[2/2] exec: clamp accesses against the MemoryRegionSection

Message ID	1434642231-24608-3-git-send-email-pbonzini@redhat.com
State	New
Headers	show Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> From: Paolo Bonzini <pbonzini@redhat.com> To: qemu-devel@nongnu.org Date: Thu, 18 Jun 2015 17:43:51 +0200 Message-Id: <1434642231-24608-3-git-send-email-pbonzini@redhat.com> In-Reply-To: <1434642231-24608-1-git-send-email-pbonzini@redhat.com> References: <1434642231-24608-1-git-send-email-pbonzini@redhat.com> Cc: hpoussin@reactos.org, aurelien@aurel32.net Subject: [Qemu-devel] [PATCH 2/2] exec: clamp accesses against the MemoryRegionSection Precedence: list Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org

Message ID

1434642231-24608-3-git-send-email-pbonzini@redhat.com

State

New

Headers

From: Paolo Bonzini <pbonzini@redhat.com>
To: qemu-devel@nongnu.org
Date: Thu, 18 Jun 2015 17:43:51 +0200
Message-Id: <1434642231-24608-3-git-send-email-pbonzini@redhat.com>
In-Reply-To: <1434642231-24608-1-git-send-email-pbonzini@redhat.com>
References: <1434642231-24608-1-git-send-email-pbonzini@redhat.com>
Cc: hpoussin@reactos.org, aurelien@aurel32.net
Subject: [Qemu-devel] [PATCH 2/2] exec: clamp accesses against the
	MemoryRegionSection
Precedence: list
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org

Commit Message

Paolo Bonzini June 18, 2015, 3:43 p.m. UTC

Because the clamping was done against the MemoryRegion,
address_space_rw was effectively broken if a write spanned
multiple sections that are not linear in underlying memory
(with the memory not being under an IOMMU).

This is visible with the MIPS rc4030 IOMMU, which is implemented
as a series of alias memory regions that point to the actual RAM.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
 exec.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/exec.c b/exec.c
index d00e017..f7883d2 100644
--- a/exec.c
+++ b/exec.c
@@ -353,7 +353,7 @@  address_space_translate_internal(AddressSpaceDispatch *d, hwaddr addr, hwaddr *x
 
     mr = section->mr;
     if (memory_region_is_ram(mr)) {
-        diff = int128_sub(mr->size, int128_make64(addr));
+        diff = int128_sub(section->size, int128_make64(addr));
         *plen = int128_get64(int128_min(diff, int128_make64(*plen)));
     }
     return section;

[2/2] exec: clamp accesses against the MemoryRegionSection

Commit Message

Patch