From: Greg Kurz <gkurz@linux.vnet.ibm.com>
To: David Gibson <david@gibson.dropbear.id.au>
Cc: qemu-ppc@nongnu.org, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PATCH] spapr_vty: lookup should only return valid VTY objects
Date: Tue, 30 Jun 2015 14:31:10 +0200 [thread overview]
Message-ID: <20150630143110.6507c553@bahia.local> (raw)
In-Reply-To: <20150630120431.11866.32507.stgit@bahia.lab.toulouse-stg.fr.ibm.com>
On Tue, 30 Jun 2015 14:04:31 +0200
Greg Kurz <gkurz@linux.vnet.ibm.com> wrote:
> If a guest passes the reg property of a valid VIO object that is not a VTY
> to either H_GET_TERM_CHAR or H_PUT_TERM_CHAR, QEMU hits a dynamic cast
> assertion and aborts.
>
> PAPR+ says "Hypervisor checks the termno parameter for validity against the
> Vterm IOA unit addresses assigned to the partition, else return H_Parameter."
>
> This patch adds a type check to ensure vty_lookup() either returns a pointer
> to a valid VTY object or NULL. H_GET_TERM_CHAR and H_PUT_TERM_CHAR will
> now return H_PARAMETER to the guest instead of crashing.
>
> The patch has no effect on the reg == 0 hack used to implement the RTAS call
> display-character.
>
> Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
> ---
Oops I forgot to Cc: the QEMU PPC mailing list...
> hw/char/spapr_vty.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/char/spapr_vty.c b/hw/char/spapr_vty.c
> index 4e464bd15a54..7eeacde31d27 100644
> --- a/hw/char/spapr_vty.c
> +++ b/hw/char/spapr_vty.c
> @@ -228,7 +228,7 @@ VIOsPAPRDevice *vty_lookup(sPAPREnvironment *spapr, target_ulong reg)
> return spapr_vty_get_default(spapr->vio_bus);
> }
>
> - return sdev;
> + return object_dynamic_cast(sdev, TYPE_VIO_SPAPR_VTY_DEVICE);
> }
>
> static void spapr_vty_register_types(void)
>
>
next prev parent reply other threads:[~2015-06-30 12:31 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-06-30 12:04 [Qemu-devel] [PATCH] spapr_vty: lookup should only return valid VTY objects Greg Kurz
2015-06-30 12:31 ` Greg Kurz [this message]
2015-07-01 3:46 ` David Gibson
-- strict thread matches above, loose matches on Subject: below --
2015-07-01 3:51 David Gibson
2015-07-01 5:23 ` David Gibson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150630143110.6507c553@bahia.local \
--to=gkurz@linux.vnet.ibm.com \
--cc=david@gibson.dropbear.id.au \
--cc=qemu-devel@nongnu.org \
--cc=qemu-ppc@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.