From patchwork Fri May 14 07:24:30 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: [2/2] megasas: Error checking for cpu_physical_memory_map() From: Hannes Reinecke X-Patchwork-Id: 52568 Message-Id: <20100514072430.C80932A37B@ochil.suse.de> To: Nicholas A.Bellinger Cc: qemu-devel@nongnu.org Date: Fri, 14 May 2010 09:24:30 +0200 cpu_physical_memory_map() can fail, so we really should check for errors here. Plus a fix for a small casting error. Signed-off-by: Hannes Reinecke --- hw/megasas.c | 23 +++++++++++++++++++---- 1 files changed, 19 insertions(+), 4 deletions(-) diff --git a/hw/megasas.c b/hw/megasas.c index 69c5037..e0725de 100644 --- a/hw/megasas.c +++ b/hw/megasas.c @@ -264,6 +264,7 @@ megasas_enqueue_frame(MPTState *s, target_phys_addr_t frame) { struct megasas_cmd_t *cmd = NULL; uint8_t frame_size = sizeof(cmd->frame); + target_phys_addr_t frame_size_p = frame_size; cmd = megasas_next_frame(s, frame); /* All frames busy */ @@ -271,8 +272,16 @@ megasas_enqueue_frame(MPTState *s, target_phys_addr_t frame) return NULL; if (!cmd->pa) { cmd->pa = frame; - cmd->frame = cpu_physical_memory_map(frame, - (target_phys_addr_t *)&frame_size, 0); + cmd->frame = cpu_physical_memory_map(frame, &frame_size_p, 0); + if (frame_size_p != frame_size) { + DPRINTF("failed to map frame %lu\n", (unsigned long)frame); + if (cmd->frame) { + cpu_physical_memory_unmap(cmd->frame, frame_size_p, 0, 0); + cmd->frame = NULL; + cmd->pa = 0; + } + return NULL; + } } cmd->frame->header.context = le32_to_cpu(cmd->frame->header.context); @@ -357,8 +366,13 @@ static int megasas_init_firmware(MPTState *s, struct megasas_cmd_t *cmd) DPRINTF("MFI init firmware: xfer len %d pa %lx\n", (int)iq_pl, (unsigned long)iq_pa); #endif - initq_size = sizeof(initq); - initq = cpu_physical_memory_map(iq_pa, &initq_size, 0); + initq_size = sizeof(*initq); + initq = cpu_physical_memory_map(iq_pa, &initq_size, 0); + if (initq_size != sizeof(*initq)) { + DPRINTF("MFI init firmware: failed to map queue mem\n"); + s->fw_state = MFI_FWSTATE_FAULT; + goto out; + } s->reply_queue_len = le32_to_cpu(initq->rq_entries); pa_lo = le32_to_cpu(initq->rq_addr_lo); pa_hi = le32_to_cpu(initq->rq_addr_hi); @@ -376,6 +390,7 @@ static int megasas_init_firmware(MPTState *s, struct megasas_cmd_t *cmd) #endif s->reply_queue_index = ldl_phys(s->producer_pa); s->fw_state = MFI_FWSTATE_OPERATIONAL; +out: cpu_physical_memory_unmap(initq, initq_size, 0, 0); return 0; }