From patchwork Mon Dec 6 16:22:10 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alex Williamson X-Patchwork-Id: 378712 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by demeter1.kernel.org (8.14.4/8.14.3) with ESMTP id oB6GMKVi027886 for ; Mon, 6 Dec 2010 16:22:21 GMT Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753834Ab0LFQWM (ORCPT ); Mon, 6 Dec 2010 11:22:12 -0500 Received: from mx1.redhat.com ([209.132.183.28]:37579 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753831Ab0LFQWL (ORCPT ); Mon, 6 Dec 2010 11:22:11 -0500 Received: from int-mx02.intmail.prod.int.phx2.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id oB6GMBXD024569 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Mon, 6 Dec 2010 11:22:11 -0500 Received: from s20.home (ovpn01.gateway.prod.ext.phx2.redhat.com [10.5.9.1]) by int-mx02.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id oB6GMA8S028433; Mon, 6 Dec 2010 11:22:10 -0500 From: Alex Williamson Subject: [PATCH v2 1/5] device-assignment: Fix off-by-one in header check To: kvm@vger.kernel.org Cc: alex.williamson@redhat.com, ddutile@redhat.com, mst@redhat.com, chrisw@redhat.com Date: Mon, 06 Dec 2010 09:22:10 -0700 Message-ID: <20101206162205.4648.15697.stgit@s20.home> In-Reply-To: <20101206161810.4648.45658.stgit@s20.home> References: <20101206161810.4648.45658.stgit@s20.home> User-Agent: StGIT/0.14.3 MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.67 on 10.5.11.12 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by milter-greylist-4.2.3 (demeter1.kernel.org [140.211.167.41]); Mon, 06 Dec 2010 16:22:21 +0000 (UTC) diff --git a/hw/device-assignment.c b/hw/device-assignment.c index 832c236..6d6e657 100644 --- a/hw/device-assignment.c +++ b/hw/device-assignment.c @@ -410,7 +410,7 @@ static void assigned_dev_pci_write_config(PCIDevice *d, uint32_t address, ((d->devfn >> 3) & 0x1F), (d->devfn & 0x7), (uint16_t) address, val, len); - if (address > PCI_CONFIG_HEADER_SIZE && d->config_map[address]) { + if (address >= PCI_CONFIG_HEADER_SIZE && d->config_map[address]) { return assigned_device_pci_cap_write_config(d, address, val, len); } @@ -456,7 +456,7 @@ static uint32_t assigned_dev_pci_read_config(PCIDevice *d, uint32_t address, if (address < 0x4 || (pci_dev->need_emulate_cmd && address == 0x4) || (address >= 0x10 && address <= 0x24) || address == 0x30 || address == 0x34 || address == 0x3c || address == 0x3d || - (address > PCI_CONFIG_HEADER_SIZE && d->config_map[address])) { + (address >= PCI_CONFIG_HEADER_SIZE && d->config_map[address])) { val = pci_default_read_config(d, address, len); DEBUG("(%x.%x): address=%04x val=0x%08x len=%d\n", (d->devfn >> 3) & 0x1F, (d->devfn & 0x7), address, val, len);