[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] b0588c: ati-vga: Do not allow unaligned acces
|
From: |
Peter Maydell |
|
Subject: |
[Qemu-commits] [qemu/qemu] b0588c: ati-vga: Do not allow unaligned access via index r... |
|
Date: |
Mon, 18 May 2020 12:15:32 -0700 |
Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: b0588cb51da6986715294bfec4b52f55612a666e
https://github.com/qemu/qemu/commit/b0588cb51da6986715294bfec4b52f55612a666e
Author: BALATON Zoltan <address@hidden>
Date: 2020-05-18 (Mon, 18 May 2020)
Changed paths:
M hw/display/ati.c
Log Message:
-----------
ati-vga: Do not allow unaligned access via index register
According to docs bits 1 and 0 of MM_INDEX are hard coded to 0 so
unaligned access via this register should not be possible.
This also fixes problems reported in bug #1878134.
Buglink: https://bugs.launchpad.net/qemu/+bug/1878134
Signed-off-by: BALATON Zoltan <address@hidden>
Tested-by: Alexander Bulekov <address@hidden>
Acked-by: Alexander Bulekov <address@hidden>
Message-id: address@hidden
Signed-off-by: Gerd Hoffmann <address@hidden>
Commit: 63dc3465d6e2c1c31769b0d099991ee978e6e311
https://github.com/qemu/qemu/commit/63dc3465d6e2c1c31769b0d099991ee978e6e311
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-05-18 (Mon, 18 May 2020)
Changed paths:
M hw/display/artist.c
M hw/display/next-fb.c
Log Message:
-----------
hw/display: Include local 'framebuffer.h'
The "framebuffer.h" header is not an exported include.
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Reviewed-by: Thomas Huth <address@hidden>
Reviewed-by: Richard Henderson <address@hidden>
Message-id: address@hidden
Signed-off-by: Gerd Hoffmann <address@hidden>
Commit: 2fc979cb9d717161c1dfde69fa5fe495c1ab03e9
https://github.com/qemu/qemu/commit/2fc979cb9d717161c1dfde69fa5fe495c1ab03e9
Author: Gerd Hoffmann <address@hidden>
Date: 2020-05-18 (Mon, 18 May 2020)
Changed paths:
M hw/display/ramfb-standalone.c
M hw/display/ramfb.c
M hw/vfio/display.c
M include/hw/display/ramfb.h
M stubs/ramfb.c
Log Message:
-----------
Revert "hw/display/ramfb: initialize fw-config space with xres/ yres"
This reverts commit f79081b4b71b72640bedd40a7cd76f864c8287f1.
Patch has broken byteorder handling: RAMFBCfg fields are in bigendian
byteorder, the reset function doesn't care so native byteorder is used
instead. Given this went unnoticed so far the feature is obviously
unused, so just revert the patch.
Cc: Hou Qiming <address@hidden>
Signed-off-by: Gerd Hoffmann <address@hidden>
Acked-by: Laszlo Ersek <address@hidden>
Message-id: address@hidden
Commit: c326eedc7584b94f6f9f3b8ba61a6e9ff04ad681
https://github.com/qemu/qemu/commit/c326eedc7584b94f6f9f3b8ba61a6e9ff04ad681
Author: Gerd Hoffmann <address@hidden>
Date: 2020-05-18 (Mon, 18 May 2020)
Changed paths:
M hw/display/ramfb.c
Log Message:
-----------
Revert "hw/display/ramfb: lock guest resolution after it's set"
This reverts commit a9e0cb67b7f4c485755659f9b764c38b5f970de4.
This breaks OVMF. Reproducer: Just hit 'ESC' at early boot to enter
firmware setup. OVMF wants switch from (default) 800x600 to 640x480 for
that, and this patch blocks it.
Cc: Hou Qiming <address@hidden>
Signed-off-by: Gerd Hoffmann <address@hidden>
Reviewed-by: Laszlo Ersek <address@hidden>
Message-id: address@hidden
Commit: 46a298d60271f03d4f85031827426fca67af2a20
https://github.com/qemu/qemu/commit/46a298d60271f03d4f85031827426fca67af2a20
Author: Gerd Hoffmann <address@hidden>
Date: 2020-05-18 (Mon, 18 May 2020)
Changed paths:
M hw/display/ramfb.c
Log Message:
-----------
ramfb: drop leftover debug message
Signed-off-by: Gerd Hoffmann <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Reviewed-by: Laszlo Ersek <address@hidden>
Message-id: address@hidden
Commit: 19aaee2a65a26693fe0a30b5a0746f967774e278
https://github.com/qemu/qemu/commit/19aaee2a65a26693fe0a30b5a0746f967774e278
Author: Gerd Hoffmann <address@hidden>
Date: 2020-05-18 (Mon, 18 May 2020)
Changed paths:
M hw/display/ramfb.c
Log Message:
-----------
ramfb: don't update RAMFBState on errors
Store width & height & surface in local variables. Update RAMFBState
with the new values only in case the ramfb_create_display_surface() call
succeeds.
Signed-off-by: Gerd Hoffmann <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Reviewed-by: Laszlo Ersek <address@hidden>
Message-id: address@hidden
Commit: 819c83e27895472befbfee67d3d7d089c61d7fbd
https://github.com/qemu/qemu/commit/819c83e27895472befbfee67d3d7d089c61d7fbd
Author: Gerd Hoffmann <address@hidden>
Date: 2020-05-18 (Mon, 18 May 2020)
Changed paths:
M hw/display/ramfb.c
Log Message:
-----------
ramfb: add sanity checks to ramfb_create_display_surface
Signed-off-by: Gerd Hoffmann <address@hidden>
Reviewed-by: Laszlo Ersek <address@hidden>
Message-id: address@hidden
Commit: 3fcf15df0073a76d37e2816597771d4c9763e413
https://github.com/qemu/qemu/commit/3fcf15df0073a76d37e2816597771d4c9763e413
Author: Gerd Hoffmann <address@hidden>
Date: 2020-05-18 (Mon, 18 May 2020)
Changed paths:
M hw/display/ramfb.c
Log Message:
-----------
ramfb: fix size calculation
size calculation isn't correct with guest-supplied stride, the last
display line isn't accounted for correctly.
For the typical case of stride > linesize (add padding) we error on the
safe side (calculated size is larger than actual size).
With stride < linesize (scanlines overlap) the calculated size is
smaller than the actual size though so our guest memory mapping might
end up being too small.
While being at it also fix ramfb_create_display_surface to use hwaddr
for the parameters. That way all calculation are done with hwaddr type
and we can't get funny effects from type castings.
Signed-off-by: Gerd Hoffmann <address@hidden>
Acked-by: Laszlo Ersek <address@hidden>
Message-id: address@hidden
Commit: a28c9c8c9fc42484efe1bf5a77affe842e54e38b
https://github.com/qemu/qemu/commit/a28c9c8c9fc42484efe1bf5a77affe842e54e38b
Author: Peter Maydell <address@hidden>
Date: 2020-05-18 (Mon, 18 May 2020)
Changed paths:
M hw/display/artist.c
M hw/display/ati.c
M hw/display/next-fb.c
M hw/display/ramfb-standalone.c
M hw/display/ramfb.c
M hw/vfio/display.c
M include/hw/display/ramfb.h
M stubs/ramfb.c
Log Message:
-----------
Merge remote-tracking branch 'remotes/kraxel/tags/vga-20200518-pull-request'
into staging
vga: ati-vga bugfix, ramfb cleanups and fixes.
# gpg: Signature made Mon 18 May 2020 16:12:11 BST
# gpg: using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <address@hidden>" [full]
# gpg: aka "Gerd Hoffmann <address@hidden>" [full]
# gpg: aka "Gerd Hoffmann (private) <address@hidden>" [full]
# Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138
* remotes/kraxel/tags/vga-20200518-pull-request:
ramfb: fix size calculation
ramfb: add sanity checks to ramfb_create_display_surface
ramfb: don't update RAMFBState on errors
ramfb: drop leftover debug message
Revert "hw/display/ramfb: lock guest resolution after it's set"
Revert "hw/display/ramfb: initialize fw-config space with xres/ yres"
hw/display: Include local 'framebuffer.h'
ati-vga: Do not allow unaligned access via index register
Signed-off-by: Peter Maydell <address@hidden>
Compare: https://github.com/qemu/qemu/compare/debe78ce14bf...a28c9c8c9fc4
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] b0588c: ati-vga: Do not allow unaligned access via index r...,
Peter Maydell <=