From nobody Mon Feb 9 00:30:33 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=nongnu.org ARC-Seal: i=1; a=rsa-sha256; t=1748526584; cv=none; d=zohomail.com; s=zohoarc; b=ZI+22R315mc/j4I2UqP0FEWoRMS7JWkSKjmPLvUslEC41ZJR7AmzfdJr9AHjsckWzXSVsvpwEA1zL5w7XWDhv6Ph/hQ7M1sb2L9TjEEkJlRWUxew3AEFq66cTKn8fGg6R3J+F4fGvFdXIyS0wIbhfhZndMBc0Zvata8en2BZel4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1748526584; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:Sender:Subject:Subject:To:To:Message-Id; bh=HE9banyJKdyeHYKKINbJSwfka4OqHucR/zF3ld5WOIk=; b=fMeYGzg7A1qvb0ZmiZjV6PMo/B31BaGjp8I9WXsm3oj7rErbQ1fkdkC0rwr4uNiwPgrNZLnoM1naF4YTNE0ysATz6dJ+65OZYwV+CF4O1HmaQQLh+pPcPBlZnNSEid7+yM2/fhqdnA4a+by7af9nbu5i2J+ET7pFx/4pUfDasDg= ARC-Authentication-Results: i=1; mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 17485265841981021.4396572400523; Thu, 29 May 2025 06:49:44 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1uKdcr-00006y-OZ; Thu, 29 May 2025 09:48:54 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uKdcq-00006W-1u for qemu-devel@nongnu.org; Thu, 29 May 2025 09:48:52 -0400 Received: from [185.176.79.56] (helo=frasgout.his.huawei.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uKdcn-0007RJ-64 for qemu-devel@nongnu.org; Thu, 29 May 2025 09:48:51 -0400 Received: from mail.maildlp.com (unknown [172.18.186.231]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4b7SKd0qckz6L5cG; Thu, 29 May 2025 21:44:53 +0800 (CST) Received: from frapeml500008.china.huawei.com (unknown [7.182.85.71]) by mail.maildlp.com (Postfix) with ESMTPS id E3C821402FE; Thu, 29 May 2025 21:48:29 +0800 (CST) Received: from SecurePC-101-06.china.huawei.com (10.122.19.247) by frapeml500008.china.huawei.com (7.182.85.71) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.39; Thu, 29 May 2025 15:48:29 +0200 To: , , Fan Ni CC: , Subject: [PATCH qemu] hw/cxl: Fix register block locator size Date: Thu, 29 May 2025 14:48:28 +0100 Message-ID: <20250529134828.403049-1-Jonathan.Cameron@huawei.com> X-Mailer: git-send-email 2.48.1 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Originating-IP: [10.122.19.247] X-ClientProxiedBy: lhrpeml100004.china.huawei.com (7.191.162.219) To frapeml500008.china.huawei.com (7.182.85.71) X-Host-Lookup-Failed: Reverse DNS lookup failed for 185.176.79.56 (deferred) Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=185.176.79.56; envelope-from=jonathan.cameron@huawei.com; helo=frasgout.his.huawei.com X-Spam_score_int: -33 X-Spam_score: -3.4 X-Spam_bar: --- X-Spam_report: (-3.4 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-to: Jonathan Cameron From: Jonathan Cameron via Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1748526586249116600 Content-Type: text/plain; charset="utf-8" This has been wrong from day 1. For now we only have two entries (component and device registers). The wrong size could lead to arbitrary data off the stack being presented in PCIe config space. Signed-off-by: Jonathan Cameron Reviewed-by: Fan Ni --- include/hw/cxl/cxl_pci.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/hw/cxl/cxl_pci.h b/include/hw/cxl/cxl_pci.h index d0855ed78b..3bb882ce89 100644 --- a/include/hw/cxl/cxl_pci.h +++ b/include/hw/cxl/cxl_pci.h @@ -31,7 +31,7 @@ #define PCIE_CXL3_FLEXBUS_PORT_DVSEC_LENGTH 0x20 #define PCIE_CXL3_FLEXBUS_PORT_DVSEC_REVID 2 =20 -#define REG_LOC_DVSEC_LENGTH 0x24 +#define REG_LOC_DVSEC_LENGTH 0x1C #define REG_LOC_DVSEC_REVID 0 =20 enum { --=20 2.48.1