mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4c58843e5d
qemu/hw/mem
History
Ira Weiny e6c9c9e7f4 hw/cxl: Fix read from bogus memory 
Peter and coverity report:

	We've passed '&data' to address_space_write(), which means "read
	from the address on the stack where the function argument 'data'
	lives", so instead of writing 64 bytes of data to the guest ,
	we'll write 64 bytes which start with a host pointer value and
	then continue with whatever happens to be on the host stack
	after that.

Indeed the intention was to write 64 bytes of data at the address given.

Fix the parameter to address_space_write().

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Link: https://lore.kernel.org/all/CAFEAcA-u4sytGwTKsb__Y+_+0O2-WwARntm3x8WNhvL1WfHOBg@mail.gmail.com/
Fixes: 6bda41a69b ("hw/cxl: Add clear poison mailbox command support.")
Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Signed-off-by: Ira Weiny <ira.weiny@intel.com>
Message-Id: <20240531-fix-poison-set-cacheline-v1-1-e3bc7e8f1158@intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
2024-07-01 17:16:05 -04:00
..
cxl_type3_stubs.c hw/cxl/events: Add qmp interfaces to add/release dynamic capacity extents 2024-07-01 17:16:04 -04:00
cxl_type3.c hw/cxl: Fix read from bogus memory 2024-07-01 17:16:05 -04:00
Kconfig hw/cxl/device: Add a memory device (8.2.8.5) 2022-05-13 06:13:36 -04:00
memory-device-stubs.c memory-device: move stubs out of stubs/ 2024-04-18 11:17:27 +02:00
memory-device.c hw/mem/memory-device: Remove legacy_align from memory_device_pre_plug() 2024-06-19 12:40:49 +02:00
meson.build memory-device: move stubs out of stubs/ 2024-04-18 11:17:27 +02:00
npcm7xx_mc.c hw/*: Use type casting for SysBusDevice in NPCM7XX 2021-01-12 21:19:02 +00:00
nvdimm.c nvdimm: Reject writing label data to ROM instead of crashing QEMU 2023-09-19 10:23:21 +02:00
pc-dimm.c hw/mem/memory-device: Remove legacy_align from memory_device_pre_plug() 2024-06-19 12:40:49 +02:00
sparse-mem.c *: Add missing includes of qemu/error-report.h 2023-03-22 15:06:57 +00:00
trace-events docs: fix references to docs/devel/tracing.rst 2021-06-02 06:51:09 +02:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00