Commit d7b6a894 authored by Alexandru Elisei's avatar Alexandru Elisei
Browse files

Check that a PCI device's memory size is power of two

According to the PCI local bus specification [1], a device's memory size
must be a power of two. This is also implicit in the mechanism that a CPU
uses to get the memory size requirement for a PCI device.

The vesa device requests a memory size that isn't a power of two.
According to the same spec [1], a device is allowed to consume more memory
than it actually requires. As a result, the amount of memory that the vesa
device now reserves has been increased.

To prevent slip-ups in the future, a few BUILD_BUG_ON statements were added
in places where the memory size is known at compile time.

[1] PCI Local Bus Specification Revision 3.0, section 6.2.5.1
parent 5cb470e4
......@@ -58,6 +58,8 @@ struct framebuffer *vesa__init(struct kvm *kvm)
char *mem;
int r;
BUILD_BUG_ON(!is_power_of_two(VESA_MEM_SIZE));
if (!kvm->cfg.vnc && !kvm->cfg.sdl && !kvm->cfg.gtk)
return NULL;
......
......@@ -104,6 +104,8 @@ static inline unsigned long roundup_pow_of_two(unsigned long x)
return x ? 1UL << fls_long(x - 1) : 0;
}
#define is_power_of_two(x) ((x) ? ((x) & ((x) - 1)) == 0 : 0)
struct kvm;
void *mmap_hugetlbfs(struct kvm *kvm, const char *htlbfs_path, u64 size);
void *mmap_anon_or_hugetlbfs(struct kvm *kvm, const char *hugetlbfs_path, u64 size);
......
......@@ -5,8 +5,12 @@
#define VESA_HEIGHT 480
#define VESA_MEM_ADDR 0xd0000000
#define VESA_MEM_SIZE (4*VESA_WIDTH*VESA_HEIGHT)
#define VESA_BPP 32
/*
* We actually only need VESA_BPP/8*VESA_WIDTH*VESA_HEIGHT bytes. But the memory
* size must be a power of 2, so we round up.
*/
#define VESA_MEM_SIZE (1 << 21)
struct kvm;
struct biosregs;
......
......@@ -831,6 +831,11 @@ static int vfio_pci_configure_bar(struct kvm *kvm, struct vfio_device *vdev,
/* Ignore invalid or unimplemented regions */
if (!region->info.size)
return 0;
if (!is_power_of_two(region->info.size)) {
vfio_dev_err(vdev, "region is not power of two: 0x%llx",
region->info.size);
return -EINVAL;
}
if (pdev->irq_modes & VFIO_PCI_IRQ_MODE_MSIX) {
/* Trap and emulate MSI-X table */
......
......@@ -435,6 +435,9 @@ int virtio_pci__init(struct kvm *kvm, void *dev, struct virtio_device *vdev,
vpci->kvm = kvm;
vpci->dev = dev;
BUILD_BUG_ON(!is_power_of_two(IOPORT_SIZE));
BUILD_BUG_ON(!is_power_of_two(PCI_IO_SIZE));
r = ioport__register(kvm, IOPORT_EMPTY, &virtio_pci__io_ops, IOPORT_SIZE, vdev);
if (r < 0)
return r;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment