qemu/hw/misc
Max Erenberg 0bf355e6ca edu: fix DMA range upper bound check
The edu_check_range function checks that start <= end1 < end2, where
end1 is the upper bound (exclusive) of the guest-supplied DMA range and
end2 is the upper bound (exclusive) of the device's allowed DMA range.
When the guest tries to transfer exactly DMA_SIZE (4096) bytes, end1
will be equal to end2, so the check fails and QEMU aborts with this
puzzling error message (newlines added for formatting):

  qemu: hardware error: EDU: DMA range
    0x0000000000040000-0x0000000000040fff out of bounds
   (0x0000000000040000-0x0000000000040fff)!

By checking end1 <= end2 instead, guests will be allowed to transfer
exactly 4096 bytes. It is not necessary to explicitly check for
start <= end1 because the previous two checks (within(addr, start, end2)
and end1 > addr) imply start < end1.

Fixes: b30934cb52 ("hw: misc, add educational driver", 2015-01-21)
Signed-off-by: Max Erenberg <merenber@uwaterloo.ca>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
(cherry picked from commit 2c5107e1b4)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2024-01-08 19:26:21 +03:00
..
macio meson: Replace softmmu_ss -> system_ss 2023-06-20 10:01:30 +02:00
a9scu.c
allwinner-a10-ccm.c hw/misc: Allwinner-A10 Clock Controller Module Emulation 2023-01-12 16:50:19 +00:00
allwinner-a10-dramc.c hw/misc: Allwinner A10 DRAM Controller Emulation 2023-01-12 16:50:19 +00:00
allwinner-cpucfg.c
allwinner-h3-ccu.c
allwinner-h3-dramc.c
allwinner-h3-sysctrl.c
allwinner-r40-ccu.c hw/arm/allwinner-r40: add Clock Control Unit 2023-06-06 10:19:31 +01:00
allwinner-r40-dramc.c hw/misc/allwinner-dramc: Do not use SysBus API to map local MMIO region 2023-10-19 23:13:28 +02:00
allwinner-sid.c
allwinner-sramc.c hw: arm: allwinner-sramc: Set class_size 2023-07-06 13:26:43 +01:00
applesmc.c Do not include "qemu/error-report.h" in headers that do not need it 2023-02-14 09:11:27 +01:00
arm11scu.c
arm_integrator_debug.c
arm_l2x0.c
arm_sysctl.c hw/misc/arm_sysctl.c: Avoid shadowing local variable 2023-09-29 10:07:18 +02:00
armsse-cpu-pwrctrl.c
armsse-cpuid.c
armsse-mhu.c
armv7m_ras.c
aspeed_hace.c aspeed/hace: Initialize g_autofree pointer 2023-06-15 18:35:57 +02:00
aspeed_i3c.c aspeed/i3c: Rename variable shadowing a local 2023-09-29 10:07:19 +02:00
aspeed_lpc.c
aspeed_peci.c
aspeed_sbc.c
aspeed_scu.c
aspeed_sdmc.c aspeed/sdmc: Drop unnecessary scu include 2023-02-07 09:02:05 +01:00
aspeed_xdma.c
auxbus.c bulk: Rename TARGET_FMT_plx -> HWADDR_FMT_plx 2023-01-18 11:14:34 +01:00
avr_power.c
axp2xx.c hw/misc: Rename axp209 to axp22x and add support AXP221 PMU 2023-06-06 10:19:32 +01:00
bcm2835_cprman.c
bcm2835_mbox.c
bcm2835_mphi.c
bcm2835_powermgt.c
bcm2835_property.c hw/arm: Move raspberrypi-fw-defs.h to the include/hw/arm/ folder 2023-10-19 13:01:52 +01:00
bcm2835_rng.c
bcm2835_thermal.c
cbus.c
debugexit.c
djmemc.c q800: add djMEMC memory controller 2023-10-06 10:33:43 +02:00
eccmemctl.c
edu.c edu: fix DMA range upper bound check 2024-01-08 19:26:21 +03:00
empty_slot.c
exynos4210_clk.c
exynos4210_pmu.c
exynos4210_rng.c arm: spelling fixes 2023-07-25 17:13:53 +03:00
grlib_ahb_apb_pnp.c
i2c-echo.c hw/misc/i2c-echo: add copyright/license note 2023-10-12 14:11:44 +02:00
imx6_ccm.c hw/misc/imx6_ccm: Convert DPRINTF to trace events 2023-11-02 13:36:45 +00:00
imx6_src.c hw/misc: Move some arm-related files from specific_ss into softmmu_ss 2022-12-15 17:37:47 +00:00
imx6ul_ccm.c i.MX6UL: Add a specific GPT timer instance for the i.MX6UL 2023-01-05 15:02:08 +00:00
imx7_ccm.c hw/other: spelling fixes 2023-09-21 11:31:16 +03:00
imx7_gpr.c
imx7_snvs.c hw/misc/imx7_snvs: Trace MMIO access 2023-11-02 13:36:45 +00:00
imx7_src.c Add i.MX7 SRC device implementation 2023-08-31 09:45:17 +01:00
imx25_ccm.c
imx31_ccm.c
imx_ccm.c
imx_rngc.c hw: replace most qemu_bh_new calls with qemu_bh_new_guarded 2023-04-28 11:31:54 +02:00
iosb.c q800: add IOSB subsystem 2023-10-06 10:33:43 +02:00
iotkit-secctl.c
iotkit-sysctl.c hw/misc: Move some arm-related files from specific_ss into softmmu_ss 2022-12-15 17:37:47 +00:00
iotkit-sysinfo.c
ivshmem.c migration: simplify blockers 2023-10-20 08:51:41 +02:00
Kconfig hw/misc: Introduce AMD/Xilix Versal TRNG device 2023-11-02 14:42:03 +00:00
lasi.c lasi: fix RTC migration 2023-04-20 11:17:35 +02:00
led.c misc/led: LED state is set opposite of what is expected 2023-10-27 12:51:17 +01:00
mac_via.c mac_via: extend timer calibration hack to work with A/UX 2023-10-06 10:33:43 +02:00
mchp_pfsoc_dmc.c
mchp_pfsoc_ioscb.c hw/{misc, riscv}: pfsoc: add system controller as unimplemented 2023-01-06 10:42:55 +10:00
mchp_pfsoc_sysreg.c hw/{misc, riscv}: pfsoc: add system controller as unimplemented 2023-01-06 10:42:55 +10:00
meson.build hw/misc: Introduce AMD/Xilix Versal TRNG device 2023-11-02 14:42:03 +00:00
mips_cmgcr.c hw/mips: Declare all length properties as unsigned 2023-03-08 00:37:48 +01:00
mips_cpc.c
mips_itu.c hw/misc/mips_itu: Make MIPSITUState target agnostic 2023-10-19 23:13:27 +02:00
mos6522.c input/adb: Only include header where needed 2023-02-06 11:41:39 +00:00
mps2-fpgaio.c
mps2-scc.c hw/misc/mps2-scc: Free MPS2SCC::oscclk[] array on finalize() 2023-11-27 15:27:42 +00:00
msf2-sysreg.c
mst_fpga.c bulk: Rename TARGET_FMT_plx -> HWADDR_FMT_plx 2023-01-18 11:14:34 +01:00
npcm7xx_clk.c
npcm7xx_gcr.c
npcm7xx_mft.c
npcm7xx_pwm.c
npcm7xx_rng.c
nrf51_rng.c
omap_clk.c
omap_gpmc.c hw/arm/omap: Drop useless casts from void * to pointer 2023-01-12 17:15:09 +00:00
omap_l4.c hw/arm/omap: Drop useless casts from void * to pointer 2023-01-12 17:15:09 +00:00
omap_sdrc.c hw/arm/omap: Drop useless casts from void * to pointer 2023-01-12 17:15:09 +00:00
omap_tap.c hw/arm/omap: Drop useless casts from void * to pointer 2023-01-12 17:15:09 +00:00
pc-testdev.c
pca9552.c
pci-testdev.c kvm: require KVM_CAP_IOEVENTFD and KVM_CAP_IOEVENTFD_ANY_LENGTH 2023-10-25 17:35:15 +02:00
pvpanic-isa.c
pvpanic-pci.c include/hw/pci: Split pci_device.h off pci.h 2023-01-08 01:54:22 -05:00
pvpanic.c
sbsa_ec.c hw/misc/sbsa_ec: Declare QOM macros using OBJECT_DECLARE_SIMPLE_TYPE() 2023-01-12 17:15:09 +00:00
sifive_e_aon.c hw/misc: sifive_e_aon: Support the watchdog timer of HiFive 1 rev b. 2023-07-10 22:29:14 +10:00
sifive_e_prci.c
sifive_test.c hw/misc/sifive_test.c: replace exit calls with proper shutdown 2023-10-12 12:34:30 +10:00
sifive_u_otp.c hw/misc/sifive_u_otp: Remove the deprecated OTP config with '-drive if=none' 2023-01-26 13:25:07 +01:00
sifive_u_prci.c
slavio_misc.c
stm32f2xx_syscfg.c hw/other: spelling fixes 2023-09-21 11:31:16 +03:00
stm32f4xx_exti.c
stm32f4xx_syscfg.c
trace-events hw/misc/imx6_ccm: Convert DPRINTF to trace events 2023-11-02 13:36:45 +00:00
trace.h
tz-mpc.c
tz-msc.c
tz-ppc.c
unimp.c
virt_ctrl.c
vmcoreinfo.c
xlnx-cfi-if.c hw/misc: Introduce the Xilinx CFI interface 2023-09-08 16:41:34 +01:00
xlnx-versal-cframe-reg.c hw/misc: Introduce a model of Xilinx Versal's CFRAME_BCAST_REG 2023-09-08 16:41:35 +01:00
xlnx-versal-cfu.c hw/misc/xlnx-versal-cfu: Introduce a model of Xilinx Versal's CFU_SFR 2023-09-08 16:41:35 +01:00
xlnx-versal-crl.c
xlnx-versal-pmc-iou-slcr.c
xlnx-versal-trng.c hw/misc: Introduce AMD/Xilix Versal TRNG device 2023-11-02 14:42:03 +00:00
xlnx-versal-xramc.c
xlnx-zynqmp-apu-ctrl.c error: Drop superfluous #include "qapi/qmp/qerror.h" 2023-02-23 13:56:14 +01:00
xlnx-zynqmp-crf.c
zynq_slcr.c hw/other: spelling fixes 2023-09-21 11:31:16 +03:00