summaryrefslogtreecommitdiffstats
path: root/hw
diff options
context:
space:
mode:
authorPhilippe Mathieu-Daudé2020-09-07 03:55:29 +0200
committerPaolo Bonzini2020-09-30 19:09:20 +0200
commit6ab9be1ec1267865c2f4c334668e05f5810b8836 (patch)
tree5155b78cfd8506b51fa6955c70e83ff0fea81ce9 /hw
parentconfigure: rename QEMU_GA_MSI_ENABLED to CONFIG_QGA_MSI (diff)
downloadqemu-6ab9be1ec1267865c2f4c334668e05f5810b8836.tar.gz
qemu-6ab9be1ec1267865c2f4c334668e05f5810b8836.tar.xz
qemu-6ab9be1ec1267865c2f4c334668e05f5810b8836.zip
hw/char/serial: Assert serial_ioport_read/write offset fits 8 bytes
The serial device has 8 registers, each 8-bit. The MemoryRegionOps 'serial_io_ops' is initialized with max_access_size=1, and all memory_region_init_io() callers correctly set the region size to 8 bytes: - serial_io_realize - serial_isa_realizefn - serial_pci_realize - multi_serial_pci_realize It is safe to assert the offset argument of serial_ioport_read() and serial_ioport_write() is always less than 8. Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20200907015535.827885-2-f4bug@amsat.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'hw')
-rw-r--r--hw/char/serial.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/hw/char/serial.c b/hw/char/serial.c
index fd80ae5592..840da89de7 100644
--- a/hw/char/serial.c
+++ b/hw/char/serial.c
@@ -344,7 +344,7 @@ static void serial_ioport_write(void *opaque, hwaddr addr, uint64_t val,
{
SerialState *s = opaque;
- addr &= 7;
+ assert(size == 1 && addr < 8);
trace_serial_ioport_write(addr, val);
switch(addr) {
default:
@@ -485,7 +485,7 @@ static uint64_t serial_ioport_read(void *opaque, hwaddr addr, unsigned size)
SerialState *s = opaque;
uint32_t ret;
- addr &= 7;
+ assert(size == 1 && addr < 8);
switch(addr) {
default:
case 0: