From 0d92d40dd5f57c4b372e60f5d6bced52e57c0595 Mon Sep 17 00:00:00 2001
From: Hans de Goede <hdegoede@redhat.com>
Date: Fri, 21 Sep 2012 18:57:25 -0300
Subject: [RHEL6 qemu-kvm PATCH 04/23] usb-ehci: Ensure frindex writes leave a
 valid frindex value

RH-Author: Hans de Goede <hdegoede@redhat.com>
Message-id: <1348253864-3050-4-git-send-email-hdegoede@redhat.com>
Patchwork-id: 42180
O-Subject: [RHEL-6.4 qemu-kvm PATCH 03/22] usb-ehci: Ensure frindex writes leave a valid frindex value
Bugzilla: 805172
RH-Acked-by: Uri Lublin <uril@redhat.com>
RH-Acked-by: Arnon Gilboa <agilboa@redhat.com>
RH-Acked-by: Gerd Hoffmann <kraxel@redhat.com>

frindex is a 14 bits counter, so bits 31-14 should always be 0, and
after the commit titled "usb-ehci: frindex always is a 14 bits counter"
we rely on frindex always being a multiple of 8. I've not seen this in
practice, but theoretically a guest can write a value >= 0x4000 or a value
which is not a multiple of 8 value to frindex, this patch ensures that
things will still work when that happens.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Upstream commit: 8a771f77e2abfb81f1f33a986810c16ecae54ca7
---
 hw/usb-ehci.c | 4 ++++
 1 file changed, 4 insertions(+)

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
---
 hw/usb-ehci.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/hw/usb-ehci.c b/hw/usb-ehci.c
index 35871b2..0c26839 100644
--- a/hw/usb-ehci.c
+++ b/hw/usb-ehci.c
@@ -1084,6 +1084,10 @@ static void ehci_mem_writel(void *ptr, target_phys_addr_t addr, uint32_t val)
         val &= USBINTR_MASK;
         break;
 
+    case FRINDEX:
+        val &= 0x00003ff8; /* frindex is 14bits and always a multiple of 8 */
+        break;
+
     case CONFIGFLAG:
         val &= 0x1;
         if (val) {
-- 
1.7.11.4