From: Alejandro Jimenez <alejandro.j.jimenez@oracle.com>
Date: Tue, 17 Jun 2025 15:04:21 +0000 (+0000)
Subject: amd_iommu: Fix Device ID decoding for INVALIDATE_IOTLB_PAGES command
X-Git-Tag: v7.2.19~8
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4002ea511dcb39efdc2aad0b6f9e85c5e6e4c390;p=thirdparty%2Fqemu.git

amd_iommu: Fix Device ID decoding for INVALIDATE_IOTLB_PAGES command

The DeviceID bits are extracted using an incorrect offset in the call to
amdvi_iotlb_remove_page(). This field is read (correctly) earlier, so use
the value already retrieved for devid.

Cc: qemu-stable@nongnu.org
Fixes: d29a09ca6842 ("hw/i386: Introduce AMD IOMMU")
Signed-off-by: Alejandro Jimenez <alejandro.j.jimenez@oracle.com>
Reviewed-by: Vasant Hegde <vasant.hegde@amd.com>
Message-Id: <20250617150427.20585-3-alejandro.j.jimenez@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
(cherry picked from commit c63b8d1425ba8b3b08ee4f7346457fd8a7f12a24)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
---

diff --git a/hw/i386/amd_iommu.c b/hw/i386/amd_iommu.c
index d68e85b6066..1d1f734ecad 100644
--- a/hw/i386/amd_iommu.c
+++ b/hw/i386/amd_iommu.c
@@ -483,7 +483,7 @@ static void amdvi_inval_inttable(AMDVIState *s, uint64_t *cmd)
 static void iommu_inval_iotlb(AMDVIState *s, uint64_t *cmd)
 {
 
-    uint16_t devid = extract64(cmd[0], 0, 16);
+    uint16_t devid = cpu_to_le16(extract64(cmd[0], 0, 16));
     if (extract64(cmd[1], 1, 1) || extract64(cmd[1], 3, 1) ||
         extract64(cmd[1], 6, 6)) {
         amdvi_log_illegalcom_error(s, extract64(cmd[0], 60, 4),
@@ -496,7 +496,7 @@ static void iommu_inval_iotlb(AMDVIState *s, uint64_t *cmd)
                                     &devid);
     } else {
         amdvi_iotlb_remove_page(s, cpu_to_le64(extract64(cmd[1], 12, 52)) << 12,
-                                cpu_to_le16(extract64(cmd[1], 0, 16)));
+                                devid);
     }
     trace_amdvi_iotlb_inval();
 }