- Timestamp:
- May 2, 2020 9:08:45 AM (5 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/VBox/Devices/Bus/DevIommuAmd.cpp
r84125 r84126 2753 2753 uint32_t const offBuf = u64Value & IOMMU_CMD_BUF_TAIL_PTR_VALID_MASK; 2754 2754 uint32_t const cbBuf = iommuAmdGetBufLength(pThis->CmdBufBaseAddr.n.u4Len); 2755 Assert(cbBuf <= _512K); 2755 2756 if (offBuf >= cbBuf) 2756 2757 { … … 2760 2761 } 2761 2762 2762 /** @todo More validation. Prevent wrap-around overwrite? */ 2763 2763 /* 2764 * IOMMU behavior is undefined if software advances the tail pointer equal to or beyond the 2765 * head pointer after adding one or more commands to the buffer. 2766 * 2767 * However, we cannot enforce this strictly because it's legal for software to shrink the 2768 * command queue (by reducing the offset) as well as wrap around the pointer (when head isn't 2769 * at 0). Software might even make the queue empty by making head and tail equal which is 2770 * allowed. I don't think we can or should try too hard to prevent software shooting itself 2771 * in the foot here. As long as we make sure the offset value is within the circular buffer 2772 * bounds (which we do by masking bits above) it should be sufficient. 2773 */ 2764 2774 pThis->CmdBufTailPtr.au32[0] = offBuf; 2765 2775 LogFlow((IOMMU_LOG_PFX ": Set CmdBufTailPtr to %#RX32\n", offBuf));
Note:
See TracChangeset
for help on using the changeset viewer.