From patchwork Tue Oct 15 10:37:53 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 835406 Delivered-To: patch@linaro.org Received: by 2002:a5d:4c8f:0:b0:37d:45d0:187 with SMTP id z15csp161159wrs; Tue, 15 Oct 2024 03:39:25 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCX1c0XZY4CUgCotJaUOMB35vrTaUHLvYmrcJRn9A+4KpLWeRHLhStxKVgyC5V6c7IszIM7S6w==@linaro.org X-Google-Smtp-Source: AGHT+IHt7Ha7+RuDgKWrR8H/wVnskQhLwhOEatlL4Ms4zuB60pAPw7jxUwEfvgiyOZHipJmbpm8M X-Received: by 2002:a05:622a:5c8e:b0:45f:5f6:7eaf with SMTP id d75a77b69052e-460583e8b78mr215781881cf.10.1728988764794; Tue, 15 Oct 2024 03:39:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1728988764; cv=none; d=google.com; s=arc-20240605; b=d5Qs4SLNkoeyalkreLMaqbbuU96wPsYmo9X8uIfEXbEl7gc/CxUSk8KpY3/aQZNOUB Zk5D1+2EYUNUhdGUdXxYzWL5/DtzMN7686vjObJGRys9ulxeTIafz212rfFQuo/I4i93 7Uz1vH0uw16g+Z586aBJXJSFaUk2+bU97pehWWiKIfZhZQNPppw1euELEuTk8hrX11dj J9q0V97YJo23SbAmlDHSVKB2CeouigFbUy7TbwEH8TOPYVVwkwBe/07CfjocN3I4O6dC 3nMs0oKC8atgph/3LUT79ovpYdsr2rhNfNQOKgp/xGuXJ34835IHAFeG3l47hQ+89Kc5 HxbQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=LcdUzjHr2c6vrOngrhri7Hj4mk4jIf0iNM4JVtguHnI=; fh=PnYt+qEB9tAfMKoqBm2xjKOFpYyFFGPudh5cVIoieJM=; b=BabPFFXT+RuBao/LgSXO/MQJ8bdwyEQ4iTl1XTL49amtBDKAgUSw2bOZjs4myMSRIC 66wPxjbNawXo2dBErvPon7a1d0d+1+UntZFlfKz851KzMQ/Eg2wCcrc/VuhNs5ycbU8B cnQmpKcuEqixYGVJgUH84RHz4g1+j80joJOfW2N9HWxamVncM+SXsrjoeDlCOQXEeypw 0W2erAXpu6tAlKUaUwSaa7WWu/CpMdmxtGjhCR+1bAJpyyTbv/lFQFpUqMhFAVKogTth JWb7qRTBETyUV05FJP8cQaYSUP/LsBNkjMihQELrQr/8CaOlj37NF/ZfDcw5naxM9b4x h4Lw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=F+g9sTI1; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id d75a77b69052e-4607b4c8630si11330571cf.615.2024.10.15.03.39.24 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Tue, 15 Oct 2024 03:39:24 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=F+g9sTI1; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1t0ewq-0006jr-RK; Tue, 15 Oct 2024 06:38:40 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1t0ewX-0006fK-0W for qemu-devel@nongnu.org; Tue, 15 Oct 2024 06:38:21 -0400 Received: from mail-wm1-x32a.google.com ([2a00:1450:4864:20::32a]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1t0ewT-0005wz-Jq for qemu-devel@nongnu.org; Tue, 15 Oct 2024 06:38:20 -0400 Received: by mail-wm1-x32a.google.com with SMTP id 5b1f17b1804b1-43115b31366so47863945e9.3 for ; Tue, 15 Oct 2024 03:38:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1728988696; x=1729593496; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=LcdUzjHr2c6vrOngrhri7Hj4mk4jIf0iNM4JVtguHnI=; b=F+g9sTI1J1lvSywbO5qSNkvQ4HJpoqBFlTyfU3wUWhxkA3PSZbG0GiymfKlZjC5pBy OS7FLMoAmr2P7go4lc66d6xfHBxRfNSFA5fKK3ch7IPhG/QQvt9HyFj9JHAF9QiYrvDN YJbCE6GhmQ0o+PIy6x4m3FnZVqzfm93Hcz5tUPE3X6xrga7PmHrmWRJtJnmE8nUSrgdl MhGMTXTtUMu67sarfR9qCFHYX0bF/vwzTVrsvh2YWj+cqbjQcltCe5BpKq1i7mtjXqDl tnIzneBs/7Ep/6KEsm1+Vwk6hzzUTR+YjeSTzCmK6QFy2oVDuRQLxxI8EkOW8pKb4Svy lJWQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728988696; x=1729593496; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=LcdUzjHr2c6vrOngrhri7Hj4mk4jIf0iNM4JVtguHnI=; b=nVZ4iDGJfwqF9e009z0LcKcd4UiRQl8rShErtiIwbpcJvxBpFsND2BBW2h150W3R7/ 6diGzC3xYWMwBjOgHpfLFyKFnRLfGbJP+6SKYk+r9d1Xq47nErhop3GRr3vLwT/vfhPO gyWagR53VMG3PkZa6Zt2mq/l+lltwGlsKuOhS+INPgaHbphKdhHhOEX+Ok+rnWGsFNJJ ota5CfQHjMObvagUGyKR92+sEjon3Z4sqeFV1fBQdZ31RcE9iNrQIqtDWdDHHOjpLpfU trVzF/CoO+GdjJjNeGV4fAls1SWaJm+hIajdy7rCoU2SOi8MDOeAahIl/qwUpZH++4wy yQ9Q== X-Gm-Message-State: AOJu0YyUZEGO5G/YIPeUIhkGtUamqbKs0pd93aPTVHYEm4xNgnZ7fiEb 1obwTJ6s+0krsINfMmtMh6JvbUh5S6YxXZAYinR7lW+WDm0WfeYpeT2JWA7gzA4/g4EWhBEpVhx 2 X-Received: by 2002:a05:600c:1c81:b0:42c:c003:edd1 with SMTP id 5b1f17b1804b1-4314a2b7b5emr340475e9.10.1728988695986; Tue, 15 Oct 2024 03:38:15 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-37d7fa7a06dsm1241635f8f.5.2024.10.15.03.38.15 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 15 Oct 2024 03:38:15 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 13/28] hw/char/pl011: Use correct masks for IBRD and FBRD Date: Tue, 15 Oct 2024 11:37:53 +0100 Message-Id: <20241015103808.133024-14-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241015103808.133024-1-peter.maydell@linaro.org> References: <20241015103808.133024-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::32a; envelope-from=peter.maydell@linaro.org; helo=mail-wm1-x32a.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org In commit b88cfee90268cad we defined masks for the IBRD and FBRD integer and fractional baud rate divider registers, to prevent the guest from writing invalid values which could cause division-by-zero. Unfortunately we got the mask values the wrong way around: the FBRD register is six bits and the IBRD register is 16 bits, not vice-versa. You would only run into this bug if you programmed the UART to a baud rate of less than 9600, because for 9600 baud and above the IBRD value will fit into 6 bits, as per the table in https://developer.arm.com/documentation/ddi0183/g/programmers-model/register-descriptions/fractional-baud-rate-register--uartfbrd The only visible effects would be that the value read back from the register by the guest would be truncated, and we would print an incorrect baud rate in the debug logs. Cc: qemu-stable@nongnu.org Fixes: b88cfee90268 ("hw/char/pl011: Avoid division-by-zero in pl011_get_baudrate()") Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2610 Signed-off-by: Peter Maydell Reviewed-by: Alex Bennée Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Gavin Shan Message-id: 20241007144732.2491331-1-peter.maydell@linaro.org --- hw/char/pl011.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hw/char/pl011.c b/hw/char/pl011.c index 15df7c1e1ca..0fd1334fab4 100644 --- a/hw/char/pl011.c +++ b/hw/char/pl011.c @@ -90,10 +90,10 @@ DeviceState *pl011_create(hwaddr addr, qemu_irq irq, Chardev *chr) #define CR_UARTEN (1 << 0) /* Integer Baud Rate Divider, UARTIBRD */ -#define IBRD_MASK 0x3f +#define IBRD_MASK 0xffff /* Fractional Baud Rate Divider, UARTFBRD */ -#define FBRD_MASK 0xffff +#define FBRD_MASK 0x3f static const unsigned char pl011_id_arm[8] = { 0x11, 0x10, 0x14, 0x00, 0x0d, 0xf0, 0x05, 0xb1 };