On 3/6/24 17:05, Michael S. Tsirkin wrote:
On Mon, Jun 03, 2024 at 02:53:35PM +0200, Philippe Mathieu-Daudé wrote:
On 31/5/24 18:22, Ira Weiny wrote:
Peter and coverity report:
We've passed '&data' to address_space_write(), which means "read
from the address on the stack where the function argument 'data'
lives", so instead of writing 64 bytes of data to the guest ,
we'll write 64 bytes which start with a host pointer value and
then continue with whatever happens to be on the host stack
after that.
Indeed the intention was to write 64 bytes of data at the address given.
Fix the parameter to address_space_write().
Reported-by: Peter Maydell <peter.mayd...@linaro.org>
Link:
https://lore.kernel.org/all/cafeaca-u4sytgwtksb__y+_+0o2-wwarntm3x8wnhvl1wfh...@mail.gmail.com/
Fixes: 6bda41a69bdc ("hw/cxl: Add clear poison mailbox command support.")
Cc: Jonathan Cameron <jonathan.came...@huawei.com>
Signed-off-by: Ira Weiny <ira.we...@intel.com>
---
Compile tested only. Jonathan please double check me.
---
hw/mem/cxl_type3.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Thanks, patch queued.
Had it queued too but sure, I can drop.
Sorry I didn't notice that along with your R-b tag, my bad.
Don't modify your branch, I'm dropping it.
Regards,
Phil.
