From: Chris Lalancette <clalance-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
To: Avi Kivity <avi-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
Cc: kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
Subject: Re: [PATCH]: Fix memory corruption in-kernel IOAPIC emulation
Date: Tue, 05 Feb 2008 10:58:05 -0500 [thread overview]
Message-ID: <47A8878D.6020907@redhat.com> (raw)
In-Reply-To: <47A177BE.6020300-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
[-- Attachment #1: Type: text/plain, Size: 479 bytes --]
Another version of the patch, taking into account more of Avi's comments. This
one was tested the same way as the previous one, by doing all the combinations
of new and old QEMU versions; the results were the same as last time:
old -> old: Bug
old -> new: Sane values, but not transferred over the wire
new -> old: Graceful fail, version mismatch
new -> new: Fixed values, taken from the wire
Signed-off-by: Chris Lalancette <clalance-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
[-- Attachment #2: kvm-60-qemu-fix-ioapic-migration4.patch --]
[-- Type: text/x-patch, Size: 2640 bytes --]
diff --git a/qemu/hw/apic.c b/qemu/hw/apic.c
index a47c366..21e5790 100644
--- a/qemu/hw/apic.c
+++ b/qemu/hw/apic.c
@@ -64,6 +64,7 @@ extern kvm_context_t kvm_context;
/* FIXME: it's now hard coded to be equal with KVM_IOAPIC_NUM_PINS */
#define IOAPIC_NUM_PINS 0x18
+#define IOAPIC_DEFAULT_BASE_ADDRESS 0xfec00000
#define ESR_ILLEGAL_ADDRESS (1 << 7)
@@ -98,6 +99,7 @@ typedef struct APICState {
struct IOAPICState {
uint8_t id;
uint8_t ioregsel;
+ uint64_t base_address;
uint32_t irr;
uint64_t ioredtbl[IOAPIC_NUM_PINS];
@@ -1145,6 +1147,8 @@ static void kvm_kernel_ioapic_save_to_user(IOAPICState *s)
s->id = kioapic->id;
s->ioregsel = kioapic->ioregsel;
+ s->base_address = kioapic->base_address;
+ s->irr = kioapic->irr;
for (i = 0; i < IOAPIC_NUM_PINS; i++) {
s->ioredtbl[i] = kioapic->redirtbl[i].bits;
}
@@ -1163,6 +1167,8 @@ static void kvm_kernel_ioapic_load_from_user(IOAPICState *s)
kioapic->id = s->id;
kioapic->ioregsel = s->ioregsel;
+ kioapic->base_address = s->base_address;
+ kioapic->irr = s->irr;
for (i = 0; i < IOAPIC_NUM_PINS; i++) {
kioapic->redirtbl[i].bits = s->ioredtbl[i];
}
@@ -1185,6 +1191,8 @@ static void ioapic_save(QEMUFile *f, void *opaque)
qemu_put_8s(f, &s->id);
qemu_put_8s(f, &s->ioregsel);
+ qemu_put_be64s(f, &s->base_address);
+ qemu_put_be32s(f, &s->irr);
for (i = 0; i < IOAPIC_NUM_PINS; i++) {
qemu_put_be64s(f, &s->ioredtbl[i]);
}
@@ -1195,11 +1203,21 @@ static int ioapic_load(QEMUFile *f, void *opaque, int version_id)
IOAPICState *s = opaque;
int i;
- if (version_id != 1)
+ if (version_id < 1 || version_id > 2)
return -EINVAL;
qemu_get_8s(f, &s->id);
qemu_get_8s(f, &s->ioregsel);
+ if (version_id == 2) {
+ /* for version 2, we get this data off of the wire */
+ qemu_get_be64s(f, &s->base_address);
+ qemu_get_be32s(f, &s->irr);
+ }
+ else {
+ /* in case we are doing version 1, we just set these to sane values */
+ s->base_address = IOAPIC_DEFAULT_BASE_ADDRESS;
+ s->irr = 0;
+ }
for (i = 0; i < IOAPIC_NUM_PINS; i++) {
qemu_get_be64s(f, &s->ioredtbl[i]);
}
@@ -1250,7 +1268,7 @@ IOAPICState *ioapic_init(void)
ioapic_mem_write, s);
cpu_register_physical_memory(0xfec00000, 0x1000, io_memory);
- register_savevm("ioapic", 0, 1, ioapic_save, ioapic_load, s);
+ register_savevm("ioapic", 0, 2, ioapic_save, ioapic_load, s);
qemu_register_reset(ioapic_reset, s);
return s;
[-- Attachment #3: Type: text/plain, Size: 228 bytes --]
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
[-- Attachment #4: Type: text/plain, Size: 186 bytes --]
_______________________________________________
kvm-devel mailing list
kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
https://lists.sourceforge.net/lists/listinfo/kvm-devel
prev parent reply other threads:[~2008-02-05 15:58 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-01-29 23:24 [PATCH]: Fix memory corruption in-kernel IOAPIC emulation Chris Lalancette
[not found] ` <479FB5C6.6060204-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2008-01-30 10:04 ` Avi Kivity
[not found] ` <47A04BB3.7020302-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
2008-01-30 13:28 ` Chris Lalancette
2008-01-30 16:39 ` Chris Lalancette
[not found] ` <47A0A830.8040900-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2008-01-30 16:54 ` Avi Kivity
2008-01-30 21:03 ` Chris Lalancette
[not found] ` <47A0E613.7080408-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2008-01-31 7:24 ` Avi Kivity
[not found] ` <47A177BE.6020300-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
2008-02-05 15:58 ` Chris Lalancette [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47A8878D.6020907@redhat.com \
--to=clalance-h+wxahxf7alqt0dzr+alfa@public.gmane.org \
--cc=avi-atKUWr5tajBWk0Htik3J/w@public.gmane.org \
--cc=kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox