aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGerd Hoffmann <kraxel@redhat.com>2016-06-22 14:07:22 +0200
committerGerd Hoffmann <kraxel@redhat.com>2016-07-06 10:31:11 +0200
commit726bdf653aca9b87e28c9a56dd94c4667ddfacbc (patch)
tree829b54be1efd572f9e5df89ed1dc4f7b70d7b1ab
parent2f5ae772c62499873a0da8fffa03594753eb8fa8 (diff)
qxl: factor out qxl_get_check_slot_offset
New helper function which translates a qxl physical address into memory slot and offset. Also applies sanity checks. Factored out from qxl_phys2virt. No functional change. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 1466597244-5938-1-git-send-email-kraxel@redhat.com
-rw-r--r--hw/display/qxl.c59
1 files changed, 38 insertions, 21 deletions
diff --git a/hw/display/qxl.c b/hw/display/qxl.c
index 47cc6f478a..2ea4e3bc7a 100644
--- a/hw/display/qxl.c
+++ b/hw/display/qxl.c
@@ -1338,36 +1338,53 @@ static void qxl_reset_surfaces(PCIQXLDevice *d)
}
/* can be also called from spice server thread context */
-void *qxl_phys2virt(PCIQXLDevice *qxl, QXLPHYSICAL pqxl, int group_id)
+static bool qxl_get_check_slot_offset(PCIQXLDevice *qxl, QXLPHYSICAL pqxl,
+ uint32_t *s, uint64_t *o)
{
uint64_t phys = le64_to_cpu(pqxl);
uint32_t slot = (phys >> (64 - 8)) & 0xff;
uint64_t offset = phys & 0xffffffffffff;
- switch (group_id) {
- case MEMSLOT_GROUP_HOST:
- return (void *)(intptr_t)offset;
- case MEMSLOT_GROUP_GUEST:
- if (slot >= NUM_MEMSLOTS) {
- qxl_set_guest_bug(qxl, "slot too large %d >= %d", slot,
- NUM_MEMSLOTS);
- return NULL;
- }
- if (!qxl->guest_slots[slot].active) {
- qxl_set_guest_bug(qxl, "inactive slot %d\n", slot);
- return NULL;
- }
- if (offset < qxl->guest_slots[slot].delta) {
- qxl_set_guest_bug(qxl,
+ if (slot >= NUM_MEMSLOTS) {
+ qxl_set_guest_bug(qxl, "slot too large %d >= %d", slot,
+ NUM_MEMSLOTS);
+ return false;
+ }
+ if (!qxl->guest_slots[slot].active) {
+ qxl_set_guest_bug(qxl, "inactive slot %d\n", slot);
+ return false;
+ }
+ if (offset < qxl->guest_slots[slot].delta) {
+ qxl_set_guest_bug(qxl,
"slot %d offset %"PRIu64" < delta %"PRIu64"\n",
slot, offset, qxl->guest_slots[slot].delta);
- return NULL;
- }
- offset -= qxl->guest_slots[slot].delta;
- if (offset > qxl->guest_slots[slot].size) {
- qxl_set_guest_bug(qxl,
+ return false;
+ }
+ offset -= qxl->guest_slots[slot].delta;
+ if (offset > qxl->guest_slots[slot].size) {
+ qxl_set_guest_bug(qxl,
"slot %d offset %"PRIu64" > size %"PRIu64"\n",
slot, offset, qxl->guest_slots[slot].size);
+ return false;
+ }
+
+ *s = slot;
+ *o = offset;
+ return true;
+}
+
+/* can be also called from spice server thread context */
+void *qxl_phys2virt(PCIQXLDevice *qxl, QXLPHYSICAL pqxl, int group_id)
+{
+ uint64_t offset;
+ uint32_t slot;
+
+ switch (group_id) {
+ case MEMSLOT_GROUP_HOST:
+ offset = le64_to_cpu(pqxl) & 0xffffffffffff;
+ return (void *)(intptr_t)offset;
+ case MEMSLOT_GROUP_GUEST:
+ if (!qxl_get_check_slot_offset(qxl, pqxl, &slot, &offset)) {
return NULL;
}
return qxl->guest_slots[slot].ptr + offset;