From 9ecbbb6df3909cceff37eb1e13b8a764ac4fced8 Mon Sep 17 00:00:00 2001
From: Alex Williamson <alex.williamson@redhat.com>
Date: Tue, 7 Dec 2010 20:51:18 -0200
Subject: [RHEL6 qemu-kvm PATCH 14/18] device-assignment: Fix off-by-one in header check

RH-Author: Alex Williamson <alex.williamson@redhat.com>
Message-id: <20101207205118.4625.30967.stgit@s20.home>
Patchwork-id: 14381
O-Subject: [RHEL6.1 qemu-kvm PATCH 14/18] device-assignment: Fix off-by-one in
	header check
Bugzilla: 624790
RH-Acked-by: Don Dutile <ddutile@redhat.com>
RH-Acked-by: Michael S. Tsirkin <mst@redhat.com>
RH-Acked-by: Jes Sorensen <Jes.Sorensen@redhat.com>

Upstream commit: 058d2ef893549363860c89ad5971ea5f0ab05114
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=624790
Brew build: http://brewweb.devel.redhat.com/brew/taskinfo?taskID=2948901

Include the first byte at 40h or else access might go to the
hardware instead of the emulated config space, resulting in
capability loops, since the ordering is different.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
---

 hw/device-assignment.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
---
 hw/device-assignment.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/hw/device-assignment.c b/hw/device-assignment.c
index b816f54..0b7a194 100644
--- a/hw/device-assignment.c
+++ b/hw/device-assignment.c
@@ -458,7 +458,7 @@ static void assigned_dev_pci_write_config(PCIDevice *d, uint32_t address,
           ((d->devfn >> 3) & 0x1F), (d->devfn & 0x7),
           (uint16_t) address, val, len);
 
-    if (address > PCI_CONFIG_HEADER_SIZE && d->config_map[address]) {
+    if (address >= PCI_CONFIG_HEADER_SIZE && d->config_map[address]) {
         return assigned_device_pci_cap_write_config(d, address, val, len);
     }
 
@@ -504,7 +504,7 @@ static uint32_t assigned_dev_pci_read_config(PCIDevice *d, uint32_t address,
     if (address < 0x4 || (pci_dev->need_emulate_cmd && address == 0x4) ||
 	(address >= 0x10 && address <= 0x24) || address == 0x30 ||
         address == 0x34 || address == 0x3c || address == 0x3d ||
-        (address > PCI_CONFIG_HEADER_SIZE && d->config_map[address])) {
+        (address >= PCI_CONFIG_HEADER_SIZE && d->config_map[address])) {
         val = pci_default_read_config(d, address, len);
         DEBUG("(%x.%x): address=%04x val=0x%08x len=%d\n",
               (d->devfn >> 3) & 0x1F, (d->devfn & 0x7), address, val, len);
-- 
1.7.3.2