From: Alexander Duyck Date: Fri, 10 Apr 2020 03:41:50 +0000 (-0700) Subject: memory: Do not allow direct write access to rom_device regions X-Git-Tag: v5.0.0-rc3~7^2~1 X-Git-Url: http://git.ipfire.org/?p=thirdparty%2Fqemu.git;a=commitdiff_plain;h=d489ae4ac57ebe14bde8384556cbac237ead988d memory: Do not allow direct write access to rom_device regions According to the documentation in memory.h a ROM memory region will be backed by RAM for reads, but is supposed to go through a callback for writes. Currently we were not checking for the existence of the rom_device flag when determining if we could perform a direct write or not. To correct that add a check to memory_region_is_direct so that if the memory region has the rom_device flag set we will return false for all checks where is_write is set. Signed-off-by: Alexander Duyck Message-Id: <20200410034150.24738.98143.stgit@localhost.localdomain> Signed-off-by: Paolo Bonzini --- diff --git a/include/exec/memory.h b/include/exec/memory.h index 1614d9a02c0..e000bd2f97b 100644 --- a/include/exec/memory.h +++ b/include/exec/memory.h @@ -2351,8 +2351,8 @@ void address_space_write_cached_slow(MemoryRegionCache *cache, static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write) { if (is_write) { - return memory_region_is_ram(mr) && - !mr->readonly && !memory_region_is_ram_device(mr); + return memory_region_is_ram(mr) && !mr->readonly && + !mr->rom_device && !memory_region_is_ram_device(mr); } else { return (memory_region_is_ram(mr) && !memory_region_is_ram_device(mr)) || memory_region_is_romd(mr);