aboutsummaryrefslogtreecommitdiff
path: root/hw/i386
diff options
context:
space:
mode:
authorYan Zhao <yan.y.zhao@intel.com>2019-06-24 17:18:10 +0800
committerPaolo Bonzini <pbonzini@redhat.com>2019-07-05 22:16:46 +0200
commitd6d10793dcfa33504745be40b49bd747ff8752ef (patch)
tree5e95f811da1f15b8d11b00841428dfe79f5934a4 /hw/i386
parent9dc83cd9c3cd766263a7180bccaf67afe970d816 (diff)
downloadqemu-d6d10793dcfa33504745be40b49bd747ff8752ef.zip
qemu-d6d10793dcfa33504745be40b49bd747ff8752ef.tar.gz
qemu-d6d10793dcfa33504745be40b49bd747ff8752ef.tar.bz2
intel_iommu: Fix incorrect "end" for vtd_address_space_unmap
IOMMUNotifier is with inclusive ranges, so we should check against (VTD_ADDRESS_SIZE(s->aw_bits) - 1). Signed-off-by: Yan Zhao <yan.y.zhao@intel.com> [peterx: split from another bigger patch] Reviewed-by: Eric Auger <eric.auger@redhat.com> Signed-off-by: Peter Xu <peterx@redhat.com> Message-Id: <20190624091811.30412-2-peterx@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'hw/i386')
-rw-r--r--hw/i386/intel_iommu.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c
index 44b1231..719ce19 100644
--- a/hw/i386/intel_iommu.c
+++ b/hw/i386/intel_iommu.c
@@ -3379,12 +3379,12 @@ static void vtd_address_space_unmap(VTDAddressSpace *as, IOMMUNotifier *n)
* VT-d spec), otherwise we need to consider overflow of 64 bits.
*/
- if (end > VTD_ADDRESS_SIZE(s->aw_bits)) {
+ if (end > VTD_ADDRESS_SIZE(s->aw_bits) - 1) {
/*
* Don't need to unmap regions that is bigger than the whole
* VT-d supported address space size
*/
- end = VTD_ADDRESS_SIZE(s->aw_bits);
+ end = VTD_ADDRESS_SIZE(s->aw_bits) - 1;
}
assert(start <= end);