From patchwork Tue Jul 30 09:21:34 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= X-Patchwork-Id: 815276 Delivered-To: patch@linaro.org Received: by 2002:a5d:4acf:0:b0:367:895a:4699 with SMTP id y15csp210515wrs; Tue, 30 Jul 2024 02:23:24 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCXpJjPmIp6/1YBaOe1FA+3c6djQpFcmavcgOspkM5AVmnpvqDowf7dsN3rgsHCehSRFxbr+iGn+IJfRjjJxliVL X-Google-Smtp-Source: AGHT+IGZjGkIoYxh1GP0Nc01oORSnPRr6VDmiQ6Qo6YJQM+S2VLMi+8qYKzHygTwQ551KnOEv8LZ X-Received: by 2002:a05:620a:1aa7:b0:79e:f9c8:a223 with SMTP id af79cd13be357-7a1e522f758mr1179172785a.6.1722331404741; Tue, 30 Jul 2024 02:23:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1722331404; cv=none; d=google.com; s=arc-20160816; b=PW5G6ip9chx19f1coKSEAhEZVpu3xfiASCPOn37VoFjR2nNa1Qr4SlRe/MntgsSFGr 7bkNnFo8IkWZYV7CM/vhFXCgTJGgQYzDAfyjioBfcWexEdwJq1EZGYiOg8Jluix2iCPf jcx5BOWBGFmNhCNOZylCQf5ADOYYlAjMDi6t9TI5pfCWI4TjhIdiiBoxZKFtTjOxS9DP CcqtWhxCMtj2x1dwAJh6bwnoMbPae7qFD3MrBer3J5x+0gOIU18b/hfACy/xyQK9AqdB 8VYN1ybMfawiTi0pe80qA+HV/4I0OKF3ZjVdZ2BL7YGnVSyK/J8tIIJFUcNS/vlZY2A3 NgYA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=tfhmWzmqXV6T/58ejZO+cBX3Heov2WpdbfnG9/jIhv0=; fh=0a1hE22G74W5F4G5a1EIh7TNSrHN0drAqcdv1Y9cvc8=; b=EZUlEwIMiuSMT16vgE4r2vZ7DOicdz74JwRZqEpSyCKotYBuAeFrcSjK74VQnFSqSg +PLmumnTa+bpLjgWozmhxVSyUvzlQHiWtcwtbqKUEfUivlZRIlfyRsexIH+YmE6mMj8n 2B+2d6GwnYLyngI6Xbr8ItmHt7ZRc6P808qfs82S8weNU/NVeNhAzHQsuU1tp/RY1lbr DDliXmq4CuEYWtVXKZMo7zs075e8nF0//XNoggpRGwFqzhpmB3mKAVcafBhGRq44eRLK PKFCTHBy9hMvMaqqZD/rj9d10+hDA7ej5hIn0Oz6+LRbV8o6YG0U93lOaVtBrgu84try RtKQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=nd1IN17c; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id d75a77b69052e-450217803fdsi44449931cf.58.2024.07.30.02.23.24 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Tue, 30 Jul 2024 02:23:24 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=nd1IN17c; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYj3M-0008Ug-4i; Tue, 30 Jul 2024 05:21:56 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYj3L-0008Tk-1y for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:21:55 -0400 Received: from mail-wm1-x332.google.com ([2a00:1450:4864:20::332]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYj3J-0005jE-Ip for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:21:54 -0400 Received: by mail-wm1-x332.google.com with SMTP id 5b1f17b1804b1-42808071810so24871735e9.1 for ; Tue, 30 Jul 2024 02:21:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722331311; x=1722936111; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=tfhmWzmqXV6T/58ejZO+cBX3Heov2WpdbfnG9/jIhv0=; b=nd1IN17c5Q+jk12PJtBiKJWLm4w56bTH+wCRPTl7UzRfOye6+pw/hCt/5ubHCNJp90 fU5Jwbxh26oQe0vu8GIShd0zkm6fVhcPhoMHJ/Ufd+XUAzkKU5YP4D2Ac5DqqhjvMQNt tWdormQguZm5x3PyzSeS1YQKo21TVXraS/pFkiZVv1vLb+9gelkFmZTTIpO9CBuYIpCz RTN6Q3DSsg+I2N6B5fKI4z2LnoqgpACnc0W/WyTu56oIoTylaeDeNilw0D/JIEsl86vv RvMR5RI25hjtjn4OQROkE4DkBJAPG/5y7v48HBbubsvLbRRb48xI7rN+SeOaKCoVc+JP aFXg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722331311; x=1722936111; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=tfhmWzmqXV6T/58ejZO+cBX3Heov2WpdbfnG9/jIhv0=; b=bTz0sHfM+/R5rY6JjOmaE++pjoSUXAYNdnP0XjwnmPTrvZ+Z8GRJfX1WWTMfV61Bfl j/HCPsgfkicYJny5fdvzsCPdJ63W6RogPsr8nXZXH7CzuEEeuIj/rf52YnlCI5pPTA5n nJAHkosXli1R+SUH2MgNk+hoSf/bk4bfEPacQD7Ej7zBZQudfgyYIyQ9WqnAKj9IfA2k PtDkqH0ZT9+9ie9p3Ui4aBINlWUhMIAbQ6fFLa+pYFrDUMfSqetNynli9K0hMMHfa5li 9F6NYwhIsi3wYZ2jGMXQdxgBzW289fMDgo14N8KDLExvQ7LzG/3h67eZRHpFNM8ANJqt iYzw== X-Gm-Message-State: AOJu0YxSOmX7jOTKWU/OuqJ/+zhIWbJooj/BlP6YmEJ0v76gTWoPx1GB 58tksf3ARXUShzFG9/DRj9VTKSzA/jMTogezmgqy/ijtifx819Qr99qSAWpMLMy3QrZiyrnn3II ZL6E= X-Received: by 2002:a5d:6188:0:b0:364:d2b6:4520 with SMTP id ffacd0b85a97d-36b5cdca638mr7523428f8f.0.1722331311572; Tue, 30 Jul 2024 02:21:51 -0700 (PDT) Received: from localhost.localdomain (82.red-88-28-10.dynamicip.rima-tde.net. [88.28.10.82]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b367fc7c3sm14119489f8f.49.2024.07.30.02.21.49 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Tue, 30 Jul 2024 02:21:51 -0700 (PDT) From: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Cc: Bin Meng , Zheyu Ma , qemu-block@nongnu.org, =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= Subject: [PATCH-for-9.1 1/5] hw/sd/sdcard: Explicit dummy byte value Date: Tue, 30 Jul 2024 11:21:34 +0200 Message-ID: <20240730092138.32443-2-philmd@linaro.org> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240730092138.32443-1-philmd@linaro.org> References: <20240730092138.32443-1-philmd@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::332; envelope-from=philmd@linaro.org; helo=mail-wm1-x332.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org On error the DAT lines are left unmodified to their previous states. QEMU returns 0x00 for convenience. Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Richard Henderson --- hw/sd/sd.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/hw/sd/sd.c b/hw/sd/sd.c index 07cb97d88c..c02f04f1ea 100644 --- a/hw/sd/sd.c +++ b/hw/sd/sd.c @@ -2478,20 +2478,22 @@ void sd_write_byte(SDState *sd, uint8_t value) uint8_t sd_read_byte(SDState *sd) { /* TODO: Append CRCs */ + static const uint8_t dummy_byte = 0x00; uint8_t ret; uint32_t io_len; if (!sd->blk || !blk_is_inserted(sd->blk) || !sd->enable) - return 0x00; + return dummy_byte; if (sd->state != sd_sendingdata_state) { qemu_log_mask(LOG_GUEST_ERROR, "%s: not in Sending-Data state\n", __func__); - return 0x00; + return dummy_byte; } - if (sd->card_status & (ADDRESS_ERROR | WP_VIOLATION)) - return 0x00; + if (sd->card_status & (ADDRESS_ERROR | WP_VIOLATION)) { + return dummy_byte; + } io_len = sd_blk_len(sd); @@ -2517,7 +2519,7 @@ uint8_t sd_read_byte(SDState *sd) if (sd->data_offset == 0) { if (!address_in_range(sd, "READ_MULTIPLE_BLOCK", sd->data_start, io_len)) { - return 0x00; + return dummy_byte; } sd_blk_read(sd, sd->data_start, io_len); } From patchwork Tue Jul 30 09:21:35 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= X-Patchwork-Id: 815273 Delivered-To: patch@linaro.org Received: by 2002:a5d:4acf:0:b0:367:895a:4699 with SMTP id y15csp210385wrs; Tue, 30 Jul 2024 02:22:46 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCUOhMtzzYXLBR/WnE6onDCStRQbIgBvXaNT6ks7rY49ZsBZmcLBkbR4v7TvKZtHgkZSsdkw9lKAcxAOE+kt271Q X-Google-Smtp-Source: AGHT+IFHfNJlK/8HN354z0RGg1ZthOXKEWVgYySuvZo0fGg280mpa8aq/ZZxgZtOBPZUvvTVwT/D X-Received: by 2002:a05:6902:120d:b0:e0b:2afc:a803 with SMTP id 3f1490d57ef6-e0b544ebb73mr10195057276.30.1722331366632; Tue, 30 Jul 2024 02:22:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1722331366; cv=none; d=google.com; s=arc-20160816; b=WlwLHh++DrgeZgmYGkEhNncClycjpluD60IBhOuXGJU97c1TlTpRwtkBuZe2ceG1U2 gQEzoA+cb7bndZEAZ73209tTi4wV7fV2PJtNIJvKgU5JZdBlmlQp1xP9aGA9lah6hNJH AS3tkAUx+qRPY+aJmn1coAJsi3HOr0OfXXSKEOD1vLLmzscrlcYNN3cYdjXQrAPgTwrn 9CV4YtGs0i1J1lKUIo4ls9Rgissnp1Jq5TK1MRdMPNRcdk6m4jPa2V3ET+1nIqBGaptp azmJ7GalRt8lizgRylqrm3H8XV4VMGRAwp7EYcR0OK1HCsVkmruTGAZMgEsfRbTYnDyt arEA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=fRMGyzp03tYfu+a5mNwyhx3DbvljVjB1l6w81zoWVuY=; fh=Mv2M8tuhVwb2pCrpLwfwJceuDvk4ZWzOTf/kU4VxOgk=; b=nzP+iQlxmW2CTzBQf+Ekus3pioJGFzC362LtOppM8dCgsMm/MzwNJyx0hf/oC328dI yoPg+VSXbsGciu9PRUIQ+/jqPHfBtHnBaLujuWIr2BrGhDsEFuhnV4gWHeyFDuwewRWF nnFWxt3VabjwScvI+oTkXy0Tlo9LNXTSYf0zF8KrC1Nt3y8LWBwypgakZXxwuW+S7YA2 i0xsphBJhWCpO3vgbg3PZgY62Hg025h+CuoBQLQwUeBMKLUiE8Cs1mp+SUgZpQdecuSY Y8UdsVX2IqWVVVOGz6EDYt15PdmsBWB3GLO18p57VFwKy7EWa3x9kgufAzaITeUljtJN Tyzg==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=rkLnIo6C; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id d75a77b69052e-44fe8421b92si118623001cf.569.2024.07.30.02.22.46 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Tue, 30 Jul 2024 02:22:46 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=rkLnIo6C; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYj3T-0000Nc-Nd; Tue, 30 Jul 2024 05:22:03 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYj3R-0000JC-Vl for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:22:01 -0400 Received: from mail-wm1-x32b.google.com ([2a00:1450:4864:20::32b]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYj3Q-0005kM-EE for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:22:01 -0400 Received: by mail-wm1-x32b.google.com with SMTP id 5b1f17b1804b1-426526d30aaso25457445e9.0 for ; Tue, 30 Jul 2024 02:22:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722331319; x=1722936119; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=fRMGyzp03tYfu+a5mNwyhx3DbvljVjB1l6w81zoWVuY=; b=rkLnIo6CLqCFwYqG4JoU6NzcdRAnwSFtqmaTKenoNtyXDWXESUm9902YiuvfbXMU81 4SO36jzn6O1bjy6pq72/Vb/4ENLAaQtGyeZLay/5ygNyNhB0WYgtrE3jYtGirN0ECmiN 9wuCW3l7JNRTwc7aAkKnfWgswGyXyrwMtgAaJcc5U/aojI9x/ZMdczsec74xyNBej42w h1dHZDYqBWq8wg+zhaEgY7wN1zBXItEEuFDuANUMcdKH0PsKBB3E8FNBWctRPIf533EG WoZjUqK0MHwsHm8DWMrh8h3Zs1NziZkGehl34qbA3pfHe5VM9GXffPZu0s01cdSS4wZt stEg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722331319; x=1722936119; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=fRMGyzp03tYfu+a5mNwyhx3DbvljVjB1l6w81zoWVuY=; b=YKRVRC7mhGC4d8ZL9xcBU1nMGk1XIcxIGZ+Pk9XyOCEthftCEDLS6B96CIdgHqbhuV pids+Qzw5ZV01FuABRwk2uQ1RFRwMb46Ol0bf6WtXKdCfYG2MdcumrOupIqZdpU4HqyP 67N4lIdqxej0y+SM2Mdid1SwWPDg8OjkzvZX/VQOzumUPb6bavDgJbtx6a49AfRV3x8O ydUySDrABrJA/KKNX3UyekdpD7AUzxdVAsxb3zPvMqy2EFZPPo22iSo2kwwIu5cn2574 VwYduthCFh5FcFbJN7cpy6mO3v2DoOAqCZk/YhdF9DfRVuIjVKnZhXprhSaxSGAvFSY8 Gv0Q== X-Gm-Message-State: AOJu0Yyekd+jGj5QF5bZ0OCiwImm5TuWELploABCw1vGmY2pT1Ycy4qj pnJ1KztIORK3q17s3Gr6NiKLkM7uip0pUNA708BFNhH2r1Ew8n7VtlPZf/BKSndaJktRcnVbG4B uv68= X-Received: by 2002:a05:600c:6b06:b0:426:6f1e:ce93 with SMTP id 5b1f17b1804b1-42811dfe3d0mr69752425e9.33.1722331318878; Tue, 30 Jul 2024 02:21:58 -0700 (PDT) Received: from localhost.localdomain (82.red-88-28-10.dynamicip.rima-tde.net. [88.28.10.82]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-428089c28f0sm192352015e9.28.2024.07.30.02.21.56 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Tue, 30 Jul 2024 02:21:58 -0700 (PDT) From: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Cc: Bin Meng , Zheyu Ma , qemu-block@nongnu.org, =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= , qemu-stable@nongnu.org Subject: [PATCH-for-9.1 2/5] hw/sd/sdcard: Do not abort when reading DAT lines on invalid cmd state Date: Tue, 30 Jul 2024 11:21:35 +0200 Message-ID: <20240730092138.32443-3-philmd@linaro.org> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240730092138.32443-1-philmd@linaro.org> References: <20240730092138.32443-1-philmd@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::32b; envelope-from=philmd@linaro.org; helo=mail-wm1-x32b.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org Guest should not try to read the DAT lines from invalid command state. If it still insists to do so, return a dummy value. Cc: qemu-stable@nongnu.org Fixes: e2dec2eab0 ("hw/sd/sdcard: Remove default case in read/write on DAT lines") Reported-by: Zheyu Ma Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2454 Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Richard Henderson --- hw/sd/sd.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/hw/sd/sd.c b/hw/sd/sd.c index c02f04f1ea..b1e6e36b44 100644 --- a/hw/sd/sd.c +++ b/hw/sd/sd.c @@ -2540,7 +2540,9 @@ uint8_t sd_read_byte(SDState *sd) break; default: - g_assert_not_reached(); + qemu_log_mask(LOG_GUEST_ERROR, "%s: DAT read illegal for command %s\n", + __func__, sd->last_cmd_name); + return dummy_byte; } return ret; From patchwork Tue Jul 30 09:21:36 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= X-Patchwork-Id: 815275 Delivered-To: patch@linaro.org Received: by 2002:a5d:4acf:0:b0:367:895a:4699 with SMTP id y15csp210478wrs; Tue, 30 Jul 2024 02:23:12 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWFOT61Q1bL9iSkfPZicVq8wR7Wir7QOUE6ji5SzNjLKPwQ7tVJ1fLFiJcYsI1Mi0BfM8NFUyV5AefAzcAEfyP3 X-Google-Smtp-Source: AGHT+IGw6ij97ordLQG+RaIwM1DVxAfoEZNb077l6MI49RDgqJDd8F5pZmtii/dUv19hfBHZNUvc X-Received: by 2002:a05:6358:7e44:b0:1aa:d3fe:e617 with SMTP id e5c5f4694b2df-1adc068443cmr1442713155d.16.1722331392196; Tue, 30 Jul 2024 02:23:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1722331392; cv=none; d=google.com; s=arc-20160816; b=a8bOGbt37SLsE258KB7EfPUL4QHOi/6pZ5jkwOTxnxD4Zmr2pgBVaRKCyCTTq9itVo N6nFul6lqLXelFOausexig0t14PV47L0JrW5TSPFAX/aycnRI1x57o3xjV0gz4H8Dj5q qYTSRhvX+YYVWmYFiTBuS35JGoygBS7dVz/HiQeyaa/Uf3iey+k2j5z8DHlz931Hp8pd I8k95hzmoX9N4XVP7jPGex5YlOA1Lg0b1zqs0MJsovuJ+dqpBT2zwDU7hdwKTj5CQ9yR Cg79PG7pXNoA0TvU0M5SJeIxPiZCmbFfv3ak/rAzZOyOzsyaXsnBXWWwjGzTZXvRH/bM cbEA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=OQ1Qo4EummoLtaisooBllEpj3+LWFIK8W5rm3kHkgq8=; fh=Mv2M8tuhVwb2pCrpLwfwJceuDvk4ZWzOTf/kU4VxOgk=; b=t2Yr/vkAp0qtszsiNBCnjpHmznNFP+oseCv395z3VAOIMqExREl5csFVwfOuLsb14x 26DlJ8Ly6ryjyOHXBElFUENEXHVysWENi6TqiqyXIenZGmX3BAnMdnFvXlr7CEvg5mAI VNXlfYdbU3C1b0RoxQke6PitZ2fUH93iboyqaJt9iKJIwaMwwZ6wK+MI+wfjWXqnlsZ+ cO/aRbHqvm4Co+jRMpgnJXej2tMURDhKTU1zQ7dK6z4Ubi/Wb36u4UaF0hqyuOnLzBt8 0h4CzEocVgyB4Z6zy3uer2sU65wbjc1naMr9Tri68YQsyga2QxRmjzEddTBmxTE+4Y/E Zkmw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Zm3+08Gz; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id 6a1803df08f44-6bb3fa8a310si123172886d6.312.2024.07.30.02.23.12 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Tue, 30 Jul 2024 02:23:12 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Zm3+08Gz; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYj3d-0000iI-1G; Tue, 30 Jul 2024 05:22:13 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYj3b-0000bV-5Y for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:22:11 -0400 Received: from mail-wm1-x32f.google.com ([2a00:1450:4864:20::32f]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYj3Y-0005lM-Vo for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:22:10 -0400 Received: by mail-wm1-x32f.google.com with SMTP id 5b1f17b1804b1-4281abc65daso18168545e9.2 for ; Tue, 30 Jul 2024 02:22:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722331327; x=1722936127; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=OQ1Qo4EummoLtaisooBllEpj3+LWFIK8W5rm3kHkgq8=; b=Zm3+08Gz9e2VswihpWAIfNRLWT7e22ZbRv74FjJHx6lHLX6A7vXYEKJlnEcA95BFJB CV26TM3HjNoM/BI2Z2vcWDjMls6NoMGm+HW6u2+KC1FZEiJ3XhY2mWUbn1lv+9c2YhMU qyGOzfjFa3Fi/9tMtnhtT3Grd5lHCi3nhQ4D7abpZ4BegbHnHA3x3K8Akmbzjej7+uWI xHrwAUYvUi8EuAX+ZBspV4vx4/xS7+iqpYDaUrR/CfOzfLM6XUIW4O0j52cMIoy83w2x HM8EnLf/2eX48dpwBENCpz0GbwypPNd17AUinggAk2BuxWm19SN5GGfUFyJKWvRpjR3p QWFQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722331327; x=1722936127; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=OQ1Qo4EummoLtaisooBllEpj3+LWFIK8W5rm3kHkgq8=; b=xEMxa6lo8rMZQzaWffM1Fm9+GU8QTDB0sm1T9JZF2dgf7qsVRbNEg5Uc1xzbVgNgJ0 e35pt/57AL9uqN9ABY9hjdrQot2AHLTf9cNdTPFvackT8hhaUW2+JF8h5oPIwF9I9K/5 KR66sB/05spnUGiyQ0yEg2YLpisZG3+pS4AFKSOmaq5iKejlOkZEVJYBRjVwdhNTh3Ij 3MrAw1128wzoooEKujLxyDgOzdTGwB2CaKSghteZzZ+IEvBhkMmLsRkkCE0e3FuHOD+A QpqWP50UkxTCeCwJWBRig41cotTF14TcPImqZo/qYLbB5Td8A9GouQExFHVQc50iVN6Z Jv+A== X-Gm-Message-State: AOJu0Yyo/kinxFVC8bIdDDIT+pazTOLEHrjmKvvoPRNETV4nr1HkULkO ExLfWajcmm5YFKBQjD1xyc39dZ5q6cHK5Te7OTXIy223ToSrCrLKVTFg1uRWlF4HlTvxeuyAMdQ A0oU= X-Received: by 2002:a05:600c:3541:b0:428:314:f08e with SMTP id 5b1f17b1804b1-42811d736f4mr65614495e9.5.1722331326831; Tue, 30 Jul 2024 02:22:06 -0700 (PDT) Received: from localhost.localdomain (82.red-88-28-10.dynamicip.rima-tde.net. [88.28.10.82]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-427f93594b6sm251246625e9.5.2024.07.30.02.22.05 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Tue, 30 Jul 2024 02:22:06 -0700 (PDT) From: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Cc: Bin Meng , Zheyu Ma , qemu-block@nongnu.org, =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= , qemu-stable@nongnu.org Subject: [PATCH-for-9.1 3/5] hw/sd/sdhci: Reset @data_count index on invalid ADMA transfers Date: Tue, 30 Jul 2024 11:21:36 +0200 Message-ID: <20240730092138.32443-4-philmd@linaro.org> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240730092138.32443-1-philmd@linaro.org> References: <20240730092138.32443-1-philmd@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::32f; envelope-from=philmd@linaro.org; helo=mail-wm1-x32f.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org We neglected to clear the @data_count index on ADMA error, allowing to trigger assertion in sdhci_read_dataport() or sdhci_write_dataport(). Cc: qemu-stable@nongnu.org Fixes: d7dfca0807 ("hw/sdhci: introduce standard SD host controller") Reported-by: Zheyu Ma Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2455 Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Richard Henderson --- hw/sd/sdhci.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c index d02c3e3963..8293d83556 100644 --- a/hw/sd/sdhci.c +++ b/hw/sd/sdhci.c @@ -846,6 +846,7 @@ static void sdhci_do_adma(SDHCIState *s) } } if (res != MEMTX_OK) { + s->data_count = 0; if (s->errintstsen & SDHC_EISEN_ADMAERR) { trace_sdhci_error("Set ADMA error flag"); s->errintsts |= SDHC_EIS_ADMAERR; From patchwork Tue Jul 30 09:21:37 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= X-Patchwork-Id: 815274 Delivered-To: patch@linaro.org Received: by 2002:a5d:4acf:0:b0:367:895a:4699 with SMTP id y15csp210438wrs; Tue, 30 Jul 2024 02:23:01 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCVgrezm+5ddMS9v2ZXYNdRk9Jn5rq4D23GJx2YIbE1EDRnGUQHsrgyW4I/WoCrAys3tL8sdcasxPx3//IpvKVlf X-Google-Smtp-Source: AGHT+IFtQjliHDpUdgfzCfcpRMoEJ8bAPd1GWybtasOqWlmqNuBnjRLuJ/+eEvqZ5T0EXGbqp8Ra X-Received: by 2002:a05:6214:40c:b0:6b9:5fb9:113f with SMTP id 6a1803df08f44-6bb55a7a9admr144692676d6.27.1722331381796; Tue, 30 Jul 2024 02:23:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1722331381; cv=none; d=google.com; s=arc-20160816; b=to4GBTkggdXIpzLk76L4JzJYbw2w4NISde0gFpzsifZq+C9HdiW2ximkL4gPn49m1D 5ecNY4RCVZ6/3OVL+wGGeY1hb9Bdn09DgE1FPXPB6TQ6TY5I8SNjZViVlPSBS3NdUr2c CKQDwz9YMzltVBFTb0Ioa6d9GxwgC1UYiLtBJ63FyaGlaHX2/x0unoCXg8QWAw/+xmcQ ril8xRdZGH/BRkJFpG5utDuJJQZ2h0uwh32HDdRrfgV3l8eLBg5yb8wJNLcHAF8cvzfY JD3SK82yCSr/mtsal61AMdJ2wFg0VUXsfjrgqHREVBIAg3WwFWv91mJui42JcrMK5upr aftA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=Ugc2yLiSsI07WG//ugTlVImvOO+yujn7Q1YmHPiaYeY=; fh=0a1hE22G74W5F4G5a1EIh7TNSrHN0drAqcdv1Y9cvc8=; b=puGSBJoXBHOmkV5NdMGO36araK4EyIZBoEKBz9BzDyPs5A9dErvT7cHR81A2JmAGEO miWg2GBl8zTfaS/sLbx828e5rfIMHQ9RSs8502CgeZt1HTLR6AUPymXEeURrd5OlkYiC ODNVT8oXmd5WZnAXue1DulGgbSjhdCM1fL0wTWtxQNDl5oUKCHNdhcVCDda+/9pp7m8s 8fB91B1iRzAK+W0shvU9rXI2sMFhWh73gYANy+E5wTi6nlFJEf1IjqLXdJNydp7IefkE TQr0Z7Ga6plJHgJl6hOVOm0TEllC6gvZktnFQkjMppIB6Ak86NkBC3YX2nJZ83VJ7FIb SOEQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=svE9vyBe; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id 6a1803df08f44-6bb3f8e9c51si130372906d6.155.2024.07.30.02.23.01 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Tue, 30 Jul 2024 02:23:01 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=svE9vyBe; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYj3j-0001G6-JV; Tue, 30 Jul 2024 05:22:19 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYj3h-00018g-TN for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:22:17 -0400 Received: from mail-wm1-x32a.google.com ([2a00:1450:4864:20::32a]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYj3g-0005nY-AH for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:22:17 -0400 Received: by mail-wm1-x32a.google.com with SMTP id 5b1f17b1804b1-4281faefea9so12650615e9.2 for ; Tue, 30 Jul 2024 02:22:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722331334; x=1722936134; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Ugc2yLiSsI07WG//ugTlVImvOO+yujn7Q1YmHPiaYeY=; b=svE9vyBe4iLfuPzZ3CPXE+TN9XEPe1Pa4WFrbu0faWq9YD120fY/baAVbXZ4/mssYI f7jMRXgKz33DhaQ2YFPCL5XqeaY/8l/wTlCFVc1jPjSLbsU4eTqBTwZG3SsmefmYfc5o g2n/abH1neRSolNakGn2SYN1f+JG7H8hwzbSWHudoX7009r6cgfni+84rOpNcoabg6MO qKR+XqZOty/fNPPdlUPL/vAytzPpW2TDgXstWvTgVyB7RMD2Nzx3zDNKJ/WU2KNgknZv Oc6t/EfZVyPDb13G/gyzhyOJ12HFysaldlNSb6+uj0dVQ5i8mOpNiMXkd67pmC0w9lwf vsyw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722331334; x=1722936134; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Ugc2yLiSsI07WG//ugTlVImvOO+yujn7Q1YmHPiaYeY=; b=f+8i1vO2sSz+CR+Uokav2ed27mRdFjo9YjBXuL6pn1Q700+DWDJW48PIFoY7ltMNfc J8tIDBPzgHzm13Cyf9KjtjZ8pxTcVVIyN1Tc8SaHMTDZ6Q8ig9Wt0Ymy0pILe6S3eTRj fHhGAUeluQjDgIX0SFcbzaeaTZzkmXli8NvGaPmNCDMdCLoLLw8q0KuoG3tg9+EXMPSK X0Q/4YKveAiVKrb5f6Y/qYUmN2ATGS5ctvgL/57oGdO1R/M/m97fxIkiAzZewUfDNoLi BrxvMtagPo7aImjvMJi7sF1aLEImj470j24S+CS05h3SXanh9GZcfuOYMH+aRd0Y5CGE Q2tw== X-Gm-Message-State: AOJu0YxXUHYh6FGkMCsAHbjeD4NDXbzC4Y6eOk2bnX9E1Uxl8ePGqHlG Kijd6cZdtHWHn1f/RNYI/qDr9BE8UCalZXMTTYFZG31SApvVnSa76zIbPjcMihra2FOVWqZXXBO Yo2A= X-Received: by 2002:a05:600c:4f8e:b0:426:6e9a:7a1c with SMTP id 5b1f17b1804b1-42811e12d86mr67992635e9.25.1722331334313; Tue, 30 Jul 2024 02:22:14 -0700 (PDT) Received: from localhost.localdomain (82.red-88-28-10.dynamicip.rima-tde.net. [88.28.10.82]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-42809e4423dsm173477325e9.13.2024.07.30.02.22.12 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Tue, 30 Jul 2024 02:22:13 -0700 (PDT) From: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Cc: Bin Meng , Zheyu Ma , qemu-block@nongnu.org, =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= Subject: [PATCH-for-9.1 4/5] hw/sd/sdhci: Trace ADMA descriptors Date: Tue, 30 Jul 2024 11:21:37 +0200 Message-ID: <20240730092138.32443-5-philmd@linaro.org> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240730092138.32443-1-philmd@linaro.org> References: <20240730092138.32443-1-philmd@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::32a; envelope-from=philmd@linaro.org; helo=mail-wm1-x32a.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Richard Henderson --- hw/sd/sdhci.c | 8 ++++++++ hw/sd/trace-events | 1 + 2 files changed, 9 insertions(+) diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c index 8293d83556..66b9364e9e 100644 --- a/hw/sd/sdhci.c +++ b/hw/sd/sdhci.c @@ -693,6 +693,11 @@ typedef struct ADMADescr { uint8_t incr; } ADMADescr; +static void trace_adma_description(const char *type, const ADMADescr *dscr) +{ + trace_sdhci_adma_desc(type, dscr->addr, dscr->length, dscr->attr, dscr->incr); +} + static void get_adma_description(SDHCIState *s, ADMADescr *dscr) { uint32_t adma1 = 0; @@ -710,6 +715,7 @@ static void get_adma_description(SDHCIState *s, ADMADescr *dscr) dscr->length = (uint16_t)extract64(adma2, 16, 16); dscr->attr = (uint8_t)extract64(adma2, 0, 7); dscr->incr = 8; + trace_adma_description("ADMA2_32", dscr); break; case SDHC_CTRL_ADMA1_32: dma_memory_read(s->dma_as, entry_addr, &adma1, sizeof(adma1), @@ -723,6 +729,7 @@ static void get_adma_description(SDHCIState *s, ADMADescr *dscr) } else { dscr->length = 4 * KiB; } + trace_adma_description("ADMA1_32", dscr); break; case SDHC_CTRL_ADMA2_64: dma_memory_read(s->dma_as, entry_addr, &dscr->attr, 1, @@ -735,6 +742,7 @@ static void get_adma_description(SDHCIState *s, ADMADescr *dscr) dscr->addr = le64_to_cpu(dscr->addr); dscr->attr &= (uint8_t) ~0xC0; dscr->incr = 12; + trace_adma_description("ADMA2_64", dscr); break; } } diff --git a/hw/sd/trace-events b/hw/sd/trace-events index 43671dc791..3d3f5c1cb7 100644 --- a/hw/sd/trace-events +++ b/hw/sd/trace-events @@ -35,6 +35,7 @@ sdhci_access(const char *access, unsigned int size, uint64_t offset, const char sdhci_read_dataport(uint16_t data_count) "all %u bytes of data have been read from input buffer" sdhci_write_dataport(uint16_t data_count) "write buffer filled with %u bytes of data" sdhci_capareg(const char *desc, uint16_t val) "%s: %u" +sdhci_adma_desc(const char *type, uint64_t addr, uint16_t length, uint8_t attr, uint8_t incr) "%s addr:0x%08"PRIx64" len:0x%x, attr:0x%x, incr:%u" # sd.c sdcard_normal_command(const char *proto, const char *cmd_desc, uint8_t cmd, uint32_t arg, const char *state) "%s %20s/ CMD%02d arg 0x%08x (state %s)" From patchwork Tue Jul 30 09:21:38 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= X-Patchwork-Id: 815272 Delivered-To: patch@linaro.org Received: by 2002:a5d:4acf:0:b0:367:895a:4699 with SMTP id y15csp210372wrs; Tue, 30 Jul 2024 02:22:43 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCXz3tnxagIN2NrwW6fsvtAZWAqJ1ydXGcetXdMgf9DvDfECG497C8O/wYuI+7VarT9yGVARtUykD8W00dWt1MQu X-Google-Smtp-Source: AGHT+IGu6WRF4JX35NBgaZSztmsYqpFZal8uYcPqWoFyN8XL0hRFSRRUuC4zltKHneUECzmHlwou X-Received: by 2002:a05:6358:57a7:b0:1aa:b887:2386 with SMTP id e5c5f4694b2df-1adc06b1f80mr1258284655d.10.1722331363035; Tue, 30 Jul 2024 02:22:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1722331363; cv=none; d=google.com; s=arc-20160816; b=QsgdaOQfVZ/Oihrx8MZ8oQkf/PZiTQwb6Jj/aLcWV2HC7v1s43oNve4Y9kmWN1SjTp tVMIsu3EUA4yn8BfKQgStCECucHELRJmJgl/UUcnDR9vix7zAKKaO0ER4J36FFbKzex+ meifvM9jd2sgAgKsqUTtSfWM/q7QF6YvJyBOXokD/Suw6mtDLfDf2itYbo8BN7tQaJY7 4kF5YrHSFU3dim4aEtF+fqfWy93gylNgDhh8T7BEq/FpDSfnS+TKTWkh6l4/Eh6sOjoD 8HoOcbaGDQuNqPapA3Iv6+xXGzuE1XfTc/Wa/swCzHP7BuuqeTvcCTNM/oRRWbxsX7Ms IHZA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=vNkJJhtqcxfGEvl8U9EJzFqc2LtYmhOZWYrWmgfKr40=; fh=Mv2M8tuhVwb2pCrpLwfwJceuDvk4ZWzOTf/kU4VxOgk=; b=j3fRYSDQjOjAXcwxkHnW1IMjkMyRmGDLOTsdvR0cMGkvi7ohR+4ySvMHirjaNYQMZo gWzdh8CyyYUjPAbF5Rmuc+0QmiM8/qF+qVuOkdIeKkDU2iZrHbJEyyQJyGrNw3q+RBJz HQjOak9yusOc36IbkiWnT5ErWmw83wWHtFWkAkgADT5PNxBI31wFx3piUq9mQVTPxeua GFI09g/5wj6+6Z7xsvB9IOBtKnAw621a0VtfwpOoezLT6CsXLgbtLMOwdF4mVgLu/5lP Yvch+/Pvrhwui5FaMcWnR18HwEzNK6sXfdtmi3gAI5STTLZfuvZAROEDvJfVkLMhVD0f TIYw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=sqFd78I0; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id d75a77b69052e-44fe851b4a5si118577651cf.665.2024.07.30.02.22.42 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Tue, 30 Jul 2024 02:22:43 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=sqFd78I0; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYj3s-0001pc-1M; Tue, 30 Jul 2024 05:22:28 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYj3q-0001lG-Tv for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:22:26 -0400 Received: from mail-lj1-x231.google.com ([2a00:1450:4864:20::231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYj3o-0005oI-Iv for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:22:26 -0400 Received: by mail-lj1-x231.google.com with SMTP id 38308e7fff4ca-2ef2c56da6cso51584791fa.1 for ; Tue, 30 Jul 2024 02:22:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722331342; x=1722936142; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=vNkJJhtqcxfGEvl8U9EJzFqc2LtYmhOZWYrWmgfKr40=; b=sqFd78I0QhwN3P/m/Sul+MmFaL7X+TKK4KDOBGpE0+qKlM9w01HYixRRhoy8DULc4B bD5g/xtxX3QPBwM2W2Y61cV3x6DuPiufYVymrYrbUqNFoK3NX3T6A3CzChsae63rin7Y qpRG6zQp7ZNbj0Uw8iODRsrPJChuQnXgQcWQuJF1g7gCqU4Sc0tKrXol+Dy+Ui/jQVdo TpFWU/32vrD6EylrlXhcmVYTL/1/2n4rYu3cFDUz0+7e2VDqm9c2E/B9Ub+XjBE+50TX 2xvWzjo+HOYKxL3S+v5M+3uEwhhEib1EUjrG+wISC8nKT+EZWRPRQlVOAD1B4by80T3J oWOA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722331342; x=1722936142; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=vNkJJhtqcxfGEvl8U9EJzFqc2LtYmhOZWYrWmgfKr40=; b=ZcZXOuE9oruflp/84yt4xDMe32GYSr3zGJ/yC5OtaxZAN8qFS3pXrVobEwwyEo66+X Bpg+PVY4VOXZ1pA2jc32LEi47qJgE3v+Spm4hc4vAkrMUOSGuIUWvhydrP/3ScpGV8pq 9rrRJqg+WIqOK/n5hu0OIJviU4ezMy0YhslxCBE7PVA+miAz5LAypdAjR+4tqTc1fMrM EWldicf8i5BqBQDTcr3m24gOjZ2jIWci9LPDJVGAlxUp59OGoQ71tgGYZapwuUItUI1n VA2b+Nrxs4o2T8DUQm/0FSLlDtHYAVu4CL/kJvCo6gn1CyW9YYKAceukAE/dGI4z0I0J Z4qg== X-Gm-Message-State: AOJu0YzkGBg+VcUm3wBZ9aLGuiOjPim5vDtQzAU43cIdfD+hI58PkEhS 5sekzNAVQ5oc0RN3VsRR4uQ2G7ijPOGddxZ/IZIppFsBPAXrb87Mez4yjNNfOrBuQI6/rW36K+/ nd9Y= X-Received: by 2002:a2e:9608:0:b0:2ef:2f17:9edd with SMTP id 38308e7fff4ca-2f12ee2f188mr65928521fa.44.1722331342158; Tue, 30 Jul 2024 02:22:22 -0700 (PDT) Received: from localhost.localdomain (82.red-88-28-10.dynamicip.rima-tde.net. [88.28.10.82]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4281dae1479sm59492875e9.44.2024.07.30.02.22.20 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Tue, 30 Jul 2024 02:22:21 -0700 (PDT) From: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Cc: Bin Meng , Zheyu Ma , qemu-block@nongnu.org, =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= , qemu-stable@nongnu.org Subject: [PATCH-for-9.1 5/5] hw/sd/sdhci: Check ADMA descriptors can be accessed Date: Tue, 30 Jul 2024 11:21:38 +0200 Message-ID: <20240730092138.32443-6-philmd@linaro.org> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240730092138.32443-1-philmd@linaro.org> References: <20240730092138.32443-1-philmd@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::231; envelope-from=philmd@linaro.org; helo=mail-lj1-x231.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org Since malicious guest can write invalid addresses to the ADMASYSADDR register, we need to check whether the descriptor could be correctly filled or not. Cc: qemu-stable@nongnu.org Fixes: d7dfca0807 ("hw/sdhci: introduce standard SD host controller") Signed-off-by: Philippe Mathieu-Daudé --- hw/sd/sdhci.c | 86 ++++++++++++++++++++++++++-------------------- hw/sd/trace-events | 2 +- 2 files changed, 49 insertions(+), 39 deletions(-) diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c index 66b9364e9e..eb0476b9aa 100644 --- a/hw/sd/sdhci.c +++ b/hw/sd/sdhci.c @@ -698,53 +698,62 @@ static void trace_adma_description(const char *type, const ADMADescr *dscr) trace_sdhci_adma_desc(type, dscr->addr, dscr->length, dscr->attr, dscr->incr); } -static void get_adma_description(SDHCIState *s, ADMADescr *dscr) +static MemTxResult get_adma_description(SDHCIState *s, ADMADescr *dscr) { uint32_t adma1 = 0; uint64_t adma2 = 0; hwaddr entry_addr = (hwaddr)s->admasysaddr; + MemTxResult res; + switch (SDHC_DMA_TYPE(s->hostctl1)) { case SDHC_CTRL_ADMA2_32: - dma_memory_read(s->dma_as, entry_addr, &adma2, sizeof(adma2), - MEMTXATTRS_UNSPECIFIED); - adma2 = le64_to_cpu(adma2); - /* The spec does not specify endianness of descriptor table. - * We currently assume that it is LE. - */ - dscr->addr = (hwaddr)extract64(adma2, 32, 32) & ~0x3ull; - dscr->length = (uint16_t)extract64(adma2, 16, 16); - dscr->attr = (uint8_t)extract64(adma2, 0, 7); - dscr->incr = 8; - trace_adma_description("ADMA2_32", dscr); + res = dma_memory_read(s->dma_as, entry_addr, &adma2, sizeof(adma2), + MEMTXATTRS_UNSPECIFIED); + if (res == MEMTX_OK) { + adma2 = le64_to_cpu(adma2); + /* The spec does not specify endianness of descriptor table. + * We currently assume that it is LE. + */ + dscr->addr = (hwaddr)extract64(adma2, 32, 32) & ~0x3ull; + dscr->length = (uint16_t)extract64(adma2, 16, 16); + dscr->attr = (uint8_t)extract64(adma2, 0, 7); + dscr->incr = 8; + trace_adma_description("ADMA2_32", dscr); + } break; case SDHC_CTRL_ADMA1_32: - dma_memory_read(s->dma_as, entry_addr, &adma1, sizeof(adma1), - MEMTXATTRS_UNSPECIFIED); - adma1 = le32_to_cpu(adma1); - dscr->addr = (hwaddr)(adma1 & 0xFFFFF000); - dscr->attr = (uint8_t)extract32(adma1, 0, 7); - dscr->incr = 4; - if ((dscr->attr & SDHC_ADMA_ATTR_ACT_MASK) == SDHC_ADMA_ATTR_SET_LEN) { - dscr->length = (uint16_t)extract32(adma1, 12, 16); - } else { - dscr->length = 4 * KiB; + res = dma_memory_read(s->dma_as, entry_addr, &adma1, sizeof(adma1), + MEMTXATTRS_UNSPECIFIED); + if (res == MEMTX_OK) { + adma1 = le32_to_cpu(adma1); + dscr->addr = (hwaddr)(adma1 & ~0xfff); + dscr->attr = (uint8_t)extract32(adma1, 0, 7); + dscr->incr = 4; + if ((dscr->attr & SDHC_ADMA_ATTR_ACT_MASK) == SDHC_ADMA_ATTR_SET_LEN) { + dscr->length = (uint16_t)extract32(adma1, 12, 16); + } else { + dscr->length = 4 * KiB; + } + trace_adma_description("ADMA1_32", dscr); } - trace_adma_description("ADMA1_32", dscr); break; case SDHC_CTRL_ADMA2_64: - dma_memory_read(s->dma_as, entry_addr, &dscr->attr, 1, - MEMTXATTRS_UNSPECIFIED); - dma_memory_read(s->dma_as, entry_addr + 2, &dscr->length, 2, - MEMTXATTRS_UNSPECIFIED); - dscr->length = le16_to_cpu(dscr->length); - dma_memory_read(s->dma_as, entry_addr + 4, &dscr->addr, 8, - MEMTXATTRS_UNSPECIFIED); - dscr->addr = le64_to_cpu(dscr->addr); - dscr->attr &= (uint8_t) ~0xC0; - dscr->incr = 12; - trace_adma_description("ADMA2_64", dscr); + res = dma_memory_read(s->dma_as, entry_addr, &dscr->attr, 1, + MEMTXATTRS_UNSPECIFIED); + res |= dma_memory_read(s->dma_as, entry_addr + 2, &dscr->length, 2, + MEMTXATTRS_UNSPECIFIED); + res |= dma_memory_read(s->dma_as, entry_addr + 4, &dscr->addr, 8, + MEMTXATTRS_UNSPECIFIED); + if (res == MEMTX_OK) { + dscr->length = le16_to_cpu(dscr->length); + dscr->addr = le64_to_cpu(dscr->addr); + dscr->attr &= (uint8_t) ~0xc0; + dscr->incr = 12; + trace_adma_description("ADMA2_64", dscr); + } break; } + return res; } /* Advanced DMA data transfer */ @@ -755,7 +764,6 @@ static void sdhci_do_adma(SDHCIState *s) const uint16_t block_size = s->blksize & BLOCK_SIZE_MASK; const MemTxAttrs attrs = { .memory = true }; ADMADescr dscr = {}; - MemTxResult res; int i; if (s->trnmod & SDHC_TRNS_BLK_CNT_EN && !s->blkcnt) { @@ -765,12 +773,14 @@ static void sdhci_do_adma(SDHCIState *s) } for (i = 0; i < SDHC_ADMA_DESCS_PER_DELAY; ++i) { + MemTxResult res; + s->admaerr &= ~SDHC_ADMAERR_LENGTH_MISMATCH; - get_adma_description(s, &dscr); - trace_sdhci_adma_loop(dscr.addr, dscr.length, dscr.attr); + res = get_adma_description(s, &dscr); + trace_sdhci_adma_loop(dscr.addr, dscr.length, dscr.attr, res); - if ((dscr.attr & SDHC_ADMA_ATTR_VALID) == 0) { + if (res != MEMTX_OK || (dscr.attr & SDHC_ADMA_ATTR_VALID) == 0) { /* Indicate that error occurred in ST_FDS state */ s->admaerr &= ~SDHC_ADMAERR_STATE_MASK; s->admaerr |= SDHC_ADMAERR_STATE_ST_FDS; diff --git a/hw/sd/trace-events b/hw/sd/trace-events index 3d3f5c1cb7..a802a717b9 100644 --- a/hw/sd/trace-events +++ b/hw/sd/trace-events @@ -29,7 +29,7 @@ sdhci_response4(uint32_t r0) "RSPREG[31..0]=0x%08x" sdhci_response16(uint32_t r3, uint32_t r2, uint32_t r1, uint32_t r0) "RSPREG[127..96]=0x%08x, RSPREG[95..64]=0x%08x, RSPREG[63..32]=0x%08x, RSPREG[31..0]=0x%08x" sdhci_end_transfer(uint8_t cmd, uint32_t arg) "Automatically issue CMD%02u 0x%08x" sdhci_adma(const char *desc, uint32_t sysad) "%s: admasysaddr=0x%" PRIx32 -sdhci_adma_loop(uint64_t addr, uint16_t length, uint8_t attr) "addr=0x%08" PRIx64 ", len=%d, attr=0x%x" +sdhci_adma_loop(uint64_t addr, uint16_t length, uint8_t attr, uint32_t res) "addr=0x%08" PRIx64 ", len=%d, attr=0x%x, res=%" PRIu32 sdhci_adma_transfer_completed(void) "" sdhci_access(const char *access, unsigned int size, uint64_t offset, const char *dir, uint64_t val, uint64_t val2) "%s%u: addr[0x%04" PRIx64 "] %s 0x%08" PRIx64 " (%" PRIu64 ")" sdhci_read_dataport(uint16_t data_count) "all %u bytes of data have been read from input buffer"