qemu-commits
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-commits] [qemu/qemu] 8b2f0a: nbd: Fix overflow return value


From: GitHub
Subject: [Qemu-commits] [qemu/qemu] 8b2f0a: nbd: Fix overflow return value
Date: Thu, 19 Mar 2015 04:30:06 -0700

  Branch: refs/heads/master
  Home:   https://github.com/qemu/qemu
  Commit: 8b2f0abfd61237b301a29e814535b1e36d733aaa
      
https://github.com/qemu/qemu/commit/8b2f0abfd61237b301a29e814535b1e36d733aaa
  Author: Yik Fang <address@hidden>
  Date:   2015-03-18 (Wed, 18 Mar 2015)

  Changed paths:
    M nbd.c

  Log Message:
  -----------
  nbd: Fix overflow return value

The value of reply.error should be the type unsigned int.

Signed-off-by: Yik Fang <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>


  Commit: 2b21233061696feed434317a70e0a8b74f956ec8
      
https://github.com/qemu/qemu/commit/2b21233061696feed434317a70e0a8b74f956ec8
  Author: Max Reitz <address@hidden>
  Date:   2015-03-18 (Wed, 18 Mar 2015)

  Changed paths:
    M util/uri.c

  Log Message:
  -----------
  util/uri: Add overflow check to rfc3986_parse_port

And while at it, replace tabs by eight spaces in this function.

Signed-off-by: Max Reitz <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>


  Commit: 453b07b13443713f6a632005977c7ccab17e135d
      
https://github.com/qemu/qemu/commit/453b07b13443713f6a632005977c7ccab17e135d
  Author: Max Reitz <address@hidden>
  Date:   2015-03-18 (Wed, 18 Mar 2015)

  Changed paths:
    M qemu-nbd.c

  Log Message:
  -----------
  qemu-nbd: Detect unused partitions by system == 0

Unused partitions do not necessarily have a total sector count of 0
(although they should have), but they always do have the system field
set to 0, so use that for testing whether a partition is in use rather
than the sector count field alone.

Signed-off-by: Max Reitz <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>


  Commit: 2b1f13b996c3a278ed3d4bf4ce0893f3506fb7cc
      
https://github.com/qemu/qemu/commit/2b1f13b996c3a278ed3d4bf4ce0893f3506fb7cc
  Author: Max Reitz <address@hidden>
  Date:   2015-03-18 (Wed, 18 Mar 2015)

  Changed paths:
    M block/nbd.c

  Log Message:
  -----------
  nbd: Fix nbd_establish_connection()'s return value

unix_connect_opts() and inet_connect_opts() do not necessarily set errno
(if at all); therefore, nbd_establish_connection() should not literally
return -errno on error.

Signed-off-by: Max Reitz <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>


  Commit: 892f5a5270f9f3cae4f384dffbf70679fa2a57b6
      
https://github.com/qemu/qemu/commit/892f5a5270f9f3cae4f384dffbf70679fa2a57b6
  Author: Max Reitz <address@hidden>
  Date:   2015-03-18 (Wed, 18 Mar 2015)

  Changed paths:
    M nbd.c

  Log Message:
  -----------
  nbd: Pass return value from nbd_handle_list()

While it does not make a difference in practice, nbd_receive_options()
generally returns -errno, so it should do that here as well; and the
easiest way to achieve this is by passing on the value returned by
nbd_handle_list().

Signed-off-by: Max Reitz <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>


  Commit: 98f44bbe70bb803e7be2421b7cc92a1c179afb87
      
https://github.com/qemu/qemu/commit/98f44bbe70bb803e7be2421b7cc92a1c179afb87
  Author: Max Reitz <address@hidden>
  Date:   2015-03-18 (Wed, 18 Mar 2015)

  Changed paths:
    M blockdev-nbd.c
    M include/block/nbd.h
    M nbd.c
    M qemu-nbd.c

  Log Message:
  -----------
  nbd: Handle blk_getlength() failure

Signed-off-by: Max Reitz <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>


  Commit: 70d4739ef200760d8cac3355d05b4252f2f37fec
      
https://github.com/qemu/qemu/commit/70d4739ef200760d8cac3355d05b4252f2f37fec
  Author: Max Reitz <address@hidden>
  Date:   2015-03-18 (Wed, 18 Mar 2015)

  Changed paths:
    M qemu-nbd.c

  Log Message:
  -----------
  qemu-nbd: fork() can fail

It is very unlikely, but it is possible.

Signed-off-by: Max Reitz <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>


  Commit: ac97393dc7c4761af6104fb8fca5f600899f687b
      
https://github.com/qemu/qemu/commit/ac97393dc7c4761af6104fb8fca5f600899f687b
  Author: Max Reitz <address@hidden>
  Date:   2015-03-18 (Wed, 18 Mar 2015)

  Changed paths:
    M include/block/nbd.h
    M qemu-nbd.c

  Log Message:
  -----------
  nbd: Fix potential signed overflow issues

Signed-off-by: Max Reitz <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>


  Commit: 3f4726596dafd2e27485e51f4cc4a2363f48d4a3
      
https://github.com/qemu/qemu/commit/3f4726596dafd2e27485e51f4cc4a2363f48d4a3
  Author: Max Reitz <address@hidden>
  Date:   2015-03-18 (Wed, 18 Mar 2015)

  Changed paths:
    M block/nbd-client.c
    M block/nbd-client.h
    M include/block/nbd.h
    M nbd.c
    M qemu-nbd.c

  Log Message:
  -----------
  nbd: Set block size to BDRV_SECTOR_SIZE

Signed-off-by: Max Reitz <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>


  Commit: 9c122adadbf4377eb77195b3944be10a59d9484f
      
https://github.com/qemu/qemu/commit/9c122adadbf4377eb77195b3944be10a59d9484f
  Author: Max Reitz <address@hidden>
  Date:   2015-03-18 (Wed, 18 Mar 2015)

  Changed paths:
    M nbd.c

  Log Message:
  -----------
  nbd: Fix nbd_receive_options()

The client flags are sent exactly once overall, not once per option.

Signed-off-by: Max Reitz <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>


  Commit: 48c7d80de8863e3436b3b5d5676018b2afaec161
      
https://github.com/qemu/qemu/commit/48c7d80de8863e3436b3b5d5676018b2afaec161
  Author: Max Reitz <address@hidden>
  Date:   2015-03-18 (Wed, 18 Mar 2015)

  Changed paths:
    M nbd.c

  Log Message:
  -----------
  nbd: Fix interpretation of the export flags

The export flags are a 16 bit value, so be16_to_cpu() has to be used to
interpret them correctly. This makes discard and flush actually work
for named NBD exports (they did not work before, because the client
always assumed them to be unsupported because of the bug fixed by this
patch).

Signed-off-by: Max Reitz <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>


  Commit: 0379f474ddebfc69f42fa8231d86687cf29d997b
      
https://github.com/qemu/qemu/commit/0379f474ddebfc69f42fa8231d86687cf29d997b
  Author: Max Reitz <address@hidden>
  Date:   2015-03-18 (Wed, 18 Mar 2015)

  Changed paths:
    M nbd.c

  Log Message:
  -----------
  nbd: Drop unexpected data for NBD_OPT_LIST

When requesting the list of exports, no data should be sent. If data is
sent, the NBD server should not just inform the client of the invalid
request, but also drop the data.

Signed-off-by: Max Reitz <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>


  Commit: 4adf4180f284caf4ea9cd83ce37085d50a52603b
      
https://github.com/qemu/qemu/commit/4adf4180f284caf4ea9cd83ce37085d50a52603b
  Author: Max Reitz <address@hidden>
  Date:   2015-03-18 (Wed, 18 Mar 2015)

  Changed paths:
    M qemu-coroutine-io.c

  Log Message:
  -----------
  coroutine-io: Return -errno in case of error

In case qemu_co_sendv_recvv() fails without any data read, there is no
reason not to return the perfectly fine error number retrieved from
socket_error().

Signed-off-by: Max Reitz <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>


  Commit: 15564d85afaf1d7b314c858a5a34bda599f4cd14
      
https://github.com/qemu/qemu/commit/15564d85afaf1d7b314c858a5a34bda599f4cd14
  Author: Paolo Bonzini <address@hidden>
  Date:   2015-03-18 (Wed, 18 Mar 2015)

  Changed paths:
    M Makefile
    M scripts/make_device_config.sh

  Log Message:
  -----------
  build: pass .d file name to scripts/make_device_config.sh, fix makefile target

The .d file name must match exactly what is used in the SUBDIR_DEVICES_MAK_DEP
variable.  Instead of making assumptions in the make_device_config.sh script,
just pass it in.

Similarly, the makefile target may not match the output file name, because
Makefile uses a temporary file.  Instead of making assumptions on what the
Makefile does, emit the config-devices.mak file to stdout, and use the
passed-in destination as the makefile target

Reported-by: Peter Maydell <address@hidden>
Cc: Michael S. Tsirkin <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>


  Commit: 2034e324dabc55064553aaa07de1536ebf8ea497
      
https://github.com/qemu/qemu/commit/2034e324dabc55064553aaa07de1536ebf8ea497
  Author: Fam Zheng <address@hidden>
  Date:   2015-03-18 (Wed, 18 Mar 2015)

  Changed paths:
    M hw/scsi/virtio-scsi.c

  Log Message:
  -----------
  virtio-scsi: Fix assert in virtio_scsi_push_event

Hotplugging a scsi-disk may trigger the assertion in qemu_sgl_concat.

    qemu-system-x86_64: qemu/hw/scsi/virtio-scsi.c:115: qemu_sgl_concat:
    Assertion `skip == 0' failed.

This is introduced by commit 55783a55 (virtio-scsi: work around bug in
old BIOSes) which didn't check out_num when accessing out_sg[0].iov_len
(the same to in sg). For virtio_scsi_push_event, looking into out_sg
doesn't make sense because 0 req_size is intended.

Cc: address@hidden
[Cc'ing qemu-stable because 55783a55 did it too]
Signed-off-by: Fam Zheng <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>


  Commit: b680c5ba54946ab205cdb5083bc0a17e3f2fb468
      
https://github.com/qemu/qemu/commit/b680c5ba54946ab205cdb5083bc0a17e3f2fb468
  Author: Greg Kurz <address@hidden>
  Date:   2015-03-18 (Wed, 18 Mar 2015)

  Changed paths:
    M kvm-all.c

  Log Message:
  -----------
  kvm: fix ioeventfd endianness on bi-endian architectures

KVM expects host endian values. Hosts that don't use the default endianness
need to negate the swap performed in adjust_endianness().

Suggested-by: Paolo Bonzini <address@hidden>
Signed-off-by: Greg Kurz <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>


  Commit: 89d5cbddeeaf6bb4aa6a5ca4fbb443115abce4a2
      
https://github.com/qemu/qemu/commit/89d5cbddeeaf6bb4aa6a5ca4fbb443115abce4a2
  Author: Alexey Kardashevskiy <address@hidden>
  Date:   2015-03-18 (Wed, 18 Mar 2015)

  Changed paths:
    M cpus.c
    M include/qemu/timer.h
    M monitor.c

  Log Message:
  -----------
  profiler: Reenable built-in profiler

2ed1ebcf6 "timer: replace time() with QEMU_CLOCK_HOST" broke compile
when configured with --enable-profiler. Turned out the profiler has been
broken for a while.

This does s/qemu_time/tcg_time/ as the profiler only works in a TCG mode.
This also fixes the compile error.

This changes profile_getclock() to return nanoseconds rather than
CPU ticks as the "profile" HMP command prints seconds and there is no
platform-independent way to get ticks-per-second rate.
Since TCG is quite slow and get_clock() returns nanoseconds (fine
enough), this should not affect precision much.

This removes unused qemu_time_start and tlb_flush_time.

Signed-off-by: Alexey Kardashevskiy <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>


  Commit: 196d4fc56d824ccbbb58714e9ad0793053ef8260
      
https://github.com/qemu/qemu/commit/196d4fc56d824ccbbb58714e9ad0793053ef8260
  Author: Bo Su <address@hidden>
  Date:   2015-03-18 (Wed, 18 Mar 2015)

  Changed paths:
    M hw/scsi/virtio-scsi-dataplane.c

  Log Message:
  -----------
  virtio-scsi-dataplane: fix memory leak in virtio_scsi_vring_init

if k->set_host_notifier failed, VirtIOSCSIVring *r will leak

Signed-off-by: Bo Su <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Fam Zheng <address@hidden>
Reviewed-by: Gonglei <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>


  Commit: c3c1bb99d1c11978d9ce94d1bdcf0705378c1459
      
https://github.com/qemu/qemu/commit/c3c1bb99d1c11978d9ce94d1bdcf0705378c1459
  Author: Peter Crosthwaite <address@hidden>
  Date:   2015-03-18 (Wed, 18 Mar 2015)

  Changed paths:
    M exec.c

  Log Message:
  -----------
  exec: Respect as_tranlsate_internal length clamp

address_space_translate_internal will clamp the *plen length argument
based on the size of the memory region being queried. The iommu walker
logic in addresss_space_translate was ignoring this by discarding the
post fn call value of *plen. Fix by just always using *plen as the
length argument throughout the fn, removing the len local variable.

This fixes a bootloader bug when a single elf section spans multiple
QEMU memory regions.

Signed-off-by: Peter Crosthwaite <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>


  Commit: 1f3500976d3d9d77718ba9b0e69cd4e32239ebfc
      
https://github.com/qemu/qemu/commit/1f3500976d3d9d77718ba9b0e69cd4e32239ebfc
  Author: Peter Maydell <address@hidden>
  Date:   2015-03-19 (Thu, 19 Mar 2015)

  Changed paths:
    M Makefile
    M block/nbd-client.c
    M block/nbd-client.h
    M block/nbd.c
    M blockdev-nbd.c
    M cpus.c
    M exec.c
    M hw/scsi/virtio-scsi-dataplane.c
    M hw/scsi/virtio-scsi.c
    M include/block/nbd.h
    M include/qemu/timer.h
    M kvm-all.c
    M monitor.c
    M nbd.c
    M qemu-coroutine-io.c
    M qemu-nbd.c
    M scripts/make_device_config.sh
    M util/uri.c

  Log Message:
  -----------
  Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

- kvm: ioeventfd fix for PPC64LE
- virtio-scsi: misc fixes
- fix for --enable-profiler
- nbd: fixes from Max
- build: fix for scripts/make_device_config.sh
- exec: fix for address_space_translate

# gpg: Signature made Wed Mar 18 11:11:08 2015 GMT using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <address@hidden>"
# gpg:                 aka "Paolo Bonzini <address@hidden>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream:
  exec: Respect as_tranlsate_internal length clamp
  virtio-scsi-dataplane: fix memory leak in virtio_scsi_vring_init
  profiler: Reenable built-in profiler
  kvm: fix ioeventfd endianness on bi-endian architectures
  virtio-scsi: Fix assert in virtio_scsi_push_event
  build: pass .d file name to scripts/make_device_config.sh, fix makefile target
  coroutine-io: Return -errno in case of error
  nbd: Drop unexpected data for NBD_OPT_LIST
  nbd: Fix interpretation of the export flags
  nbd: Fix nbd_receive_options()
  nbd: Set block size to BDRV_SECTOR_SIZE
  nbd: Fix potential signed overflow issues
  qemu-nbd: fork() can fail
  nbd: Handle blk_getlength() failure
  nbd: Pass return value from nbd_handle_list()
  nbd: Fix nbd_establish_connection()'s return value
  qemu-nbd: Detect unused partitions by system == 0
  util/uri: Add overflow check to rfc3986_parse_port
  nbd: Fix overflow return value

Signed-off-by: Peter Maydell <address@hidden>


Compare: https://github.com/qemu/qemu/compare/cd232acfa0d7...1f3500976d3d

reply via email to

[Prev in Thread] Current Thread [Next in Thread]