blob: 2c18c48aeb9e891ff2d11da3b883b4ee51b9c626 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
device: 0.836
network: 0.835
vnc: 0.746
socket: 0.741
graphic: 0.684
files: 0.675
permissions: 0.601
semantic: 0.548
PID: 0.546
debug: 0.490
performance: 0.481
boot: 0.477
other: 0.463
KVM: 0.379
q35: incorrect values for PCIEXBAR masks
Description of problem:
https://lore.kernel.org/all/1fded151ce5ecbf7010427871b908000b2aba9ee.1520867956.git.x1917x@gmail.com/
In function [mch_update_pciexbar](https://gitlab.com/qemu-project/qemu/-/blob/master/hw/pci-host/q35.c#L295)
There are two small issues in PCIEXBAR address mask handling:
- wrong bit positions for address mask bits (see PCIEXBAR description
in Q35 datasheet)
- incorrect usage of 64ADR_MASK
Due to this, attempting to write a valid PCIEXBAR address may cause it to
shift to another address, causing memory layout corruption where emulated
MMIO regions may overlap real (passed through) MMIO ranges. Fix this
by providing correct values.
Additional information:
Q35 datasheet: https://www.intel.com/Assets/PDF/datasheet/316966.pdf ( 5.1.16 PCIEXBAR—PCI Express* Register Range Base Address )
|