From: "Philippe Mathieu-Daudé" <f4bug@amsat.org>
To: qemu-devel@nongnu.org
Cc: "Alexander Bulekov" <alxndr@bu.edu>,
"Philippe Mathieu-Daudé" <f4bug@amsat.org>,
qemu-block@nongnu.org
Subject: [RFC PATCH 5/6] hw/sd/sdcard: Do not attempt to erase out of range addresses
Date: Fri, 18 Sep 2020 19:41:16 +0200 [thread overview]
Message-ID: <20200918174117.180057-6-f4bug@amsat.org> (raw)
In-Reply-To: <20200918174117.180057-1-f4bug@amsat.org>
While the Spec v3 is not very clear, v6 states:
If the host provides an out of range address as an argument
to CMD32 or CMD33, the card shall indicate OUT_OF_RANGE error
in R1 (ERX) for CMD38.
If an address is out of range, do not attempt to erase it:
return R1 with the error bit set.
Buglink: https://bugs.launchpad.net/bugs/1895310
Reported-by: Alexander Bulekov <alxndr@bu.edu>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
---
hw/sd/sd.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/hw/sd/sd.c b/hw/sd/sd.c
index ee7b64023aa..4454d168e2f 100644
--- a/hw/sd/sd.c
+++ b/hw/sd/sd.c
@@ -766,6 +766,13 @@ static void sd_erase(SDState *sd)
erase_end *= 512;
}
+ if (sd->erase_start > sd->size || sd->erase_end > sd->size) {
+ sd->card_status |= OUT_OF_RANGE;
+ sd->erase_start = INVALID_ADDRESS;
+ sd->erase_end = INVALID_ADDRESS;
+ return;
+ }
+
erase_start = sd_addr_to_wpnum(erase_start);
erase_end = sd_addr_to_wpnum(erase_end);
sd->erase_start = INVALID_ADDRESS;
--
2.26.2
next prev parent reply other threads:[~2020-09-18 17:46 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-18 17:41 [RFC PATCH 0/6] hw/sd/sdcard: Do not attempt to erase out of range addresses Philippe Mathieu-Daudé
2020-09-18 17:41 ` [RFC PATCH 1/6] hw/sd/sdcard: Add trace event for ERASE command (CMD38) Philippe Mathieu-Daudé
2020-09-18 17:41 ` [RFC PATCH 2/6] hw/sd/sdcard: Introduce the INVALID_ADDRESS definition Philippe Mathieu-Daudé
2020-09-18 17:41 ` [RFC PATCH 3/6] hw/sd/sdcard: Do not use legal address '0' for INVALID_ADDRESS Philippe Mathieu-Daudé
2020-09-21 8:40 ` Markus Armbruster
2020-09-21 10:31 ` Philippe Mathieu-Daudé
2020-09-21 12:21 ` Markus Armbruster
2020-09-21 12:24 ` Dr. David Alan Gilbert
2020-09-21 14:23 ` Philippe Mathieu-Daudé
2020-09-21 15:08 ` Markus Armbruster
2020-09-21 19:23 ` Paolo Bonzini
2020-09-22 14:48 ` Markus Armbruster
2020-10-15 6:27 ` Philippe Mathieu-Daudé
2020-09-21 23:53 ` Kevin O'Connor
2020-09-18 17:41 ` [RFC PATCH 4/6] hw/sd/sdcard: Reset both start/end addresses on error Philippe Mathieu-Daudé
2020-09-18 17:41 ` Philippe Mathieu-Daudé [this message]
2020-09-18 17:41 ` [RFC PATCH 6/6] hw/sd/sdcard: Assert if accessing an illegal group Philippe Mathieu-Daudé
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200918174117.180057-6-f4bug@amsat.org \
--to=f4bug@amsat.org \
--cc=alxndr@bu.edu \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.