[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 29c6e6: vfio-pci: Fix BAR size overflow
|
From: |
GitHub |
|
Subject: |
[Qemu-commits] [qemu/qemu] 29c6e6: vfio-pci: Fix BAR size overflow |
|
Date: |
Sun, 11 Jan 2015 10:30:08 -0800 |
Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: 29c6e6df492d81b1843e5dd999171bb84c6effea
https://github.com/qemu/qemu/commit/29c6e6df492d81b1843e5dd999171bb84c6effea
Author: Alex Williamson <address@hidden>
Date: 2015-01-09 (Fri, 09 Jan 2015)
Changed paths:
M hw/vfio/pci.c
Log Message:
-----------
vfio-pci: Fix BAR size overflow
We use an unsigned int when working with the PCI BAR size, which can
obviously overflow if the BAR is 4GB or larger. This needs to change
to a fixed length uint64_t. A similar issue is possible, though even
more unlikely, when mapping the region above an MSI-X table. The
start of the MSI-X vector table must be below 4GB, but the end, and
therefore the start of the next mapping region, could still land at
4GB.
Suggested-by: Nishank Trivedi <address@hidden>
Signed-off-by: Alex Williamson <address@hidden>
Reviewed-by: Don Slutz <address@hidden>
Tested-by: Alexey Kardashevskiy <address@hidden>
Commit: b3e27c3aee8f5a96debfe0346e9c0e3a641a8516
https://github.com/qemu/qemu/commit/b3e27c3aee8f5a96debfe0346e9c0e3a641a8516
Author: Alex Williamson <address@hidden>
Date: 2015-01-09 (Fri, 09 Jan 2015)
Changed paths:
M hw/vfio/pci.c
Log Message:
-----------
vfio-pci: Fix interrupt disabling
When disabling MSI/X interrupts the disable functions will leave the
device in INTx mode (when available). This matches how hardware
operates, INTx is enabled unless MSI/X is enabled (DisINTx is handled
separately). Therefore when we really want to disable all interrupts,
such as when removing the device, and we start with the device in
MSI/X mode, we need to pass through INTx on our way to being
completely quiesced.
In well behaved situations, the guest driver will have shutdown the
device and it will start vfio_exitfn() in INTx mode, producing the
desired result. If hot-unplug causes the guest to crash, we may get
the device in MSI/X state, which will leave QEMU with a bogus handler
installed.
Fix this by re-ordering our disable routine so that it should always
finish in VFIO_INT_NONE state, which is what all callers expect.
Signed-off-by: Alex Williamson <address@hidden>
Commit: 64ea8038ffbf703dcd438a108d2d5499c8ff95d9
https://github.com/qemu/qemu/commit/64ea8038ffbf703dcd438a108d2d5499c8ff95d9
Author: Peter Maydell <address@hidden>
Date: 2015-01-10 (Sat, 10 Jan 2015)
Changed paths:
M hw/vfio/pci.c
Log Message:
-----------
Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20150109.0'
into staging
VFIO fixes:
- Fix 32bit overflow in handling large PCI BARs (Alex Williamson)
- Fix interrupt shutdown ordering (Alex Williamson)
# gpg: Signature made Fri 09 Jan 2015 16:23:42 GMT using RSA key ID 3BB08B22
# gpg: Good signature from "Alex Williamson <address@hidden>"
# gpg: aka "Alex Williamson <address@hidden>"
# gpg: aka "Alex Williamson <address@hidden>"
# gpg: aka "Alex Williamson <address@hidden>"
* remotes/awilliam/tags/vfio-update-20150109.0:
vfio-pci: Fix interrupt disabling
vfio-pci: Fix BAR size overflow
Signed-off-by: Peter Maydell <address@hidden>
Compare: https://github.com/qemu/qemu/compare/aaf030191759...64ea8038ffbf
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] 29c6e6: vfio-pci: Fix BAR size overflow,
GitHub <=