[v4] amd_iommu: Fixes to align with AMDVi specification

[PATCH v4 8/8] amd_iommu: Fix truncation of oldval in amdvi_writeq

Posted by Alejandro Jimenez 5 months ago

From: Ethan Milon <ethan.milon@eviden.com>

The variable `oldval` was incorrectly declared as a 32-bit `uint32_t`.
This could lead to truncation and incorrect behavior where the upper
read-only 32 bits are significant.

Fix the type of `oldval` to match the return type of `ldq_le_p()`.

Cc: qemu-stable@nongnu.org
Fixes: d29a09ca6842 ("hw/i386: Introduce AMD IOMMU")
Signed-off-by: Ethan Milon <ethan.milon@eviden.com>
---
 hw/i386/amd_iommu.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/i386/amd_iommu.c b/hw/i386/amd_iommu.c
index 92f94dc788c3d..5a24c17548d45 100644
--- a/hw/i386/amd_iommu.c
+++ b/hw/i386/amd_iommu.c
@@ -140,7 +140,7 @@ static void amdvi_writeq(AMDVIState *s, hwaddr addr, uint64_t val)
 {
     uint64_t romask = ldq_le_p(&s->romask[addr]);
     uint64_t w1cmask = ldq_le_p(&s->w1cmask[addr]);
-    uint32_t oldval = ldq_le_p(&s->mmior[addr]);
+    uint64_t oldval = ldq_le_p(&s->mmior[addr]);
     stq_le_p(&s->mmior[addr],
             ((oldval & romask) | (val & ~romask)) & ~(val & w1cmask));
 }
-- 
2.43.5

Re: [PATCH v4 8/8] amd_iommu: Fix truncation of oldval in amdvi_writeq

Posted by Vasant Hegde 4 months, 3 weeks ago


On 6/17/2025 8:34 PM, Alejandro Jimenez wrote:
> From: Ethan Milon <ethan.milon@eviden.com>
> 
> The variable `oldval` was incorrectly declared as a 32-bit `uint32_t`.
> This could lead to truncation and incorrect behavior where the upper
> read-only 32 bits are significant.
> 
> Fix the type of `oldval` to match the return type of `ldq_le_p()`.
> 
> Cc: qemu-stable@nongnu.org
> Fixes: d29a09ca6842 ("hw/i386: Introduce AMD IOMMU")
> Signed-off-by: Ethan Milon <ethan.milon@eviden.com>

Reviewed-by: Vasant Hegde <vasant.hegde@amd.com>

-Vasant