From 46b25fe08b37ea87b7c576a37c27c608f4d7621e Mon Sep 17 00:00:00 2001 From: Jan Charvat Date: Mon, 14 Sep 2020 10:13:37 +0200 Subject: hw/net/can: sja1000 ignore CAN FD frames Signed-off-by: Jan Charvat Signed-off-by: Pavel Pisa Reviewed-by: Vikram Garhwal Message-Id: <48d9ebf6b64e7652851c12fe4566e06b44803372.1600069689.git.pisa@cmp.felk.cvut.cz> Signed-off-by: Paolo Bonzini --- hw/net/can/can_sja1000.c | 29 +++++++++++++++++++++++------ 1 file changed, 23 insertions(+), 6 deletions(-) (limited to 'hw/net') diff --git a/hw/net/can/can_sja1000.c b/hw/net/can/can_sja1000.c index ec66d4232d..42d2f99dfb 100644 --- a/hw/net/can/can_sja1000.c +++ b/hw/net/can/can_sja1000.c @@ -323,11 +323,16 @@ static void buff2frame_bas(const uint8_t *buff, qemu_can_frame *frame) static int frame2buff_pel(const qemu_can_frame *frame, uint8_t *buff) { int i; + int dlen = frame->can_dlc; if (frame->can_id & QEMU_CAN_ERR_FLAG) { /* error frame, NOT support now. */ return -1; } + if (dlen > 8) { + return -1; + } + buff[0] = 0x0f & frame->can_dlc; /* DLC */ if (frame->can_id & QEMU_CAN_RTR_FLAG) { /* RTR */ buff[0] |= (1 << 6); @@ -338,18 +343,18 @@ static int frame2buff_pel(const qemu_can_frame *frame, uint8_t *buff) buff[2] = extract32(frame->can_id, 13, 8); /* ID.20~ID.13 */ buff[3] = extract32(frame->can_id, 5, 8); /* ID.12~ID.05 */ buff[4] = extract32(frame->can_id, 0, 5) << 3; /* ID.04~ID.00,xxx */ - for (i = 0; i < frame->can_dlc; i++) { + for (i = 0; i < dlen; i++) { buff[5 + i] = frame->data[i]; } - return frame->can_dlc + 5; + return dlen + 5; } else { /* SFF */ buff[1] = extract32(frame->can_id, 3, 8); /* ID.10~ID.03 */ buff[2] = extract32(frame->can_id, 0, 3) << 5; /* ID.02~ID.00,xxxxx */ - for (i = 0; i < frame->can_dlc; i++) { + for (i = 0; i < dlen; i++) { buff[3 + i] = frame->data[i]; } - return frame->can_dlc + 3; + return dlen + 3; } return -1; @@ -358,6 +363,7 @@ static int frame2buff_pel(const qemu_can_frame *frame, uint8_t *buff) static int frame2buff_bas(const qemu_can_frame *frame, uint8_t *buff) { int i; + int dlen = frame->can_dlc; /* * EFF, no support for BasicMode @@ -369,17 +375,21 @@ static int frame2buff_bas(const qemu_can_frame *frame, uint8_t *buff) return -1; } + if (dlen > 8) { + return -1; + } + buff[0] = extract32(frame->can_id, 3, 8); /* ID.10~ID.03 */ buff[1] = extract32(frame->can_id, 0, 3) << 5; /* ID.02~ID.00,xxxxx */ if (frame->can_id & QEMU_CAN_RTR_FLAG) { /* RTR */ buff[1] |= (1 << 4); } buff[1] |= frame->can_dlc & 0x0f; - for (i = 0; i < frame->can_dlc; i++) { + for (i = 0; i < dlen; i++) { buff[2 + i] = frame->data[i]; } - return frame->can_dlc + 2; + return dlen + 2; } static void can_sja_update_pel_irq(CanSJA1000State *s) @@ -766,6 +776,13 @@ ssize_t can_sja_receive(CanBusClientState *client, const qemu_can_frame *frames, if (frames_cnt <= 0) { return 0; } + if (frame->flags & QEMU_CAN_FRMF_TYPE_FD) { + if (DEBUG_FILTER) { + can_display_msg("[cansja]: ignor fd frame ", frame); + } + return 1; + } + if (DEBUG_FILTER) { can_display_msg("[cansja]: receive ", frame); } -- cgit v1.2.3