> > @@ -139,13 +140,13 @@ static void edu_dma_timer(void *opaque)
> > }
> >
> > if (EDU_DMA_DIR(edu->dma.cmd) == EDU_DMA_FROM_PCI) {
> > - uint32_t dst = edu->dma.dst;
> > + uint64_t dst = edu->dma.dst;
> > edu_check_range(dst, edu->dma.cnt, DMA_START, DMA_SIZE);
> > dst -= DMA_START;
> > pci_dma_read(&edu->pdev, edu_clamp_addr(edu, edu->dma.src),
> > edu->dma_buf + dst, edu->dma.cnt);
> > } else {
> > - uint32_t src = edu->dma.src;
> > + uint64_t src = edu->dma.src;
> > edu_check_range(src, edu->dma.cnt, DMA_START, DMA_SIZE);
> > src -= DMA_START;
> > pci_dma_write(&edu->pdev, edu_clamp_addr(edu, edu->dma.dst),
> >
>
- [Qemu-devel] [PATCH v2 1/3] edu: mmio: set 'max_access_size' to 8, (continued)
[Qemu-devel] [PATCH v2 2/3] edu: mmio: allow mmio read dispatch accept 8 bytes, Li Qiang, 2019/04/20
[Qemu-devel] [PATCH v2 3/3] edu: uses uint64_t in dma operation, Li Qiang, 2019/04/20