From: Paolo Bonzini <pbonzini@redhat.com>
Date: Wed, 10 Jul 2024 09:56:35 +0000 (+0200)
Subject: hpet: fix clamping of period
X-Git-Tag: qemu-xen-4.20.0~70^2~11
X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=c9669d6d5741f7aa86e160c5e42979f90d25d168;p=qemu-xen.git

hpet: fix clamping of period

When writing a new period, the clamping should use a maximum value
rather tyhan a bit mask.  Also, when writing the high bits new_val
is shifted right by 32, so the maximum allowed period should also
be shifted right.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---

diff --git a/hw/timer/hpet.c b/hw/timer/hpet.c
index 01efe4885d..ad881448bf 100644
--- a/hw/timer/hpet.c
+++ b/hw/timer/hpet.c
@@ -548,7 +548,9 @@ static void hpet_ram_write(void *opaque, hwaddr addr,
                  * FIXME: Clamp period to reasonable min value?
                  * Clamp period to reasonable max value
                  */
-                new_val &= (timer->config & HPET_TN_32BIT ? ~0u : ~0ull) >> 1;
+                if (timer->config & HPET_TN_32BIT) {
+                    new_val = MIN(new_val, ~0u >> 1);
+                }
                 timer->period =
                     (timer->period & 0xffffffff00000000ULL) | new_val;
             }
@@ -567,7 +569,7 @@ static void hpet_ram_write(void *opaque, hwaddr addr,
                  * FIXME: Clamp period to reasonable min value?
                  * Clamp period to reasonable max value
                  */
-                new_val &= (timer->config & HPET_TN_32BIT ? ~0u : ~0ull) >> 1;
+                new_val = MIN(new_val, ~0u >> 1);
                 timer->period =
                     (timer->period & 0xffffffffULL) | new_val << 32;
                 }