[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-stable] [PATCH 22/37] virtio-ccw: Queue sanity check for notify hy
|
From: |
Michael Roth |
|
Subject: |
[Qemu-stable] [PATCH 22/37] virtio-ccw: Queue sanity check for notify hypercall. |
|
Date: |
Tue, 2 Apr 2013 16:45:27 -0500 |
From: Cornelia Huck <address@hidden>
Verify that the virtio-ccw notify hypercall passed a reasonable
value for queue.
Cc: address@hidden
Reported-by: Alexander Graf <address@hidden>
Signed-off-by: Cornelia Huck <address@hidden>
(cherry picked from commit b57ed9bf075e33cdd2f9eb545ff555301dd57221)
Signed-off-by: Michael Roth <address@hidden>
---
hw/s390x/s390-virtio-ccw.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c
index 6549211..f90b5e4 100644
--- a/hw/s390x/s390-virtio-ccw.c
+++ b/hw/s390x/s390-virtio-ccw.c
@@ -31,6 +31,9 @@ static int virtio_ccw_hcall_notify(const uint64_t *args)
if (!sch || !css_subch_visible(sch)) {
return -EINVAL;
}
+ if (queue >= VIRTIO_PCI_QUEUE_MAX) {
+ return -EINVAL;
+ }
virtio_queue_notify(virtio_ccw_get_vdev(sch), queue);
return 0;
--
1.7.9.5
- [Qemu-stable] [PATCH 07/37] help: add docs for multiqueue tap options, (continued)
- [Qemu-stable] [PATCH 07/37] help: add docs for multiqueue tap options, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 12/37] iscsi: look for pkg-config file too, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 13/37] scsi: do not call scsi_read_data/scsi_write_data for a canceled request, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 14/37] scsi-disk: do not complete canceled UNMAP requests, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 16/37] Allow virtio-net features for legacy s390 virtio bus, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 17/37] pseries: Add compatible property to root of device tree, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 15/37] rtc-test: Fix test failures with recent glib, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 18/37] qcow2: make is_allocated return true for zero clusters, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 19/37] qemu-ga: use key-value store to avoid recycling fd handles after restart, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 21/37] tcg: Fix occasional TCG broken problem when ldst optimization enabled, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 22/37] virtio-ccw: Queue sanity check for notify hypercall.,
Michael Roth <=
- [Qemu-stable] [PATCH 20/37] qga/main.c: Don't use g_key_file_get/set_int64, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 24/37] configure: Require at least spice-protocol-0.12.3, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 23/37] qemu-bridge-helper: force usage of a very high MAC address for the bridge, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 26/37] target-ppc: Fix CPU_POWERPC_MPC8547E, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 25/37] pseries: Add cleanup hook for PAPR virtual LAN device, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 33/37] linux-user/syscall.c: handle FUTEX_WAIT_BITSET in do_futex, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 35/37] linux-user: make bogus negative iovec lengths fail EINVAL, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 34/37] linux-user: fix futex strace of FUTEX_CLOCK_REALTIME, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 36/37] linux-user/syscall.c: Don't warn about unimplemented get_robust_list, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 29/37] Fix page_cache leak in cache_resize, Michael Roth, 2013/04/02