Fix up pxe boot (Glauber Costa)

As discussed in http://lists.gnu.org/archive/html/qemu-devel/2008-08/msg00667.html, current pxe boot is broken for some use cases. The problem goes away if we reduce the number of allowed bits in the address space to 32 (which has the side effect of reducing guest max mem size to 4Gb). After digging for a while, it turns out that it happens because pxelinux tries to access address 0x10009e9a6, which does not fit a 32-bit address. A closer look, however, reveals this access is totally valid: It's just 0x9e9a6 with an add carry. To avoid this, this patch casts the address passed to the POPL macro to a 32-bit value. This is also done, although just theorectically, for PUSHL too. Signed-off-by: Glauber Costa <glommer@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com> Reported-by: Chris Lalancette <clalance@redhat.com> CC: Eduardo Habkost <ehabkost@redhat.com> git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5182 c046a42c-6fe2-441c-8c8c-71466251a162

Fix up pxe boot (Glauber Costa)
As discussed in http://lists.gnu.org/archive/html/qemu-devel/2008-08/msg00667.html, current pxe boot is broken for some use cases. The problem goes away if we reduce the number of allowed bits in the address space to 32 (which has the side effect of reducing guest max mem size to 4Gb). After digging for a while, it turns out that it happens because pxelinux tries to access address 0x10009e9a6, which does not fit a 32-bit address. A closer look, however, reveals this access is totally valid: It's just 0x9e9a6 with an add carry. To avoid this, this patch casts the address passed to the POPL macro to a 32-bit value. This is also done, although just theorectically, for PUSHL too. Signed-off-by: Glauber Costa <glommer@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com> Reported-by: Chris Lalancette <clalance@redhat.com> CC: Eduardo Habkost <ehabkost@redhat.com> git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5182 c046a42c-6fe2-441c-8c8c-71466251a162
aliguori
1 parent c690524e
Showing 1 changed file with 6 additions and 2 deletions
target-i386/op_helper.c
@@ -590,6 +590,10 @@ do {\
 #define SET_ESP(val, sp_mask) ESP = (ESP & ~(sp_mask)) | ((val) & (sp_mask))
 #endif
  
+/* in 64-bit machines, this can overflow. So this segment addition macro
+ * can be used to trim the value to 32-bit whenever needed */
+#define SEG_ADDL(ssp, sp, sp_mask) ((uint32_t)((ssp) + (sp & (sp_mask))))
+
 /* XXX: add a is_user flag to have proper security support */
 #define PUSHW(ssp, sp, sp_mask, val)\
 {\
@@ -600,7 +604,7 @@ do {\
 #define PUSHL(ssp, sp, sp_mask, val)\
 {\
     sp -= 4;\
-    stl_kernel((ssp) + (sp & (sp_mask)), (val));\
+    stl_kernel(SEG_ADDL(ssp, sp, sp_mask), (uint32_t)(val));\
 }
  
 #define POPW(ssp, sp, sp_mask, val)\
@@ -611,7 +615,7 @@ do {\
  
 #define POPL(ssp, sp, sp_mask, val)\
 {\
-    val = (uint32_t)ldl_kernel((ssp) + (sp & (sp_mask)));\
+    val = (uint32_t)ldl_kernel(SEG_ADDL(ssp, sp, sp_mask));\
     sp += 4;\
 }