841956ecbc
- tests: bump QOS_PATH_MAX_ELEMENT_SIZE again - softmmu/physmem: fix memory leak in dirty_memory_extend() - crypto: run qcrypto_pbkdf2_count_iters in a new thread - hw/audio/virtio-sound: fix heap buffer overflow - hw/intc/arm_gic: fix spurious level triggered interrupts - ui/sdl2: set swap interval explicitly when OpenGL is enabled - target/riscv/kvm: tolerate KVM disable ext errors - virtio: remove virtio_tswap16s() call in vring_packed_event_read() - block: fix -Werror=maybe-uninitialized false-positive - hw/remote/vfio-user: Fix config space access byte order - hw/loongarch/virt: Fix memory leak - hw/intc/riscv_aplic: APLICs should add child earlier than realize - stdvga: fix screen blanking - ui/gtk: Draw guest frame at refresh cycle - target/i386: fix size of EBP writeback in gen_enter() - virtio-net: drop too short packets early - target/ppc: Fix lxv/stxv MSR facility check - target/ppc: Fix lxvx/stxvx facility check - virtio-snd: add max size bounds check in input cb(CVE-2024-7730) Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com> (cherry picked from commit e2eb79f1867bb8d8d870e758f06d2a32b3a4fc8a)
50 lines
2.1 KiB
Diff
50 lines
2.1 KiB
Diff
From 6165cf85acd2600c8e0edb062d627e4cb42083af Mon Sep 17 00:00:00 2001
|
|
From: Mattias Nissler <mnissler@rivosinc.com>
|
|
Date: Wed, 23 Aug 2023 02:29:30 -0700
|
|
Subject: [PATCH] hw/remote/vfio-user: Fix config space access byte order
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
PCI config space is little-endian, so on a big-endian host we need to
|
|
perform byte swaps for values as they are passed to and received from
|
|
the generic PCI config space access machinery.
|
|
|
|
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
|
|
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
|
|
Reviewed-by: Jagannathan Raman <jag.raman@oracle.com>
|
|
Signed-off-by: Mattias Nissler <mnissler@rivosinc.com>
|
|
Message-ID: <20240507094210.300566-6-mnissler@rivosinc.com>
|
|
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
|
|
(cherry picked from commit e6578f1f68a0e90789a841ada532c3e494c9a04c)
|
|
Signed-off-by: zhujun2 <zhujun2_yewu@cmss.chinamobile.com>
|
|
---
|
|
hw/remote/vfio-user-obj.c | 4 ++--
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/hw/remote/vfio-user-obj.c b/hw/remote/vfio-user-obj.c
|
|
index 8b10c32a3c..8b708422fe 100644
|
|
--- a/hw/remote/vfio-user-obj.c
|
|
+++ b/hw/remote/vfio-user-obj.c
|
|
@@ -281,7 +281,7 @@ static ssize_t vfu_object_cfg_access(vfu_ctx_t *vfu_ctx, char * const buf,
|
|
while (bytes > 0) {
|
|
len = (bytes > pci_access_width) ? pci_access_width : bytes;
|
|
if (is_write) {
|
|
- memcpy(&val, ptr, len);
|
|
+ val = ldn_le_p(ptr, len);
|
|
pci_host_config_write_common(o->pci_dev, offset,
|
|
pci_config_size(o->pci_dev),
|
|
val, len);
|
|
@@ -289,7 +289,7 @@ static ssize_t vfu_object_cfg_access(vfu_ctx_t *vfu_ctx, char * const buf,
|
|
} else {
|
|
val = pci_host_config_read_common(o->pci_dev, offset,
|
|
pci_config_size(o->pci_dev), len);
|
|
- memcpy(ptr, &val, len);
|
|
+ stn_le_p(ptr, len, val);
|
|
trace_vfu_cfg_read(offset, val);
|
|
}
|
|
offset += len;
|
|
--
|
|
2.41.0.windows.1
|
|
|