[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 19/92] hw/char/serial: Assert serial_ioport_read/write offset fits
From: |
Paolo Bonzini |
Subject: |
[PULL 19/92] hw/char/serial: Assert serial_ioport_read/write offset fits 8 bytes |
Date: |
Thu, 24 Sep 2020 05:22:01 -0400 |
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
The serial device has 8 registers, each 8-bit. The MemoryRegionOps
'serial_io_ops' is initialized with max_access_size=1, and all
memory_region_init_io() callers correctly set the region size to
8 bytes:
- serial_io_realize
- serial_isa_realizefn
- serial_pci_realize
- multi_serial_pci_realize
It is safe to assert the offset argument of serial_ioport_read()
and serial_ioport_write() is always less than 8.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200907015535.827885-2-f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
hw/char/serial.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/char/serial.c b/hw/char/serial.c
index fd80ae5592..840da89de7 100644
--- a/hw/char/serial.c
+++ b/hw/char/serial.c
@@ -344,7 +344,7 @@ static void serial_ioport_write(void *opaque, hwaddr addr,
uint64_t val,
{
SerialState *s = opaque;
- addr &= 7;
+ assert(size == 1 && addr < 8);
trace_serial_ioport_write(addr, val);
switch(addr) {
default:
@@ -485,7 +485,7 @@ static uint64_t serial_ioport_read(void *opaque, hwaddr
addr, unsigned size)
SerialState *s = opaque;
uint32_t ret;
- addr &= 7;
+ assert(size == 1 && addr < 8);
switch(addr) {
default:
case 0:
--
2.26.2
- [PULL 09/92] target/i386: support KVM_FEATURE_ASYNC_PF_INT, (continued)
- [PULL 09/92] target/i386: support KVM_FEATURE_ASYNC_PF_INT, Paolo Bonzini, 2020/09/24
- [PULL 10/92] memory: Convert IOMMUMemoryRegionClass doc comment to kernel-doc, Paolo Bonzini, 2020/09/24
- [PULL 15/92] numa: remove fixup numa_state->num_nodes to MAX_NODES, Paolo Bonzini, 2020/09/24
- [PULL 12/92] acpi: i386: Move VMBus DSDT entry to SB, Paolo Bonzini, 2020/09/24
- [PULL 11/92] vhost-scsi: support inflight io track, Paolo Bonzini, 2020/09/24
- [PULL 14/92] doc: Cleanup "'-mem-path' fallback to RAM" deprecation text, Paolo Bonzini, 2020/09/24
- [PULL 13/92] numa: drop support for '-numa node' (without memory specified), Paolo Bonzini, 2020/09/24
- [PULL 17/92] hw/char/serial: Remove TYPE_SERIAL_IO, Paolo Bonzini, 2020/09/24
- [PULL 16/92] hw/mips/mipssim: Use MMIO serial device on fake ISA I/O, Paolo Bonzini, 2020/09/24
- [PULL 20/92] hw/char/serial: Replace commented DPRINTF() by trace event, Paolo Bonzini, 2020/09/24
- [PULL 19/92] hw/char/serial: Assert serial_ioport_read/write offset fits 8 bytes,
Paolo Bonzini <=
- [PULL 28/92] i386/cpu: Clear FEAT_XSAVE_COMP_{LO, HI} when XSAVE is not available, Paolo Bonzini, 2020/09/24
- [PULL 23/92] hw/char/serial: Make 'wakeup' property boolean, Paolo Bonzini, 2020/09/24
- [PULL 21/92] hw/char/serial: Remove old DEBUG_SERIAL commented code, Paolo Bonzini, 2020/09/24
- [PULL 25/92] scsi-generic: Fix HM-zoned device scan, Paolo Bonzini, 2020/09/24
- [PULL 27/92] hw: megasas: consider 'iov_count=0' is an error in megasas_map_sgl, Paolo Bonzini, 2020/09/24
- [PULL 18/92] configure: rename QEMU_GA_MSI_ENABLED to CONFIG_QGA_MSI, Paolo Bonzini, 2020/09/24
- [PULL 29/92] meson: move libudev test, Paolo Bonzini, 2020/09/24
- [PULL 31/92] meson: extend libmpathpersist test for static linking, Paolo Bonzini, 2020/09/24
- [PULL 22/92] hw/char/serial: Rename I/O read/write trace events, Paolo Bonzini, 2020/09/24
- [PULL 30/92] meson: move libmpathpersist test, Paolo Bonzini, 2020/09/24