From nobody Sat May 18 10:57:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of _spf.google.com designates 209.85.221.68 as permitted sender) client-ip=209.85.221.68; envelope-from=philippe.mathieu.daude@gmail.com; helo=mail-wr1-f68.google.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of _spf.google.com designates 209.85.221.68 as permitted sender) smtp.mailfrom=philippe.mathieu.daude@gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1607609777; cv=none; d=zohomail.com; s=zohoarc; b=CWaDHVCla984/FjXVG6ShpiC1d5HD9h1whrHYIE8tMAYVfX6KUpDABFSOb3y9u015tTalD/N2g3cGn0Hr84Q8jmYp7uZ/YLu/CzMzrbqajQLWgdDiWASgl6cIL29kcnvdxUfkoUrMl4Xsg0yu13BQGOLO4YQyudpxqlNUV12g1c= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1607609777; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:MIME-Version:Message-ID:Sender:Subject:To; bh=MqIwFv8FtosuPTOH+76+Ccv7DmvEu0dknfwXXb3hwPw=; b=OGuFi9OjH69eJL1+GV/ce0srtehJmNGR/pFnyopiAqfv2EquxK82m7QY2Xm8MM+8XaaBkWwX4/fQoIjx8xgMSCgMs8bQWUKyS8b9gsJzOpmDTko1VXf5UzZrj1y/f8BmqKJSl2Ybe+mTtb1md0yH6xfwLnJNgDg5zwMRs7Dw0+U= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of _spf.google.com designates 209.85.221.68 as permitted sender) smtp.mailfrom=philippe.mathieu.daude@gmail.com Received: from mail-wr1-f68.google.com (mail-wr1-f68.google.com [209.85.221.68]) by mx.zohomail.com with SMTPS id 1607609776937905.9294340609084; Thu, 10 Dec 2020 06:16:16 -0800 (PST) Received: by mail-wr1-f68.google.com with SMTP id 91so5633060wrj.7 for ; Thu, 10 Dec 2020 06:16:14 -0800 (PST) Return-Path: Return-Path: Received: from x1w.redhat.com (101.red-88-21-206.staticip.rima-tde.net. [88.21.206.101]) by smtp.gmail.com with ESMTPSA id a13sm9787526wrt.96.2020.12.10.06.16.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 10 Dec 2020 06:16:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=MqIwFv8FtosuPTOH+76+Ccv7DmvEu0dknfwXXb3hwPw=; b=D8M7eer8ludLMyOVanrF/5s+a+ekwjBYkWEE9/lKm1X+rseJozSoctOp0+pobdUjLh TxoNC+Mo6RhujfEJVtcVEYjouLxfLkNMHjv6vKVOI2V9Qo/6qpEqgZkonoWzQof+6g+m ciBg+B4ve6QI728QJ7bN2OPUS1MIwIfM8135GcWMH6H4CiiYENoQRHxqrtiMaaIOyNUE zx6AECRKgH2r/pqrd50uIRTZQkokS2duec1VqGSpVdoigjzVHB4R9KmwQKQaG7FA3W30 Nxt4fWSBJ55WOuM7SrQpn4xnv2GL/oZBqk9/RC9CLjcSwnYAkjEAPC52QRUIQZXIJjAU +t6g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :mime-version:content-transfer-encoding; bh=MqIwFv8FtosuPTOH+76+Ccv7DmvEu0dknfwXXb3hwPw=; b=MQ2JXYhG85L51O3XVcJMy8MuExre09a8Y5ymRZz7FX4RqUXnUJGVSsBXkeMDezvbha omYiBgFmtwwPgb05xM+/wvZlxmefsii3ewZ2fqvNqRzMJQC1mmj65VxtVm/L7oUF6I5L jFePDJWT8vpwx7MsqFQxoaWDIspOIaGdlOO2TQJ6jRNekQSak7bXs2PfC7438zyDFYvb i3PPS1wcgS4hKS1Ja6aW0/knZoZcvZZXLQ/H1G4rOg8A0it6kiYMY3sIhXv4UFNkArnt 7BxYzuFjnDK4kBEknVzK8NAeyukKqgfDzBjcXB63/rodb1l7uC0wUbQXwHnxXXyIh5jO mfEw== X-Gm-Message-State: AOAM531FzMPJHuy0TeV2DZHdPrx1NjniC+C6iULcFY5kzveccd3tPbmw gspFKNQXYqc4LGG6nxLYJY4= X-Google-Smtp-Source: ABdhPJzlUD128glwtV81VT7I3DcgFt8F6hm79iTooCfbaizmmYFVO5w2uU7OA0WpQl9BWOQFeTGhpg== X-Received: by 2002:a5d:68c9:: with SMTP id p9mr8514912wrw.139.1607609772968; Thu, 10 Dec 2020 06:16:12 -0800 (PST) Sender: =?UTF-8?Q?Philippe_Mathieu=2DDaud=C3=A9?= From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Cc: Alistair Francis , qemu-arm@nongnu.org, "Edgar E. Iglesias" , Peter Maydell , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Gaoning Pan , Damien Hedde , "Edgar E . Iglesias" , Alistair Francis , Gaoning Pan , Mauro Matteo Cascella Subject: [RFC PATCH] hw/misc/zynq_slcr: Avoid #DIV/0! error Date: Thu, 10 Dec 2020 15:16:10 +0100 Message-Id: <20201210141610.884600-1-f4bug@amsat.org> X-Mailer: git-send-email 2.26.2 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @gmail.com) Malicious user can set the feedback divisor for the PLLs to zero, triggering a floating-point exception (SIGFPE). As the datasheet [*] is not clear how hardware behaves when these bits are zeroes, use the maximum divisor possible (128) to avoid the software FPE. [*] Zynq-7000 TRM, UG585 (v1.12.2) B.28 System Level Control Registers (slcr) -> "Register (slcr) ARM_PLL_CTRL" 25.10.4 PLLs -> "Software-Controlled PLL Update" Fixes: 38867cb7ec9 ("hw/misc/zynq_slcr: add clock generation for uarts") Reported-by: Gaoning Pan Signed-off-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Alistair Francis Reviewed-by: Damien Hedde Reviewed-by: Edgar E. Iglesias --- Cc: Damien Hedde Cc: Edgar E. Iglesias Cc: Alistair Francis Cc: Gaoning Pan Cc: Mauro Matteo Cascella Alternative is to threat that as PLL disabled and return 0... --- hw/misc/zynq_slcr.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/hw/misc/zynq_slcr.c b/hw/misc/zynq_slcr.c index a2b28019e3c..66504a9d3ab 100644 --- a/hw/misc/zynq_slcr.c +++ b/hw/misc/zynq_slcr.c @@ -217,6 +217,11 @@ static uint64_t zynq_slcr_compute_pll(uint64_t input, = uint32_t ctrl_reg) return 0; } =20 + /* Consider zero feedback as maximum divide ratio possible */ + if (!mult) { + mult =3D 1 << R_xxx_PLL_CTRL_PLL_FPDIV_LENGTH; + } + /* frequency multiplier -> period division */ return input / mult; } --=20 2.26.2