Merge tag 'vfio-for-v3.10' of git://github.com/awilliam/linux-vfio

[mirror_ubuntu-artful-kernel.git] / drivers / vfio / pci / vfio_pci.c

diff --git a/drivers/vfio/pci/vfio_pci.c b/drivers/vfio/pci/vfio_pci.c
index acfcb1ae77bcefc8839f4714411d1734d2034840..ac3725440d648ab4f3efefda246be390b6be643e 100644 (file)
--- a/drivers/vfio/pci/vfio_pci.c
+++ b/drivers/vfio/pci/vfio_pci.c
@@ -70,7 +70,7 @@ static int vfio_pci_enable(struct vfio_pci_device *vdev)
                pci_write_config_word(pdev, PCI_COMMAND, cmd);
        }
 
-       msix_pos = pci_find_capability(pdev, PCI_CAP_ID_MSIX);
+       msix_pos = pdev->msix_cap;
        if (msix_pos) {
                u16 flags;
                u32 table;
@@ -78,8 +78,8 @@ static int vfio_pci_enable(struct vfio_pci_device *vdev)
                pci_read_config_word(pdev, msix_pos + PCI_MSIX_FLAGS, &flags);
                pci_read_config_dword(pdev, msix_pos + PCI_MSIX_TABLE, &table);
 
-               vdev->msix_bar = table & PCI_MSIX_FLAGS_BIRMASK;
-               vdev->msix_offset = table & ~PCI_MSIX_FLAGS_BIRMASK;
+               vdev->msix_bar = table & PCI_MSIX_TABLE_BIR;
+               vdev->msix_offset = table & PCI_MSIX_TABLE_OFFSET;
                vdev->msix_size = ((flags & PCI_MSIX_FLAGS_QSIZE) + 1) * 16;
        } else
                vdev->msix_bar = 0xFF;
@@ -183,7 +183,7 @@ static int vfio_pci_get_irq_count(struct vfio_pci_device *vdev, int irq_type)
                u8 pos;
                u16 flags;
 
-               pos = pci_find_capability(vdev->pdev, PCI_CAP_ID_MSI);
+               pos = vdev->pdev->msi_cap;
                if (pos) {
                        pci_read_config_word(vdev->pdev,
                                             pos + PCI_MSI_FLAGS, &flags);
@@ -194,7 +194,7 @@ static int vfio_pci_get_irq_count(struct vfio_pci_device *vdev, int irq_type)
                u8 pos;
                u16 flags;
 
-               pos = pci_find_capability(vdev->pdev, PCI_CAP_ID_MSIX);
+               pos = vdev->pdev->msix_cap;
                if (pos) {
                        pci_read_config_word(vdev->pdev,
                                             pos + PCI_MSIX_FLAGS, &flags);
@@ -359,6 +359,7 @@ static long vfio_pci_ioctl(void *device_data,
 
                if (!(hdr.flags & VFIO_IRQ_SET_DATA_NONE)) {
                        size_t size;
+                       int max = vfio_pci_get_irq_count(vdev, hdr.index);
 
                        if (hdr.flags & VFIO_IRQ_SET_DATA_BOOL)
                                size = sizeof(uint8_t);
@@ -368,7 +369,7 @@ static long vfio_pci_ioctl(void *device_data,
                                return -EINVAL;
 
                        if (hdr.argsz - minsz < hdr.count * size ||
-                           hdr.count > vfio_pci_get_irq_count(vdev, hdr.index))
+                           hdr.start >= max || hdr.start + hdr.count > max)
                                return -EINVAL;
 
                        data = memdup_user((void __user *)(arg + minsz),