From 3385e8e2640e5c38582f6e8413042bd23d97c640 Mon Sep 17 00:00:00 2001
From: Igor Mammedov <imammedo@redhat.com>
Date: Mon, 7 Sep 2015 13:55:31 +0200
Subject: [PATCH] pc: memhotplug: fix incorrectly set reserved-memory-end

reserved-memory-end tells firmware address from which
it could start treating memory as PCI address space
and map PCI BARs after it to avoid collisions with
RAM.
Currently it is incorrectly pointing to address where
hotplugged memory range starts which could redirect
hotplugged RAM accesses to PCI BARs when firmware
maps them over RAM or viceverse.
Fix this by pointing reserved-memory-end to the end
of memory hotplug area.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
---
 hw/i386/pc.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 9f2924e5df..354e1b3157 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1412,7 +1412,9 @@ FWCfgState *pc_memory_init(PCMachineState *pcms,
 
     if (guest_info->has_reserved_memory && pcms->hotplug_memory.base) {
         uint64_t *val = g_malloc(sizeof(*val));
-        *val = cpu_to_le64(ROUND_UP(pcms->hotplug_memory.base, 0x1ULL << 30));
+        uint64_t res_mem_end = pcms->hotplug_memory.base +
+                               memory_region_size(&pcms->hotplug_memory.mr);
+        *val = cpu_to_le64(ROUND_UP(res_mem_end, 0x1ULL << 30));
         fw_cfg_add_file(fw_cfg, "etc/reserved-memory-end", val, sizeof(*val));
     }
 
-- 
2.39.5