diff options
| author | Ethan Milon <ethan.milon@eviden.com> | 2025-06-17 15:04:27 +0000 |
|---|---|---|
| committer | Michael S. Tsirkin <mst@redhat.com> | 2025-07-14 09:16:40 -0400 |
| commit | 5788929e05e18ed5f76dc8ade4210f022c9ba5a1 (patch) | |
| tree | 87bceefbd4dc0e994c22e7862383a4874d4198f4 | |
| parent | 5959b641c98b5ae9677e2c1d89902dac31b344d9 (diff) | |
| download | qemu-5788929e05e18ed5f76dc8ade4210f022c9ba5a1.zip qemu-5788929e05e18ed5f76dc8ade4210f022c9ba5a1.tar.gz qemu-5788929e05e18ed5f76dc8ade4210f022c9ba5a1.tar.bz2 | |
amd_iommu: Fix truncation of oldval in amdvi_writeq
The variable `oldval` was incorrectly declared as a 32-bit `uint32_t`.
This could lead to truncation and incorrect behavior where the upper
read-only 32 bits are significant.
Fix the type of `oldval` to match the return type of `ldq_le_p()`.
Cc: qemu-stable@nongnu.org
Fixes: d29a09ca6842 ("hw/i386: Introduce AMD IOMMU")
Signed-off-by: Ethan Milon <ethan.milon@eviden.com>
Message-Id: <20250617150427.20585-9-alejandro.j.jimenez@oracle.com>
Reviewed-by: Vasant Hegde <vasant.hegde@amd.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
| -rw-r--r-- | hw/i386/amd_iommu.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/hw/i386/amd_iommu.c b/hw/i386/amd_iommu.c index 92f94dc..5a24c17 100644 --- a/hw/i386/amd_iommu.c +++ b/hw/i386/amd_iommu.c @@ -140,7 +140,7 @@ static void amdvi_writeq(AMDVIState *s, hwaddr addr, uint64_t val) { uint64_t romask = ldq_le_p(&s->romask[addr]); uint64_t w1cmask = ldq_le_p(&s->w1cmask[addr]); - uint32_t oldval = ldq_le_p(&s->mmior[addr]); + uint64_t oldval = ldq_le_p(&s->mmior[addr]); stq_le_p(&s->mmior[addr], ((oldval & romask) | (val & ~romask)) & ~(val & w1cmask)); } |