qemu/hw/intc
Ricardo Koller f4ec71d07c hw/intc/arm_gicv3_cpuif: Fix virtual irq number check in icv_[dir|eoir]_write
icv_eoir_write() and icv_dir_write() ignore invalid virtual IRQ numbers
(like LPIs).  The issue is that these functions check against the number
of implemented IRQs (QEMU's default is num_irq=288) which can be lower
than the maximum virtual IRQ number (1020 - 1).  The consequence is that
if a hypervisor creates an LR for an IRQ between 288 and 1020, then the
guest is unable to deactivate the resulting IRQ. Note that other
functions that deal with large IRQ numbers, like icv_iar_read, check
against 1020 and not against num_irq.

Fix the checks by using GICV3_MAXIRQ (1020) instead of the number of
implemented IRQs.

Signed-off-by: Ricardo Koller <ricarkol@google.com>
Message-id: 20210702233701.3369-1-ricarkol@google.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-09 16:09:12 +01:00
..
allwinner-a10-pic.c Clean up inclusion of sysemu/sysemu.h 2019-08-16 13:31:53 +02:00
apic_common.c Do not include cpu.h if it's not really necessary 2021-05-02 17:24:51 +02:00
apic.c Do not include cpu.h if it's not really necessary 2021-05-02 17:24:51 +02:00
arm_gic_common.c arm_gic: Mask the un-supported priority bits 2020-02-28 16:14:57 +00:00
arm_gic_kvm.c Do not include cpu.h if it's not really necessary 2021-05-02 17:24:51 +02:00
arm_gic.c hw/intc/arm_gic: Fix interrupt ID in GICD_SGIR register 2021-02-02 17:00:55 +00:00
arm_gicv2m.c arm tcg cpus: Fix Lesser GPL version number 2020-11-15 16:42:14 +01:00
arm_gicv3_common.c qdev: set properties with device_class_set_props() 2020-01-24 20:59:15 +01:00
arm_gicv3_cpuif.c hw/intc/arm_gicv3_cpuif: Fix virtual irq number check in icv_[dir|eoir]_write 2021-07-09 16:09:12 +01:00
arm_gicv3_dist.c hw/intc/arm_gicv3: GICD_TYPER.SecurityExtn is RAZ if GICD_CTLR.DS == 1 2019-06-17 15:13:19 +01:00
arm_gicv3_its_common.c Include migration/vmstate.h less 2019-08-16 13:31:52 +02:00
arm_gicv3_its_kvm.c sysemu: Let VMChangeStateHandler take boolean 'running' argument 2021-03-09 23:13:57 +01:00
arm_gicv3_kvm.c hw: Do not include hw/sysbus.h if it is not necessary 2021-05-02 17:24:50 +02:00
arm_gicv3_redist.c hw/intc/arm_gicv3: Fix decoding of ID register range 2019-06-17 15:13:19 +01:00
arm_gicv3.c hw: Do not include hw/sysbus.h if it is not necessary 2021-05-02 17:24:50 +02:00
armv7m_nvic.c hw/intc/armv7m_nvic: Remove stale comment 2021-06-15 16:18:48 +01:00
aspeed_vic.c Include migration/vmstate.h less 2019-08-16 13:31:52 +02:00
bcm2835_ic.c hw/intc/bcm2835_ic: Trace GPU/CPU IRQ handlers 2020-10-20 16:12:00 +01:00
bcm2836_control.c hw/intc/bcm2836_control: Use IRQ definitions instead of magic numbers 2020-10-20 16:12:00 +01:00
etraxfs_pic.c hw: Replace anti-social QOM type names 2021-03-19 15:18:43 +01:00
exynos4210_combiner.c Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
exynos4210_gic.c Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
gic_internal.h hw/intc/arm_gic: Drop GIC_BASE_IRQ macro 2018-09-25 15:13:24 +01:00
gicv3_internal.h target-arm: Add GICv3CPUState in CPUARMState struct 2017-02-28 17:10:00 +00:00
goldfish_pic.c hw/intc: add goldfish-pic 2021-03-15 21:02:14 +01:00
grlib_irqmp.c Do not include cpu.h if it's not really necessary 2021-05-02 17:24:51 +02:00
heathrow_pic.c Include hw/hw.h exactly where needed 2019-08-16 13:31:52 +02:00
i8259_common.c isa: Convert uses of isa_create() with Coccinelle 2020-06-15 22:05:28 +02:00
i8259.c hw/intc/i8259: Refactor pic_read_irq() to avoid uninitialized variable 2021-03-19 08:48:18 -04:00
ibex_plic.c hw/opentitan: Update the interrupt layout 2021-05-11 20:02:06 +10:00
imx_avic.c Include migration/vmstate.h less 2019-08-16 13:31:52 +02:00
imx_gpcv2.c hw: Do not include qemu/log.h if it is not necessary 2021-05-02 17:24:50 +02:00
intc.c intc: add an interface to gather statistics/informations on interrupt controllers 2016-10-04 10:00:25 +02:00
ioapic_common.c nomaintainer: Fix Lesser GPL version number 2020-11-15 17:04:40 +01:00
ioapic.c Remove superfluous timer_del() calls 2021-01-08 15:13:38 +00:00
Kconfig m68k: add an interrupt controller 2021-03-15 21:02:20 +01:00
loongson_liointc.c hw/intc/loongson_liointc: Fix per core ISR handling 2021-02-21 18:41:46 +01:00
m68k_irqc.c m68k: add an interrupt controller 2021-03-15 21:02:20 +01:00
meson.build Drop the deprecated unicore32 target 2021-05-12 18:20:52 +02:00
mips_gic.c qdev: set properties with device_class_set_props() 2020-01-24 20:59:15 +01:00
omap_intc.c omap_intc: Use typedef name for instance_size 2020-09-09 13:20:22 -04:00
ompic.c hw: Do not include qemu/log.h if it is not necessary 2021-05-02 17:24:50 +02:00
openpic_kvm.c Do not include exec/address-spaces.h if it's not really necessary 2021-05-02 17:24:51 +02:00
openpic.c hw: Do not include qemu/log.h if it is not necessary 2021-05-02 17:24:50 +02:00
pl190.c Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
pnv_xive_regs.h ppc/pnv: add a XIVE interrupt controller model for POWER9 2019-03-12 14:33:04 +11:00
pnv_xive.c ppc/pnv: Add trace events for PCI event notification 2021-02-10 10:43:50 +11:00
ppc-uic.c misc: Correct relative include path 2021-06-05 21:10:42 +02:00
realview_gic.c error: Eliminate error_propagate() with Coccinelle, part 1 2020-07-10 15:18:08 +02:00
rx_icu.c hw/intc: fix heap-buffer-overflow in rxicu_realize() 2020-11-23 10:41:58 +00:00
s390_flic_kvm.c Do not include cpu.h if it's not really necessary 2021-05-02 17:24:51 +02:00
s390_flic.c Do not include cpu.h if it's not really necessary 2021-05-02 17:24:51 +02:00
sh_intc.c Include hw/hw.h exactly where needed 2019-08-16 13:31:52 +02:00
sifive_clint.c hw/riscv: Move sifive_clint model to hw/intc 2020-09-09 15:54:19 -07:00
sifive_plic.c Do not include hw/boards.h if it's not really necessary 2021-05-02 17:24:51 +02:00
slavio_intctl.c Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
spapr_xive_kvm.c sysemu: Let VMChangeStateHandler take boolean 'running' argument 2021-03-09 23:13:57 +01:00
spapr_xive.c hw/intc/spapr_xive: Use device_cold_reset() instead of device_legacy_reset() 2021-05-04 13:12:59 +10:00
trace-events docs: fix references to docs/devel/tracing.rst 2021-06-02 06:51:09 +02:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00
vgic_common.h intc/gic: Extract some reusable vGIC code 2015-09-24 01:29:36 +01:00
xics_kvm.c Do not include cpu.h if it's not really necessary 2021-05-02 17:24:51 +02:00
xics_pnv.c non-virt: Fix Lesser GPL version number 2020-11-15 16:38:24 +01:00
xics_spapr.c Do not include cpu.h if it's not really necessary 2021-05-02 17:24:51 +02:00
xics.c Do not include cpu.h if it's not really necessary 2021-05-02 17:24:51 +02:00
xilinx_intc.c Use DECLARE_*CHECKER* macros 2020-09-09 09:27:09 -04:00
xive.c ppc/xive: Add firmware bit when dumping the ENDs 2021-02-10 10:43:50 +11:00
xlnx-pmu-iomod-intc.c qdev: set properties with device_class_set_props() 2020-01-24 20:59:15 +01:00
xlnx-zynqmp-ipi.c Include migration/vmstate.h less 2019-08-16 13:31:52 +02:00