[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 67/68] hw/cxl: Fix missing reserved data in CXL Device DVSEC
|
From: |
Michael S. Tsirkin |
|
Subject: |
[PULL 67/68] hw/cxl: Fix missing reserved data in CXL Device DVSEC |
|
Date: |
Tue, 12 Mar 2024 18:29:07 -0400 |
From: Jonathan Cameron <Jonathan.Cameron@huawei.com>
The r3.1 specification introduced a new 2 byte field, but
to maintain DWORD alignment, a additional 2 reserved bytes
were added. Forgot those in updating the structure definition
but did include them in the size define leading to a buffer
overrun.
Also use the define so that we don't duplicate the value.
Fixes: Coverity ID 1534095 buffer overrun
Fixes: 8700ee15de ("hw/cxl: Standardize all references on CXL r3.1 and minor
updates")
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Message-Id: <20240308143831.6256-1-Jonathan.Cameron@huawei.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
---
include/hw/cxl/cxl_pci.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/include/hw/cxl/cxl_pci.h b/include/hw/cxl/cxl_pci.h
index 265db6c407..d0855ed78b 100644
--- a/include/hw/cxl/cxl_pci.h
+++ b/include/hw/cxl/cxl_pci.h
@@ -92,8 +92,9 @@ typedef struct CXLDVSECDevice {
uint32_t range2_base_hi;
uint32_t range2_base_lo;
uint16_t cap3;
+ uint16_t resv;
} QEMU_PACKED CXLDVSECDevice;
-QEMU_BUILD_BUG_ON(sizeof(CXLDVSECDevice) != 0x3A);
+QEMU_BUILD_BUG_ON(sizeof(CXLDVSECDevice) != PCIE_CXL_DEVICE_DVSEC_LENGTH);
/*
* CXL r3.1 Section 8.1.5: CXL Extensions DVSEC for Ports
--
MST
- [PULL 52/68] hw/i386/pc: Set "normal" boot device order in pc_basic_device_init(), (continued)
- [PULL 52/68] hw/i386/pc: Set "normal" boot device order in pc_basic_device_init(), Michael S. Tsirkin, 2024/03/12
- [PULL 54/68] qom: new object to associate device to NUMA node, Michael S. Tsirkin, 2024/03/12
- [PULL 58/68] virtio-iommu: Change the default granule to the host page size, Michael S. Tsirkin, 2024/03/12
- [PULL 66/68] hmat acpi: Fix out of bounds access due to missing use of indirection, Michael S. Tsirkin, 2024/03/12
- [PULL 55/68] hw/acpi: Implement the SRAT GI affinity structure, Michael S. Tsirkin, 2024/03/12
- [PULL 57/68] virtio-iommu: Add a granule property, Michael S. Tsirkin, 2024/03/12
- [PULL 56/68] hw/i386/acpi-build: Add support for SRAT Generic Initiator structures, Michael S. Tsirkin, 2024/03/12
- [PULL 62/68] hw/i386/q35: Set virtio-iommu aw-bits default value to 39, Michael S. Tsirkin, 2024/03/12
- [PULL 60/68] virtio-iommu: Trace domain range limits as unsigned int, Michael S. Tsirkin, 2024/03/12
- [PULL 64/68] qemu-options.hx: Document the virtio-iommu-pci aw-bits option, Michael S. Tsirkin, 2024/03/12
- [PULL 67/68] hw/cxl: Fix missing reserved data in CXL Device DVSEC,
Michael S. Tsirkin <=
- [PULL 68/68] docs/specs/pvpanic: document shutdown event, Michael S. Tsirkin, 2024/03/12
- [PULL 59/68] qemu-options.hx: Document the virtio-iommu-pci granule option, Michael S. Tsirkin, 2024/03/12
- [PULL 61/68] virtio-iommu: Add an option to define the input range width, Michael S. Tsirkin, 2024/03/12
- [PULL 65/68] hmat acpi: Do not add Memory Proximity Domain Attributes Structure targetting non existent memory., Michael S. Tsirkin, 2024/03/12
- [PULL 63/68] hw/arm/virt: Set virtio-iommu aw-bits default value to 48, Michael S. Tsirkin, 2024/03/12
- Re: [PULL 00/68] virtio,pc,pci: features, cleanups, fixes, Peter Maydell, 2024/03/13