diff options
author | Markus Armbruster <armbru@redhat.com> | 2013-01-16 14:50:28 +0100 |
---|---|---|
committer | Blue Swirl <blauwirbel@gmail.com> | 2013-01-19 10:22:44 +0000 |
commit | 089da572b956ef0f8f5b8d5917358e07892a77c2 (patch) | |
tree | 3bcc9c8123e3e21e6645eaa63e97914447e9e25c /hw | |
parent | b3dd15529de22cd4bcedb6344105e87878d971b6 (diff) | |
download | qemu-089da572b956ef0f8f5b8d5917358e07892a77c2.zip qemu-089da572b956ef0f8f5b8d5917358e07892a77c2.tar.gz qemu-089da572b956ef0f8f5b8d5917358e07892a77c2.tar.bz2 |
fw_cfg: Use void *, size_t instead of uint8_t *, uint32_t for blobs
Many callers pass size_t, which gets silently truncated to uint32_t.
Harmless, because all practical sizes are well below 4GiB. Clean it
up anyway. Size overflow now fails assertions.
Bonus: saves a whole bunch of silly casts.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Diffstat (limited to 'hw')
-rw-r--r-- | hw/fw_cfg.c | 31 | ||||
-rw-r--r-- | hw/fw_cfg.h | 8 | ||||
-rw-r--r-- | hw/pc.c | 13 |
3 files changed, 26 insertions, 26 deletions
diff --git a/hw/fw_cfg.c b/hw/fw_cfg.c index 3d6dd5f..699383c 100644 --- a/hw/fw_cfg.c +++ b/hw/fw_cfg.c @@ -373,23 +373,23 @@ static const VMStateDescription vmstate_fw_cfg = { } }; -void fw_cfg_add_bytes(FWCfgState *s, uint16_t key, uint8_t *data, uint32_t len) +void fw_cfg_add_bytes(FWCfgState *s, uint16_t key, void *data, size_t len) { int arch = !!(key & FW_CFG_ARCH_LOCAL); key &= FW_CFG_ENTRY_MASK; - assert(key < FW_CFG_MAX_ENTRY); + assert(key < FW_CFG_MAX_ENTRY && len < UINT32_MAX); s->entries[arch][key].data = data; - s->entries[arch][key].len = len; + s->entries[arch][key].len = (uint32_t)len; } void fw_cfg_add_string(FWCfgState *s, uint16_t key, const char *value) { size_t sz = strlen(value) + 1; - return fw_cfg_add_bytes(s, key, (uint8_t *)g_memdup(value, sz), sz); + return fw_cfg_add_bytes(s, key, g_memdup(value, sz), sz); } void fw_cfg_add_i16(FWCfgState *s, uint16_t key, uint16_t value) @@ -398,7 +398,7 @@ void fw_cfg_add_i16(FWCfgState *s, uint16_t key, uint16_t value) copy = g_malloc(sizeof(value)); *copy = cpu_to_le16(value); - fw_cfg_add_bytes(s, key, (uint8_t *)copy, sizeof(value)); + fw_cfg_add_bytes(s, key, copy, sizeof(value)); } void fw_cfg_add_i32(FWCfgState *s, uint16_t key, uint32_t value) @@ -407,7 +407,7 @@ void fw_cfg_add_i32(FWCfgState *s, uint16_t key, uint32_t value) copy = g_malloc(sizeof(value)); *copy = cpu_to_le32(value); - fw_cfg_add_bytes(s, key, (uint8_t *)copy, sizeof(value)); + fw_cfg_add_bytes(s, key, copy, sizeof(value)); } void fw_cfg_add_i64(FWCfgState *s, uint16_t key, uint64_t value) @@ -416,11 +416,11 @@ void fw_cfg_add_i64(FWCfgState *s, uint16_t key, uint64_t value) copy = g_malloc(sizeof(value)); *copy = cpu_to_le64(value); - fw_cfg_add_bytes(s, key, (uint8_t *)copy, sizeof(value)); + fw_cfg_add_bytes(s, key, copy, sizeof(value)); } void fw_cfg_add_callback(FWCfgState *s, uint16_t key, FWCfgCallback callback, - void *callback_opaque, uint8_t *data, size_t len) + void *callback_opaque, void *data, size_t len) { int arch = !!(key & FW_CFG_ARCH_LOCAL); @@ -428,23 +428,24 @@ void fw_cfg_add_callback(FWCfgState *s, uint16_t key, FWCfgCallback callback, key &= FW_CFG_ENTRY_MASK; - assert(key < FW_CFG_MAX_ENTRY && len <= 65535); + assert(key < FW_CFG_MAX_ENTRY && len <= UINT32_MAX); s->entries[arch][key].data = data; - s->entries[arch][key].len = len; + s->entries[arch][key].len = (uint32_t)len; s->entries[arch][key].callback_opaque = callback_opaque; s->entries[arch][key].callback = callback; } -void fw_cfg_add_file(FWCfgState *s, const char *filename, uint8_t *data, - uint32_t len) +void fw_cfg_add_file(FWCfgState *s, const char *filename, + void *data, size_t len) { int i, index; + size_t dsize; if (!s->files) { - int dsize = sizeof(uint32_t) + sizeof(FWCfgFile) * FW_CFG_FILE_SLOTS; + dsize = sizeof(uint32_t) + sizeof(FWCfgFile) * FW_CFG_FILE_SLOTS; s->files = g_malloc0(dsize); - fw_cfg_add_bytes(s, FW_CFG_FILE_DIR, (uint8_t*)s->files, dsize); + fw_cfg_add_bytes(s, FW_CFG_FILE_DIR, s->files, dsize); } index = be32_to_cpu(s->files->count); @@ -498,7 +499,7 @@ FWCfgState *fw_cfg_init(uint32_t ctl_port, uint32_t data_port, if (data_addr) { sysbus_mmio_map(d, 1, data_addr); } - fw_cfg_add_bytes(s, FW_CFG_SIGNATURE, (uint8_t *)"QEMU", 4); + fw_cfg_add_bytes(s, FW_CFG_SIGNATURE, (char *)"QEMU", 4); fw_cfg_add_bytes(s, FW_CFG_UUID, qemu_uuid, 16); fw_cfg_add_i16(s, FW_CFG_NOGRAPHIC, (uint16_t)(display_type == DT_NOGRAPHIC)); fw_cfg_add_i16(s, FW_CFG_NB_CPUS, (uint16_t)smp_cpus); diff --git a/hw/fw_cfg.h b/hw/fw_cfg.h index c2c57cd..05c8df1 100644 --- a/hw/fw_cfg.h +++ b/hw/fw_cfg.h @@ -54,15 +54,15 @@ typedef struct FWCfgFiles { typedef void (*FWCfgCallback)(void *opaque, uint8_t *data); typedef struct FWCfgState FWCfgState; -void fw_cfg_add_bytes(FWCfgState *s, uint16_t key, uint8_t *data, uint32_t len); +void fw_cfg_add_bytes(FWCfgState *s, uint16_t key, void *data, size_t len); void fw_cfg_add_string(FWCfgState *s, uint16_t key, const char *value); void fw_cfg_add_i16(FWCfgState *s, uint16_t key, uint16_t value); void fw_cfg_add_i32(FWCfgState *s, uint16_t key, uint32_t value); void fw_cfg_add_i64(FWCfgState *s, uint16_t key, uint64_t value); void fw_cfg_add_callback(FWCfgState *s, uint16_t key, FWCfgCallback callback, - void *callback_opaque, uint8_t *data, size_t len); -void fw_cfg_add_file(FWCfgState *s, const char *filename, uint8_t *data, - uint32_t len); + void *callback_opaque, void *data, size_t len); +void fw_cfg_add_file(FWCfgState *s, const char *filename, void *data, + size_t len); FWCfgState *fw_cfg_init(uint32_t ctl_port, uint32_t data_port, hwaddr crl_addr, hwaddr data_addr); @@ -563,19 +563,18 @@ static void *bochs_bios_init(void) fw_cfg_add_i32(fw_cfg, FW_CFG_ID, 1); fw_cfg_add_i64(fw_cfg, FW_CFG_RAM_SIZE, (uint64_t)ram_size); - fw_cfg_add_bytes(fw_cfg, FW_CFG_ACPI_TABLES, (uint8_t *)acpi_tables, - acpi_tables_len); + fw_cfg_add_bytes(fw_cfg, FW_CFG_ACPI_TABLES, + acpi_tables, acpi_tables_len); fw_cfg_add_i32(fw_cfg, FW_CFG_IRQ0_OVERRIDE, kvm_allows_irq0_override()); smbios_table = smbios_get_table(&smbios_len); if (smbios_table) fw_cfg_add_bytes(fw_cfg, FW_CFG_SMBIOS_ENTRIES, smbios_table, smbios_len); - fw_cfg_add_bytes(fw_cfg, FW_CFG_E820_TABLE, (uint8_t *)&e820_table, - sizeof(e820_table)); + fw_cfg_add_bytes(fw_cfg, FW_CFG_E820_TABLE, + &e820_table, sizeof(e820_table)); - fw_cfg_add_bytes(fw_cfg, FW_CFG_HPET, (uint8_t *)&hpet_cfg, - sizeof(struct hpet_fw_config)); + fw_cfg_add_bytes(fw_cfg, FW_CFG_HPET, &hpet_cfg, sizeof(hpet_cfg)); /* allocate memory for the NUMA channel: one (64bit) word for the number * of nodes, one word for each VCPU->node and one word for each node to * hold the amount of memory. @@ -593,7 +592,7 @@ static void *bochs_bios_init(void) for (i = 0; i < nb_numa_nodes; i++) { numa_fw_cfg[max_cpus + 1 + i] = cpu_to_le64(node_mem[i]); } - fw_cfg_add_bytes(fw_cfg, FW_CFG_NUMA, (uint8_t *)numa_fw_cfg, + fw_cfg_add_bytes(fw_cfg, FW_CFG_NUMA, numa_fw_cfg, (1 + max_cpus + nb_numa_nodes) * sizeof(*numa_fw_cfg)); return fw_cfg; |