From: John Snow <jsnow@redhat.com>
To: qemu-block@nongnu.org
Cc: peter.maydell@linaro.org, zuozhi.fzz@alibaba-inc.com,
pbonzini@redhat.com, pjp@fedoraproject.org,
qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PATCH 0/4] ahci: unmap fixes
Date: Mon, 8 Feb 2016 11:53:45 -0500 [thread overview]
Message-ID: <56B8C819.2090806@redhat.com> (raw)
In-Reply-To: <1454103689-13042-1-git-send-email-jsnow@redhat.com>
PJP, ping? Look good?
On 01/29/2016 04:41 PM, John Snow wrote:
> As reported by Zuozhi fzz <zuozhi.fzz@alibaba-inc.com>, there's a problem
> you can expose in AHCI by rewriting the command list buffer and/or FIS
> receive buffer addresses, then re-starting the AHCI device before bringing
> it to a stop. Depending on the success of the remap operations, you may
> be able to transition the device to a state where it thinks it is "running"
> but no longer has a guest memory mapping.
>
> When you try to transition it to the stopped state, QEMU crashes.
>
> Tighten up the start/stop conditions, and pepper in a paranoia check inside
> of the unmap function.
>
> ________________________________________________________________________________
>
> For convenience, this branch is available at:
> https://github.com/jnsnow/qemu.git branch ahci-unmap-fixes
> https://github.com/jnsnow/qemu/tree/ahci-unmap-fixes
>
> This version is tagged ahci-unmap-fixes-v1:
> https://github.com/jnsnow/qemu/releases/tag/ahci-unmap-fixes-v1
>
> John Snow (4):
> ahci: Do not unmap NULL addresses
> ahci: handle LIST_ON and FIS_ON in map helpers
> ahci: explicitly reject bad engine states on post_load
> ahci: prohibit "restarting" the FIS or CLB engines
>
> hw/ide/ahci.c | 96 ++++++++++++++++++++++++++++++++++++-----------------------
> 1 file changed, 59 insertions(+), 37 deletions(-)
>
next prev parent reply other threads:[~2016-02-08 16:53 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-29 21:41 [Qemu-devel] [PATCH 0/4] ahci: unmap fixes John Snow
2016-01-29 21:41 ` [Qemu-devel] [PATCH 1/4] ahci: Do not unmap NULL addresses John Snow
2016-01-29 21:41 ` [Qemu-devel] [PATCH 2/4] ahci: handle LIST_ON and FIS_ON in map helpers John Snow
2016-01-29 21:41 ` [Qemu-devel] [PATCH 3/4] ahci: explicitly reject bad engine states on post_load John Snow
2016-01-29 21:41 ` [Qemu-devel] [PATCH 4/4] ahci: prohibit "restarting" the FIS or CLB engines John Snow
2016-02-08 16:53 ` John Snow [this message]
2016-02-09 17:38 ` [Qemu-devel] [PATCH 0/4] ahci: unmap fixes P J P
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56B8C819.2090806@redhat.com \
--to=jsnow@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=pjp@fedoraproject.org \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=zuozhi.fzz@alibaba-inc.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.