Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: d4dfb4ffd4008d0d7d3bc9b1dca3e5c5afcc4336
https://github.com/qemu/qemu/commit/d4dfb4ffd4008d0d7d3bc9b1dca3e5c5afcc4336
Author: Troy Lee <[email protected]>
Date: 2025-03-23 (Sun, 23 Mar 2025)
Changed paths:
M include/hw/arm/aspeed_soc.h
Log Message:
-----------
aspeed: Fix maximum number of spi controller
Commit 6de4aa8dc544 ("hw/arm/aspeed_ast27x0: Add SoC Support for AST2700
A1") extends ast2700a1 spis_num to 3, but ASPEED_SPIS_NUM defines the
maximum number of spi controller to 2, result in ehci[0] is being
overwritten in runtime.
Signed-off-by: Troy Lee <[email protected]>
Fixes: 6de4aa8dc544 ("hw/arm/aspeed_ast27x0: Add SoC Support for AST2700 A1")
Reviewed-by: Cédric Le Goater <[email protected]>
Link:
https://lore.kernel.org/qemu-devel/[email protected]
Signed-off-by: Cédric Le Goater <[email protected]>
Commit: 7b8cbe5162e69ad629c5326bf3c158b81857955d
https://github.com/qemu/qemu/commit/7b8cbe5162e69ad629c5326bf3c158b81857955d
Author: Steven Lee <[email protected]>
Date: 2025-03-23 (Sun, 23 Mar 2025)
Changed paths:
M hw/intc/aspeed_intc.c
Log Message:
-----------
hw/intc/aspeed: Fix IRQ handler mask check
Updated the IRQ handler mask check to AND with select variable.
This ensures that the interrupt service routine is correctly triggered
for the interrupts within the same irq group.
For example, both `eth0` and the debug UART are handled in `GICINT132`.
Without this fix, the debug console may hang if the `eth0` ISR is not
handled.
Signed-off-by: Steven Lee <[email protected]>
Change-Id: Ic3609eb72218dfd68be6057d78b8953b18828709
Reviewed-by: Cédric Le Goater <[email protected]>
Fixes: d831c5fd8682 ("aspeed/intc: Add AST2700 support")
Link:
https://lore.kernel.org/qemu-devel/[email protected]
Signed-off-by: Cédric Le Goater <[email protected]>
Commit: 78877b2e06464f49f777e086845e094ea7bc82ef
https://github.com/qemu/qemu/commit/78877b2e06464f49f777e086845e094ea7bc82ef
Author: Jamin Lin <[email protected]>
Date: 2025-03-23 (Sun, 23 Mar 2025)
Changed paths:
M hw/misc/aspeed_hace.c
Log Message:
-----------
hw/misc/aspeed_hace: Fix buffer overflow in has_padding function
The maximum padding size is either 64 or 128 bytes and should always be smaller
than "req_len". If "padding_size" exceeds "req_len", then
"req_len - padding_size" underflows due to "uint32_t" data type, leading to a
large incorrect value (e.g., `0xFFXXXXXX`). This causes an out-of-bounds memory
access, potentially leading to a buffer overflow.
Added a check to ensure "padding_size" does not exceed "req_len" before
computing "pad_offset". This prevents "req_len - padding_size" from underflowing
and avoids accessing invalid memory.
Signed-off-by: Jamin Lin <[email protected]>
Reviewed-by: Cédric Le Goater <[email protected]>
Fixes: 5cd7d8564a8b563da724b9e6264c967f0a091afa ("aspeed/hace: Support AST2600
HACE ")
Link:
https://lore.kernel.org/qemu-devel/[email protected]
Signed-off-by: Cédric Le Goater <[email protected]>
Commit: 170825d14d88a1ce7fae98d5a928480f2f329b22
https://github.com/qemu/qemu/commit/170825d14d88a1ce7fae98d5a928480f2f329b22
Author: Stefan Hajnoczi <[email protected]>
Date: 2025-03-24 (Mon, 24 Mar 2025)
Changed paths:
M hw/intc/aspeed_intc.c
M hw/misc/aspeed_hace.c
M include/hw/arm/aspeed_soc.h
Log Message:
-----------
Merge tag 'pull-aspeed-20250323' of https://github.com/legoater/qemu into
staging
aspeed queue:
* Fix AST2700 SoC model
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEoPZlSPBIlev+awtgUaNDx8/77KEFAmfgSG0ACgkQUaNDx8/7
# 7KFIaQ//TDinoK375i/tsRxpHPVHU40mQbn2pCx8g+mDoMZubfExSWncxcOpgzbM
# KM+NSOK0PBnCUHt0aWVb/USyMM7hftJHRkC6IY43HFnRIJlKxPeaS/IC73fPMMKu
# sDuBYz1ALseLFM1vArCiAijA8aCQOAiOBq/GSgscuHcgmTTMJ+c0LbwEaV5/aJwO
# BSIn6bRMLByl6w31NCetu7XwybCI9xCdgcGTuv7gNXtjk8poy540gB1CK02smDjc
# 0uRY9QXjh2epDWXz7UqMlJsEkEUc9BZP/95a70OKFsgDKz1K6kuCxgA3QbKLRgY1
# CDlinhERQuyFta6ulsoQ6E6T6nzc9MzTRjLztSdmMWkCd/qm1j4bWVuGnWD++9WT
# 1Q2IX4D5kurKNizux2+HaV02s3RafpeSjGOYMjaTpr74yqPpwa7gM2WnJhxZF1Md
# MF+ee30be5dJaVcZ0doYd+m3c6M0W5S1H5tR99YTA3auwikY0zgEKHrgXoDnv+sb
# 803AQroIBGZxbnxSH1OVJD4MB7Xos5CBxi0FYvpCy8E7Piaz2EGAe7QQUyHhPZjs
# Eg5rKCXODToYIpTHg+JYakHEt3ooewX3/pSVa//PJzde0eR25VNc6ybl4Xklqxib
# SjQ7HFqPkWrbVNK7o6j1LHLVa+sxtIT8FQtHKh5XjD7wnQwYV5U=
# =AwrM
# -----END PGP SIGNATURE-----
# gpg: Signature made Sun 23 Mar 2025 13:44:13 EDT
# gpg: using RSA key A0F66548F04895EBFE6B0B6051A343C7CFFBECA1
# gpg: Good signature from "Cédric Le Goater <[email protected]>" [full]
# gpg: aka "Cédric Le Goater <[email protected]>" [full]
# Primary key fingerprint: A0F6 6548 F048 95EB FE6B 0B60 51A3 43C7 CFFB ECA1
* tag 'pull-aspeed-20250323' of https://github.com/legoater/qemu:
hw/misc/aspeed_hace: Fix buffer overflow in has_padding function
hw/intc/aspeed: Fix IRQ handler mask check
aspeed: Fix maximum number of spi controller
Signed-off-by: Stefan Hajnoczi <[email protected]>
Compare: https://github.com/qemu/qemu/compare/71119ed36516...170825d14d88
To unsubscribe from these emails, change your notification settings at
https://github.com/qemu/qemu/settings/notifications
