From: Corey Minyard <minyard@acm.org>
To: Peter Maydell <peter.maydell@linaro.org>
Cc: QEMU Developers <qemu-devel@nongnu.org>,
Paolo Bonzini <pbonzini@redhat.com>,
Corey Minyard <cminyard@mvista.com>,
"Dr . David Alan Gilbert" <dgilbert@redhat.com>,
"Michael S . Tsirkin" <mst@redhat.com>
Subject: Re: [Qemu-devel] [PATCH v2 04/12] i2c: Add a length check to the SMBus write handling
Date: Tue, 20 Nov 2018 10:58:38 -0600 [thread overview]
Message-ID: <f2179250-a92b-ef40-46a5-b403f17e0056@acm.org> (raw)
In-Reply-To: <CAFEAcA8uTFRiYZuJx=9o0Bs483TgVt=TTAV50n3JNsZCJaqKfA@mail.gmail.com>
On 11/20/18 9:33 AM, Peter Maydell wrote:
> On 15 November 2018 at 19:24, <minyard@acm.org> wrote:
>> From: Corey Minyard <cminyard@mvista.com>
>>
>> Avoid an overflow.
>>
>> Signed-off-by: Corey Minyard <cminyard@mvista.com>
>> ---
>> hw/i2c/smbus_slave.c | 6 +++++-
>> 1 file changed, 5 insertions(+), 1 deletion(-)
>>
>> diff --git a/hw/i2c/smbus_slave.c b/hw/i2c/smbus_slave.c
>> index 83ca041b5d..fa988919d8 100644
>> --- a/hw/i2c/smbus_slave.c
>> +++ b/hw/i2c/smbus_slave.c
>> @@ -182,7 +182,11 @@ static int smbus_i2c_send(I2CSlave *s, uint8_t data)
>> switch (dev->mode) {
>> case SMBUS_WRITE_DATA:
>> DPRINTF("Write data %02x\n", data);
>> - dev->data_buf[dev->data_len++] = data;
>> + if (dev->data_len >= sizeof(dev->data_buf)) {
>> + BADF("Too many bytes sent\n");
>> + } else {
>> + dev->data_buf[dev->data_len++] = data;
>> + }
>> break;
> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
>
> What happens on a real device in this situation ?
It's device specific. Some devices (most eeproms, I suspect) will just keep
taking data, wrapping around when you hit the end of the memory. Some
devices (IPMI BMCs, generally) will ignore the extra data. Some devices
may return a NAK on a byte if it gets too much data. The specification
says:
The slave device detects an invalid command or invalid data. In this
case the slave
device must NACK the received byte. The master upon detection of
this condition
must generate a STOP condition and retry the transaction.
So a NAK may be appropriate here, but it's kind of fuzzy. Since generating
a NAK is more complicated, I would guess that most devices don't.
-corey
> thanks
> -- PMM
next prev parent reply other threads:[~2018-11-20 16:59 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-15 19:24 [Qemu-devel] [PATCH v2 00/12] RFC: Fix/add vmstate handling in some I2C code minyard
2018-11-15 19:24 ` [Qemu-devel] [PATCH v2 01/12] i2c: Split smbus into parts minyard
2018-11-15 22:22 ` Philippe Mathieu-Daudé
2018-11-16 13:20 ` Corey Minyard
2018-11-20 15:47 ` Peter Maydell
2018-11-20 19:30 ` Philippe Mathieu-Daudé
2018-11-21 11:59 ` Peter Maydell
2018-11-15 19:24 ` [Qemu-devel] [PATCH v2 02/12] i2c: have I2C receive operation return uint8_t minyard
2018-11-20 15:31 ` Peter Maydell
2018-11-15 19:24 ` [Qemu-devel] [PATCH v2 03/12] i2c: Simplify and correct the SMBus state machine minyard
2018-11-15 19:24 ` [Qemu-devel] [PATCH v2 04/12] i2c: Add a length check to the SMBus write handling minyard
2018-11-20 15:33 ` Peter Maydell
2018-11-20 16:58 ` Corey Minyard [this message]
2018-11-15 19:24 ` [Qemu-devel] [PATCH v2 05/12] i2c: Fix pm_smbus handling of I2C block read minyard
2018-11-15 19:24 ` [Qemu-devel] [PATCH v2 06/12] boards.h: Ignore migration for SMBus devices on older machines minyard
2018-11-26 17:23 ` Dr. David Alan Gilbert
2018-11-26 18:22 ` Corey Minyard
2018-11-27 16:01 ` Dr. David Alan Gilbert
2018-11-27 16:59 ` Corey Minyard
2018-11-27 18:14 ` Dr. David Alan Gilbert
2018-11-27 18:41 ` Laurent Vivier
2018-11-15 19:24 ` [Qemu-devel] [PATCH v2 07/12] i2c:pm_smbus: Fix state transfer minyard
2018-11-26 17:20 ` Dr. David Alan Gilbert
2018-11-26 18:24 ` Corey Minyard
2018-11-26 19:41 ` Corey Minyard
2018-11-27 18:20 ` Dr. David Alan Gilbert
2018-11-15 19:24 ` [Qemu-devel] [PATCH v2 08/12] i2c: Add an SMBus vmstate structure minyard
2018-11-15 19:24 ` [Qemu-devel] [PATCH v2 09/12] i2c: Add normal type name and cast to smbus_eeprom.c minyard
2018-11-20 15:34 ` Peter Maydell
2018-11-15 19:24 ` [Qemu-devel] [PATCH v2 10/12] i2c: Add a size constant for the smbus_eeprom size minyard
2018-11-15 22:34 ` Philippe Mathieu-Daudé
2018-11-15 19:24 ` [Qemu-devel] [PATCH v2 11/12] i2c: Add vmstate handling to the smbus eeprom minyard
2018-11-26 17:30 ` Dr. David Alan Gilbert
2018-11-15 19:24 ` [Qemu-devel] [PATCH v2 12/12] i2c: Add a reset function to smbus_eeprom minyard
2018-11-15 23:01 ` [Qemu-devel] [PATCH v2 00/12] RFC: Fix/add vmstate handling in some I2C code Philippe Mathieu-Daudé
2018-11-16 13:30 ` Corey Minyard
2018-11-26 14:11 ` Corey Minyard
2018-11-26 14:35 ` Philippe Mathieu-Daudé
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f2179250-a92b-ef40-46a5-b403f17e0056@acm.org \
--to=minyard@acm.org \
--cc=cminyard@mvista.com \
--cc=dgilbert@redhat.com \
--cc=mst@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.