From: Ryan Harper <ryanh@us.ibm.com>
To: kvm-devel@lists.sourceforge.net
Subject: [PATCH] QEMU hotplug: check device name in drive_add
Date: Thu, 20 Mar 2008 16:21:52 -0500 [thread overview]
Message-ID: <20080320212152.GA3631@us.ibm.com> (raw)
Using drive_add with bogus devfn values would segfault QEMU when
attempting to add scsi devices. Attached patch checks in hotplug code
for appropriate devices that drive_add() will work with (looking before
leaping) and bails if you don't specify a proper device with your
bus,devfn.
--
Ryan Harper
Software Engineer; Linux Technology Center
IBM Corp., Austin, Tx
(512) 838-9253 T/L: 678-9253
ryanh@us.ibm.com
diffstat output:
device-hotplug.c | 14 +++++++++++++-
1 files changed, 13 insertions(+), 1 deletion(-)
Signed-off-by: Ryan Harper <ryanh@us.ibm.com>
---
When using drive_add in the QEMU monitor, if one specifies a bogus devfn to the
command while specifying a scsi disk (if=scsi), then QEMU segfaults due to
issues with getting a valid return from find_pci_dev, and vl.c setting unit_id=0
avoiding lsi_scsi_attach's check for a controller. Rather than muck through the
unit_id calculation (which does make sense for the case that users don't specify
a unit_id), in drive_add() we know that we only support the SCSI
controller and virtio_blk, so ignore any devfn that doesn't point to either type
of device.
Signed-off-by: Ryan Harper <ryanh@us.ibm.com>
diff --git a/qemu/hw/device-hotplug.c b/qemu/hw/device-hotplug.c
index 98a467c..a717d9b 100644
--- a/qemu/hw/device-hotplug.c
+++ b/qemu/hw/device-hotplug.c
@@ -55,7 +55,7 @@ void drive_hot_add(int pcibus, const char *devfn_string, const char *opts)
{
int drive_idx, type, bus;
int devfn;
- int success = 0;
+ int success = 0, valid_dev = 0;
PCIDevice *dev;
devfn = strtoul(devfn_string, NULL, 0);
@@ -67,6 +67,18 @@ void drive_hot_add(int pcibus, const char *devfn_string, const char *opts)
return;
}
+ if (!strcmp(dev->name, "LSI53C895A SCSI HBA")) {
+ valid_dev = 1;
+ } else if (!strcmp(dev->name, "virtio-blk")) {
+ valid_dev = 1;
+ }
+
+ if (!valid_dev) {
+ term_printf("Invalid PCI Device specified by bus:%d devfn:%d\n",
+ pcibus, devfn);
+ return;
+ }
+
drive_idx = add_init_drive(opts);
if (drive_idx < 0)
return;
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
reply other threads:[~2008-03-20 21:21 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080320212152.GA3631@us.ibm.com \
--to=ryanh@us.ibm.com \
--cc=kvm-devel@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.