[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] dd248e: virtio-gpu: fix memory leak in set sc
From: |
GitHub |
Subject: |
[Qemu-commits] [qemu/qemu] dd248e: virtio-gpu: fix memory leak in set scanout |
Date: |
Mon, 13 Feb 2017 03:45:10 -0800 |
Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: dd248ed7e204ee8a1873914e02b8b526e8f1b80d
https://github.com/qemu/qemu/commit/dd248ed7e204ee8a1873914e02b8b526e8f1b80d
Author: Li Qiang <address@hidden>
Date: 2017-02-10 (Fri, 10 Feb 2017)
Changed paths:
M hw/display/virtio-gpu.c
Log Message:
-----------
virtio-gpu: fix memory leak in set scanout
In virtio_gpu_set_scanout function, when creating the 'rect'
its refcount is set to 2, by pixman_image_create_bits and
qemu_create_displaysurface_pixman function. This can lead
a memory leak issues. This patch avoid this issue.
Signed-off-by: Li Qiang <address@hidden>
Reviewed-by: Marc-André Lureau <address@hidden>
Message-id: address@hidden
Signed-off-by: Gerd Hoffmann <address@hidden>
Commit: 5e8e3c4c75c199aa1017db816fca02be2a9f8798
https://github.com/qemu/qemu/commit/5e8e3c4c75c199aa1017db816fca02be2a9f8798
Author: Gerd Hoffmann <address@hidden>
Date: 2017-02-10 (Fri, 10 Feb 2017)
Changed paths:
M hw/display/virtio-gpu-3d.c
Log Message:
-----------
virtio-gpu: fix resource leak in virgl_cmd_resource_unref
When the guest sends VIRTIO_GPU_CMD_RESOURCE_UNREF without detaching the
backing storage beforehand (VIRTIO_GPU_CMD_RESOURCE_DETACH_BACKING)
we'll leak memory.
This patch fixes it for 3d mode, simliar to the 2d mode fix in commit
"b8e2392 virtio-gpu: call cleanup mapping function in resource destroy".
Reported-by: 李强 <address@hidden>
Signed-off-by: Gerd Hoffmann <address@hidden>
Message-id: address@hidden
Commit: cf7dabeebc36bfb93413f175234779f5bfb2c0b1
https://github.com/qemu/qemu/commit/cf7dabeebc36bfb93413f175234779f5bfb2c0b1
Author: Gerd Hoffmann <address@hidden>
Date: 2017-02-10 (Fri, 10 Feb 2017)
Changed paths:
M hw/display/trace-events
M hw/display/vga.c
Log Message:
-----------
vga: replace debug printf with trace points
Signed-off-by: Gerd Hoffmann <address@hidden>
Reviewed-by: Laurent Vivier <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Message-id: address@hidden
Commit: ec87f206d708191abdd332fdfd48fc5b36da083c
https://github.com/qemu/qemu/commit/ec87f206d708191abdd332fdfd48fc5b36da083c
Author: Gerd Hoffmann <address@hidden>
Date: 2017-02-10 (Fri, 10 Feb 2017)
Changed paths:
M hw/display/cirrus_vga.c
M hw/display/trace-events
Log Message:
-----------
cirrus: replace debug printf with trace points
Signed-off-by: Gerd Hoffmann <address@hidden>
Reviewed-by: Laurent Vivier <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Message-id: address@hidden
Commit: 95280c31cda79bb1d0968afc7b19a220b3a9d986
https://github.com/qemu/qemu/commit/95280c31cda79bb1d0968afc7b19a220b3a9d986
Author: Gerd Hoffmann <address@hidden>
Date: 2017-02-10 (Fri, 10 Feb 2017)
Changed paths:
M hw/display/cirrus_vga.c
Log Message:
-----------
cirrus: fix patterncopy checks
The blit_region_is_unsafe checks don't work correctly for the
patterncopy source. It's a fixed-sized region, which doesn't
depend on cirrus_blt_{width,height}. So go do the check in
cirrus_bitblt_common_patterncopy instead, then tell blit_is_unsafe that
it doesn't need to verify the source. Also handle the case where we
blit from cirrus_bitbuf correctly.
This patch replaces 5858dd1801883309bdd208d72ddb81c4e9fee30c.
Security impact: I think for the most part error on the safe side this
time, refusing blits which should have been allowed.
Only exception is placing the blit source at the end of the video ram,
so cirrus_blt_srcaddr + 256 goes beyond the end of video memory. But
even in that case I'm not fully sure this actually allows read access to
host memory. To trick the commit 5858dd18 security checks one has to
pick very small cirrus_blt_{width,height} values, which in turn implies
only a fraction of the blit source will actually be used.
Cc: Wolfgang Bumiller <address@hidden>
Cc: Dr. David Alan Gilbert <address@hidden>
Signed-off-by: Gerd Hoffmann <address@hidden>
Reviewed-by: Dr. David Alan Gilbert <address@hidden>
Reviewed-by: Wolfgang Bumiller <address@hidden>
Reviewed-by: Laurent Vivier <address@hidden>
Message-id: address@hidden
Commit: 12e97ec39931e5321645fd483ab761319d48bf16
https://github.com/qemu/qemu/commit/12e97ec39931e5321645fd483ab761319d48bf16
Author: Gerd Hoffmann <address@hidden>
Date: 2017-02-10 (Fri, 10 Feb 2017)
Changed paths:
M hw/display/cirrus_vga.c
Log Message:
-----------
Revert "cirrus: allow zero source pitch in pattern fill rops"
This reverts commit 5858dd1801883309bdd208d72ddb81c4e9fee30c.
Conflicts:
hw/display/cirrus_vga.c
Cc: Wolfgang Bumiller <address@hidden>
Cc: Dr. David Alan Gilbert <address@hidden>
Signed-off-by: Gerd Hoffmann <address@hidden>
Reviewed-by: Dr. David Alan Gilbert <address@hidden>
Reviewed-by: Laurent Vivier <address@hidden>
Message-id: address@hidden
Commit: df96bfab49dab2d0373e49b51bbb51ce72e1601e
https://github.com/qemu/qemu/commit/df96bfab49dab2d0373e49b51bbb51ce72e1601e
Author: Peter Maydell <address@hidden>
Date: 2017-02-13 (Mon, 13 Feb 2017)
Changed paths:
M hw/display/cirrus_vga.c
M hw/display/trace-events
M hw/display/vga.c
M hw/display/virtio-gpu-3d.c
M hw/display/virtio-gpu.c
Log Message:
-----------
Merge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20170213-1' into
staging
vga: bugfixes for cirrus and virtio-gpu
# gpg: Signature made Mon 13 Feb 2017 08:14:47 GMT
# gpg: using RSA key 0x4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <address@hidden>"
# gpg: aka "Gerd Hoffmann <address@hidden>"
# gpg: aka "Gerd Hoffmann (private) <address@hidden>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138
* remotes/kraxel/tags/pull-vga-20170213-1:
Revert "cirrus: allow zero source pitch in pattern fill rops"
cirrus: fix patterncopy checks
cirrus: replace debug printf with trace points
vga: replace debug printf with trace points
virtio-gpu: fix resource leak in virgl_cmd_resource_unref
virtio-gpu: fix memory leak in set scanout
Signed-off-by: Peter Maydell <address@hidden>
Compare: https://github.com/qemu/qemu/compare/0b4384d0bb98...df96bfab49da
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] dd248e: virtio-gpu: fix memory leak in set scanout,
GitHub <=