aboutsummaryrefslogtreecommitdiff
path: root/hw/intc/openpic.c
AgeCommit message (Collapse)Author
2014-07-20openpic: avoid buffer overrun on incoming migrationMichael Roth
CVE-2013-4534 opp->nb_cpus is read from the wire and used to determine how many IRQDest elements to read into opp->dst[]. If the value exceeds the length of opp->dst[], MAX_CPU, opp->dst[] can be overrun with arbitrary data from the wire. Fix this by failing migration if the value read from the wire exceeds MAX_CPU. Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com> Reviewed-by: Alexander Graf <agraf@suse.de> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com> (cherry picked from commit 73d963c0a75cb99c6aaa3f6f25e427aa0b35a02e) Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
2014-03-27hw/intc/openpic: Avoid shifting left into sign bitPeter Maydell
Add U suffix to avoid undefined behaviour. This is only strictly necessary for the 1 << 31 cases; for consistency we extend it to other constants in the same group. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-07-09intc/openpic: Build openpic only onceAndreas Färber
Since current_cpu is CPUState it no longer depends on CPUPPCState. Move ppce500_set_mpic_proxy() to a new hw/ppc/ppc_e500.h because hw/ppc/ppc.h is too heavily using CPUPPCState and PowerPCCPU. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-09cpu: Replace cpu_single_env with CPUState current_cpuAndreas Färber
Move it to qom/cpu.h. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-04hw/i*: pass owner to memory_region_init* functionsPaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-07-04memory: add owner argument to initialization functionsPaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-07-01intc/openpic: Convert to QOM realizeAndreas Färber
Split qdev initfn into instance_init and realize functions. Change one occurrence of "klass" while at it. Signed-off-by: Andreas Färber <afaerber@suse.de> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-07-01intc/openpic: QOM'ifyAndreas Färber
Introduce type constant and cast macro. Signed-off-by: Andreas Färber <afaerber@suse.de> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-07-01openpic: factor out some common defines into openpic.hScott Wood
...for use by the KVM in-kernel irqchip stub. Signed-off-by: Scott Wood <scottwood@freescale.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-04-08hw: move interrupt controllers to hw/intc/, configure with default-configs/Paolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
generated by cgit v1.2.3 (git 2.26.2) at 2025-03-15 14:44:37 +0000