[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 742319: virtio: add checks for the size of th
|
From: |
Peter Maydell |
|
Subject: |
[Qemu-commits] [qemu/qemu] 742319: virtio: add checks for the size of the indirect table |
|
Date: |
Tue, 05 Feb 2019 09:38:24 -0800 |
Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: 7423192912af36a2cdf4eb2066f17ca37904ef5e
https://github.com/qemu/qemu/commit/7423192912af36a2cdf4eb2066f17ca37904ef5e
Author: Dima Stepanov <address@hidden>
Date: 2019-02-01 (Fri, 01 Feb 2019)
Changed paths:
M hw/virtio/virtio.c
Log Message:
-----------
virtio: add checks for the size of the indirect table
The virtqueue_pop() and virtqueue_get_avail_bytes() routines can use the
INDIRECT table to get the data. It is possible to create a packet which
will lead to the assert message like:
include/exec/memory.h:1995: void
address_space_read_cached(MemoryRegionCache *, hwaddr, void *, int):
Assertion `addr < cache->len && len <= cache->len - addr' failed.
Aborted
To do it the first descriptor should have a link to the INDIRECT table
and set the size of it to 0. It doesn't look good that the guest should
be able to trigger the assert in qemu. Add additional check for the size
of the INDIRECT table, which should not be 0.
Signed-off-by: Dima Stepanov <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Reviewed-by: Cornelia Huck <address@hidden>
Reviewed-by: Stefan Hajnoczi <address@hidden>
Commit: 9174d8ad7411911dbc18376a449da10293c36a9a
https://github.com/qemu/qemu/commit/9174d8ad7411911dbc18376a449da10293c36a9a
Author: Michael S. Tsirkin <address@hidden>
Date: 2019-02-04 (Mon, 04 Feb 2019)
Changed paths:
M contrib/libvhost-user/libvhost-user.c
Log Message:
-----------
contrib/libvhost-user: switch to uint64_t
contrib/libvhost-user is now using __u64 which is
a long long. New linux headers will use uint64_t.
These need to be printed differently: llx versus PRIx64.
For now cast to uint64_t for portability so the change
does not break the build.
Casts will go away in the future.
Signed-off-by: Michael S. Tsirkin <address@hidden>
Commit: a0a6ef91a4a4edde27b808f28065772c712c5e92
https://github.com/qemu/qemu/commit/a0a6ef91a4a4edde27b808f28065772c712c5e92
Author: Paolo Bonzini <address@hidden>
Date: 2019-02-04 (Mon, 04 Feb 2019)
Changed paths:
M scripts/update-linux-headers.sh
Log Message:
-----------
scripts/update-linux-headers.sh: adjust for Linux 4.21-rc1 (or 5.0-rc1)
There are three new indirect inclusions: vhost_types.h, which we'll
shortly put to use as a portable header and thus is copied to
standard-headers; and new per-subtarget versions of MIPS unistd.h
and PowerPC unistd.h.
Because vhost.h includes vhost_types.h, we also need a proxy include
from linux/vhost.h to standard-headers.
Signed-off-by: Paolo Bonzini <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
Commit: da054c646c777bcb487326f46cd5bf9932b05128
https://github.com/qemu/qemu/commit/da054c646c777bcb487326f46cd5bf9932b05128
Author: Paolo Bonzini <address@hidden>
Date: 2019-02-04 (Mon, 04 Feb 2019)
Changed paths:
M include/standard-headers/drm/drm_fourcc.h
M include/standard-headers/linux/ethtool.h
M include/standard-headers/linux/input-event-codes.h
M include/standard-headers/linux/pci_regs.h
A include/standard-headers/linux/vhost_types.h
M include/standard-headers/linux/virtio_balloon.h
M include/standard-headers/linux/virtio_blk.h
M include/standard-headers/linux/virtio_config.h
M include/standard-headers/linux/virtio_gpu.h
M include/standard-headers/linux/virtio_ring.h
M linux-headers/asm-arm/unistd-common.h
M linux-headers/asm-arm64/unistd.h
M linux-headers/asm-generic/unistd.h
M linux-headers/asm-mips/sgidefs.h
M linux-headers/asm-mips/unistd.h
A linux-headers/asm-mips/unistd_n32.h
A linux-headers/asm-mips/unistd_n64.h
A linux-headers/asm-mips/unistd_o32.h
M linux-headers/asm-powerpc/unistd.h
A linux-headers/asm-powerpc/unistd_32.h
A linux-headers/asm-powerpc/unistd_64.h
M linux-headers/linux/kvm.h
M linux-headers/linux/vfio.h
M linux-headers/linux/vhost.h
A linux-headers/linux/vhost_types.h
Log Message:
-----------
include: update Linux headers to 4.21-rc1/5.0-rc1
This is simply running the newly-updated script on Linux, in
order to obtain the new header files and all the other updates
from the recent Linux merge window.
Signed-off-by: Paolo Bonzini <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
Commit: 3f262b26b82cf5930f0c294d289f258a6d3d2528
https://github.com/qemu/qemu/commit/3f262b26b82cf5930f0c294d289f258a6d3d2528
Author: Li Qiang <address@hidden>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M hw/virtio/virtio-pci.c
Log Message:
-----------
hw: virtio-pci: drop DO_UPCAST
Use VIRTIO_PCI MACRO instead.
Signed-off-by: Li Qiang <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
Commit: 2a078b1080917dc6143783e1dd645e188d11dc8f
https://github.com/qemu/qemu/commit/2a078b1080917dc6143783e1dd645e188d11dc8f
Author: Peter Xu <address@hidden>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M hw/i386/intel_iommu.c
Log Message:
-----------
intel_iommu: fix operator in vtd_switch_address_space
When calculating use_iommu, we wanted to first detect whether DMAR is
enabled, then check whether PT is enabled if DMAR is enabled. However
in the current code we used "&" rather than "&&" so the ordering
requirement is lost (instead it'll be an "AND" operation). This could
introduce errors dumped in QEMU console when rebooting a guest with
both assigned device and vIOMMU, like:
qemu-system-x86_64: vtd_dev_to_context_entry: invalid root entry:
rsvd=0xf000ff53f000e2c3, val=0xf000ff53f000ff53 (reserved nonzero)
Acked-by: Jason Wang <address@hidden>
Signed-off-by: Peter Xu <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
Commit: d7bb469afa015e28a443faf1600a5a28b5fa483a
https://github.com/qemu/qemu/commit/d7bb469afa015e28a443faf1600a5a28b5fa483a
Author: Peter Xu <address@hidden>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M hw/i386/intel_iommu.c
Log Message:
-----------
intel_iommu: reset intr_enabled when system reset
This is found when I was debugging another problem. Until now no bug
is reported with this but we'd better reset the IR status correctly
after a system reset.
Acked-by: Jason Wang <address@hidden>
Signed-off-by: Peter Xu <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
Commit: afa26ecc3010d2851a065edc7817d31e07d236ec
https://github.com/qemu/qemu/commit/afa26ecc3010d2851a065edc7817d31e07d236ec
Author: Peter Xu <address@hidden>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M hw/pci/msi.c
M include/hw/pci/msi.h
Log Message:
-----------
pci/msi: export msi_is_masked()
It is going to be used later on outside MSI code to detect whether one
MSI vector is masked out.
Signed-off-by: Peter Xu <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
Commit: a56de056c91f87e1e8569a32f8d3513b5ae1d7ec
https://github.com/qemu/qemu/commit/a56de056c91f87e1e8569a32f8d3513b5ae1d7ec
Author: Peter Xu <address@hidden>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M contrib/vhost-user-blk/vhost-user-blk.c
M target/i386/kvm.c
Log Message:
-----------
contrib/vhost-user-blk: fix the compilation issue
Signed-off-by: Changpeng Liu <address@hidden>
Reviewed-by: Stefan Hajnoczi <address@hidden>
Reviewed-by: Stefano Garzarella <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
Commit: caa1ee43131c060347b32893abd41fe4865eaa2e
https://github.com/qemu/qemu/commit/caa1ee43131c060347b32893abd41fe4865eaa2e
Author: Changpeng Liu <address@hidden>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M contrib/vhost-user-blk/vhost-user-blk.c
M hw/block/vhost-user-blk.c
M include/standard-headers/linux/virtio_blk.h
Log Message:
-----------
vhost-user-blk: add discard/write zeroes features support
Linux commit 1f23816b8 "virtio_blk: add discard and write zeroes support"
added the support in the Guest kernel, while here also enable the features
support with vhost-user-blk driver. Also enable the test example utility
with DISCARD and WRITE ZEROES commands.
Signed-off-by: Changpeng Liu <address@hidden>
Reviewed-by: Stefan Hajnoczi <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
Commit: 87593a4751c89993896ea534c59a9488d7963ae9
https://github.com/qemu/qemu/commit/87593a4751c89993896ea534c59a9488d7963ae9
Author: Thomas Huth <address@hidden>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M hw/virtio/Makefile.objs
Log Message:
-----------
hw/virtio: Use CONFIG_VIRTIO_PCI switch instead of CONFIG_PCI
For downstream s390x builds, we'd like to be able to build QEMU with
CONFIG_VIRTIO_PCI disabled (since virtio-ccw is used here instead),
but still with CONFIG_PCI enabled. This currently fails since the
virtio-*-pci.o files are still included in the build, but virtio-pci.o
is missing. Use the right config switch CONFIG_VIRTIO_PCI to exclude
the virtio-*-pci.o files from the build.
Reported-by: Miroslav Rezanina <address@hidden>
Signed-off-by: Thomas Huth <address@hidden>
Reviewed-by: Cornelia Huck <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
Commit: 24cf5413aa059f874c34e442802ce25cd1e72178
https://github.com/qemu/qemu/commit/24cf5413aa059f874c34e442802ce25cd1e72178
Author: Stefan Berger <address@hidden>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M hw/i386/acpi-build.c
Log Message:
-----------
acpi: Make TPM 2.0 with TIS available as MSFT0101
This patch makes the a TPM 2.0 with TIS interface available under the
HID 'MSF0101'. This is supported by Linux and also Windows now
recognizes the TPM 2.0 with TIS interface. Leave the TPM 1.2 as before.
Signed-off-by: Stefan Berger <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
Reviewed-by: Igor Mammedov <address@hidden>
Commit: 3b3df3e52dd6adff483d8626c8f0801fd0ac05df
https://github.com/qemu/qemu/commit/3b3df3e52dd6adff483d8626c8f0801fd0ac05df
Author: Laszlo Ersek <address@hidden>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M hw/nvram/fw_cfg.c
Log Message:
-----------
fw_cfg: fix the life cycle and the name of "qemu_extra_params_fw"
Commit 19bcc4bc3213 ("fw_cfg: Make qemu_extra_params_fw locally",
2019-01-04) changed the storage duration of the "qemu_extra_params_fw"
array from static to automatic. This broke the interface contract on the
fw_cfg_add_file() function, which is documented as follows, in
"include/hw/nvram/fw_cfg.h":
> [...] The data referenced by the starting pointer is only linked, NOT
> copied, into the data structure of the fw_cfg device. [...]
As a result, when guest firmware fetches the "etc/boot-menu-wait" fw_cfg
file, it now sees garbage. Fix the regression by changing the storage
duration to allocated. (The call is reached at most once, on the realize
path of the board-specific fw_cfg sysbus device.)
While at it, clean up the name and the assignment of the object as well.
Cc: Gerd Hoffmann <address@hidden>
Cc: Markus Armbruster <address@hidden>
Cc: Philippe Mathieu-Daudé <address@hidden>
Fixes: 19bcc4bc3213e78c303ad480a7a578f62258252d
Signed-off-by: Laszlo Ersek <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
Reviewed-by: Gerd Hoffmann <address@hidden>
Reviewed-by: Li Qiang <address@hidden>
Reviewed-by: Stefano Garzarella <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Commit: 009180bd49ad8851258acecfb109fc3aa2f480ad
https://github.com/qemu/qemu/commit/009180bd49ad8851258acecfb109fc3aa2f480ad
Author: Wei Yang <address@hidden>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M hw/i386/acpi-build.c
Log Message:
-----------
i386, acpi: cleanup build_facs by removing second unused argument
The second argument of build_facs() is not used, just remove it.
Signed-off-by: Wei Yang <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
Reviewed-by: Igor Mammedov <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Tested-by: Philippe Mathieu-Daudé <address@hidden>
Commit: 94af9e34821c5c47a3c69fe242e32d0b33c2fff6
https://github.com/qemu/qemu/commit/94af9e34821c5c47a3c69fe242e32d0b33c2fff6
Author: Murilo Opsfelder Araujo <address@hidden>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M util/mmap-alloc.c
Log Message:
-----------
mmap-alloc: unfold qemu_ram_mmap()
Unfold parts of qemu_ram_mmap() for the sake of understanding, moving
declarations to the top, and keeping architecture-specifics in the
ifdef-else blocks. No changes in the function behaviour.
Give ptr and ptr1 meaningful names:
ptr -> guardptr : pointer to the PROT_NONE guard region
ptr1 -> ptr : pointer to the mapped memory returned to caller
Signed-off-by: Murilo Opsfelder Araujo <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
Reviewed-by: Greg Kurz <address@hidden>
Commit: 7265c2b9716369b339d778b9ef64a8161eb8f99b
https://github.com/qemu/qemu/commit/7265c2b9716369b339d778b9ef64a8161eb8f99b
Author: Murilo Opsfelder Araujo <address@hidden>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M exec.c
M include/qemu/mmap-alloc.h
M util/mmap-alloc.c
M util/oslib-posix.c
Log Message:
-----------
mmap-alloc: fix hugetlbfs misaligned length in ppc64
The commit 7197fb4058bcb68986bae2bb2c04d6370f3e7218 ("util/mmap-alloc:
fix hugetlb support on ppc64") fixed Huge TLB mappings on ppc64.
However, we still need to consider the underlying huge page size
during munmap() because it requires that both address and length be a
multiple of the underlying huge page size for Huge TLB mappings.
Quote from "Huge page (Huge TLB) mappings" paragraph under NOTES
section of the munmap(2) manual:
"For munmap(), addr and length must both be a multiple of the
underlying huge page size."
On ppc64, the munmap() in qemu_ram_munmap() does not work for Huge TLB
mappings because the mapped segment can be aligned with the underlying
huge page size, not aligned with the native system page size, as
returned by getpagesize().
This has the side effect of not releasing huge pages back to the pool
after a hugetlbfs file-backed memory device is hot-unplugged.
This patch fixes the situation in qemu_ram_mmap() and
qemu_ram_munmap() by considering the underlying page size on ppc64.
After this patch, memory hot-unplug releases huge pages back to the
pool.
Fixes: 7197fb4058bcb68986bae2bb2c04d6370f3e7218
Signed-off-by: Murilo Opsfelder Araujo <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
Reviewed-by: Greg Kurz <address@hidden>
Commit: 7de7b6087ef0443c7eef7b8b618ef9a8254a452e
https://github.com/qemu/qemu/commit/7de7b6087ef0443c7eef7b8b618ef9a8254a452e
Author: Michael S. Tsirkin <address@hidden>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M hw/sh4/r2d.c
Log Message:
-----------
r2d: fix build on mingw
Comment near strncpy explains kernel_cmdline does
not need to be 0-terminated.
Accordingly mark it as QEMU_NONSTRING.
Without this, gcc warns:
'strncpy' specified bound 256 equals destination size
Signed-off-by: Michael S. Tsirkin <address@hidden>
Commit: 8bafafcc292925f75eb55c6da2815ca131999570
https://github.com/qemu/qemu/commit/8bafafcc292925f75eb55c6da2815ca131999570
Author: Michael S. Tsirkin <address@hidden>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M contrib/libvhost-user/libvhost-user.c
Log Message:
-----------
contrib/libvhost-user: cleanup casts
Now that field types are all properly uint64_t,
drop the un-necessary cast.
Signed-off-by: Michael S. Tsirkin <address@hidden>
Commit: 68df0c30edf0b9766a2364cbf12328db3d7284e8
https://github.com/qemu/qemu/commit/68df0c30edf0b9766a2364cbf12328db3d7284e8
Author: Peter Maydell <address@hidden>
Date: 2019-02-05 (Tue, 05 Feb 2019)
Changed paths:
M contrib/libvhost-user/libvhost-user.c
M contrib/vhost-user-blk/vhost-user-blk.c
M hw/block/vhost-user-blk.c
M hw/i386/acpi-build.c
M hw/i386/intel_iommu.c
M hw/nvram/fw_cfg.c
M hw/pci/msi.c
M hw/sh4/r2d.c
M hw/virtio/Makefile.objs
M hw/virtio/virtio-pci.c
M hw/virtio/virtio.c
M include/hw/pci/msi.h
M include/standard-headers/drm/drm_fourcc.h
M include/standard-headers/linux/ethtool.h
M include/standard-headers/linux/input-event-codes.h
M include/standard-headers/linux/pci_regs.h
A include/standard-headers/linux/vhost_types.h
M include/standard-headers/linux/virtio_balloon.h
M include/standard-headers/linux/virtio_blk.h
M include/standard-headers/linux/virtio_config.h
M include/standard-headers/linux/virtio_gpu.h
M include/standard-headers/linux/virtio_ring.h
M linux-headers/asm-arm/unistd-common.h
M linux-headers/asm-arm64/unistd.h
M linux-headers/asm-generic/unistd.h
M linux-headers/asm-mips/sgidefs.h
M linux-headers/asm-mips/unistd.h
A linux-headers/asm-mips/unistd_n32.h
A linux-headers/asm-mips/unistd_n64.h
A linux-headers/asm-mips/unistd_o32.h
M linux-headers/asm-powerpc/unistd.h
A linux-headers/asm-powerpc/unistd_32.h
A linux-headers/asm-powerpc/unistd_64.h
M linux-headers/linux/kvm.h
M linux-headers/linux/vfio.h
M linux-headers/linux/vhost.h
A linux-headers/linux/vhost_types.h
M scripts/update-linux-headers.sh
M target/i386/kvm.c
Log Message:
-----------
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
pci, pc, virtio: fixes, cleanups, features
vhost user blk discard/write zeroes features
misc cleanups and fixes all over the place
Signed-off-by: Michael S. Tsirkin <address@hidden>
# gpg: Signature made Tue 05 Feb 2019 16:00:20 GMT
# gpg: using RSA key 281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <address@hidden>" [full]
# gpg: aka "Michael S. Tsirkin <address@hidden>" [full]
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67
# Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469
* remotes/mst/tags/for_upstream:
contrib/libvhost-user: cleanup casts
r2d: fix build on mingw
mmap-alloc: fix hugetlbfs misaligned length in ppc64
mmap-alloc: unfold qemu_ram_mmap()
i386, acpi: cleanup build_facs by removing second unused argument
fw_cfg: fix the life cycle and the name of "qemu_extra_params_fw"
acpi: Make TPM 2.0 with TIS available as MSFT0101
hw/virtio: Use CONFIG_VIRTIO_PCI switch instead of CONFIG_PCI
vhost-user-blk: add discard/write zeroes features support
contrib/vhost-user-blk: fix the compilation issue
pci/msi: export msi_is_masked()
intel_iommu: reset intr_enabled when system reset
intel_iommu: fix operator in vtd_switch_address_space
hw: virtio-pci: drop DO_UPCAST
include: update Linux headers to 4.21-rc1/5.0-rc1
scripts/update-linux-headers.sh: adjust for Linux 4.21-rc1 (or 5.0-rc1)
contrib/libvhost-user: switch to uint64_t
virtio: add checks for the size of the indirect table
Signed-off-by: Peter Maydell <address@hidden>
Compare: https://github.com/qemu/qemu/compare/01a9a51ffaf4...68df0c30edf0
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] 742319: virtio: add checks for the size of the indirect table,
Peter Maydell <=