vfio-pci: Fix BAR size overflow
authorAlex Williamson <alex.williamson@redhat.com>
Fri, 9 Jan 2015 15:50:53 +0000 (08:50 -0700)
committerAlex Williamson <alex.williamson@redhat.com>
Fri, 9 Jan 2015 15:50:53 +0000 (08:50 -0700)
commit29c6e6df492d81b1843e5dd999171bb84c6effea
treec44463c337e892638b5031e542059989ffef8e3e
parent59a0419856c9ed24e9ecd033db092b2e8f81a728
vfio-pci: Fix BAR size overflow

We use an unsigned int when working with the PCI BAR size, which can
obviously overflow if the BAR is 4GB or larger.  This needs to change
to a fixed length uint64_t.  A similar issue is possible, though even
more unlikely, when mapping the region above an MSI-X table.  The
start of the MSI-X vector table must be below 4GB, but the end, and
therefore the start of the next mapping region, could still land at
4GB.

Suggested-by: Nishank Trivedi <nishank.trivedi@netapp.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Reviewed-by: Don Slutz <dslutz@verizon.com>
Tested-by: Alexey Kardashevskiy <aik@ozlabs.ru>
hw/vfio/pci.c