From d6d10793dcfa33504745be40b49bd747ff8752ef Mon Sep 17 00:00:00 2001 From: Yan Zhao Date: Mon, 24 Jun 2019 17:18:10 +0800 Subject: [PATCH] intel_iommu: Fix incorrect "end" for vtd_address_space_unmap IOMMUNotifier is with inclusive ranges, so we should check against (VTD_ADDRESS_SIZE(s->aw_bits) - 1). Signed-off-by: Yan Zhao [peterx: split from another bigger patch] Reviewed-by: Eric Auger Signed-off-by: Peter Xu Message-Id: <20190624091811.30412-2-peterx@redhat.com> Signed-off-by: Paolo Bonzini --- hw/i386/intel_iommu.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c index 44b1231157..719ce19ab3 100644 --- a/hw/i386/intel_iommu.c +++ b/hw/i386/intel_iommu.c @@ -3379,12 +3379,12 @@ static void vtd_address_space_unmap(VTDAddressSpace *as, IOMMUNotifier *n) * VT-d spec), otherwise we need to consider overflow of 64 bits. */ - if (end > VTD_ADDRESS_SIZE(s->aw_bits)) { + if (end > VTD_ADDRESS_SIZE(s->aw_bits) - 1) { /* * Don't need to unmap regions that is bigger than the whole * VT-d supported address space size */ - end = VTD_ADDRESS_SIZE(s->aw_bits); + end = VTD_ADDRESS_SIZE(s->aw_bits) - 1; } assert(start <= end);