[Qemu-devel] [PATCH 03/32] ehci: Verify guest does not change the token of inflight qtd-s

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: Gerd Hoffmann <kraxel@redhat.com>
To: qemu-devel@nongnu.org
Cc: Hans de Goede <hdegoede@redhat.com>, Gerd Hoffmann <kraxel@redhat.com>
Subject: [Qemu-devel] [PATCH 03/32] ehci: Verify guest does not change the token of inflight qtd-s
Date: Tue,  8 Jan 2013 14:14:25 +0100	[thread overview]
Message-ID: <1357650894-16982-4-git-send-email-kraxel@redhat.com> (raw)
In-Reply-To: <1357650894-16982-1-git-send-email-kraxel@redhat.com>

From: Hans de Goede <hdegoede@redhat.com>

This is not allowed, except for clearing active on cancellation, so don't
warn when the new token does not have its active bit set.

This unifies the cancellation path for modified qtd-s, and prepares
ehci_verify_qtd to be used ad an extra check inside
ehci_writeback_async_complete_packet().

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 hw/usb/hcd-ehci.c |   10 ++++------
 1 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
index 0d31597..04301ce 100644
--- a/hw/usb/hcd-ehci.c
+++ b/hw/usb/hcd-ehci.c
@@ -461,6 +461,7 @@ static bool ehci_verify_qtd(EHCIPacket *p, EHCIqtd *qtd)
         (p->queue->async && !NLPTR_TBIT(p->qtd.next) &&
             (p->qtd.next != qtd->next)) ||
         (!NLPTR_TBIT(p->qtd.altnext) && (p->qtd.altnext != qtd->altnext)) ||
+        p->qtd.token != qtd->token ||
         p->qtd.bufptr[0] != qtd->bufptr[0]) {
         return false;
     } else {
@@ -1793,7 +1794,9 @@ static int ehci_state_fetchqtd(EHCIQueue *q)
     if (p != NULL) {
         if (!ehci_verify_qtd(p, &qtd)) {
             ehci_cancel_queue(q);
-            ehci_trace_guest_bug(q->ehci, "guest updated active QH or qTD");
+            if (qtd.token & QTD_TOKEN_ACTIVE) {
+                ehci_trace_guest_bug(q->ehci, "guest updated active qTD");
+            }
             p = NULL;
         } else {
             p->qtd = qtd;
@@ -1802,11 +1805,6 @@ static int ehci_state_fetchqtd(EHCIQueue *q)
     }
 
     if (!(qtd.token & QTD_TOKEN_ACTIVE)) {
-        if (p != NULL) {
-            /* transfer canceled by guest (clear active) */
-            ehci_cancel_queue(q);
-            p = NULL;
-        }
         ehci_set_state(q->ehci, q->async, EST_HORIZONTALQH);
     } else if (p != NULL) {
         switch (p->async) {
-- 
1.7.1

next prev parent reply	other threads:[~2013-01-08 13:15 UTC|newest]

Thread overview: 37+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-01-08 13:14 [Qemu-devel] [PULL 00/32] usb patch queue Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 01/32] ehci: Add a ehci_writeback_async_complete_packet helper function Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 02/32] ehci: Add ehci_verify_qh and ehci_verify_qtd helper functions Gerd Hoffmann
2013-01-08 13:14 ` Gerd Hoffmann [this message]
2013-01-08 13:14 ` [Qemu-devel] [PATCH 04/32] ehci: Move get / put_dwords upwards Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 05/32] ehci: writeback_async_complete_packet: verify qh and qtd Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 06/32] ehci: Verify qtd for async completed packets Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 07/32] ehci: Add an ehci_get_pid helper function Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 08/32] ehci: Verify a queue's ep direction does not change Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 09/32] ehci: Use uframe precision for interrupt threshold checking (v2) Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 10/32] ehci: Further speedup rescanning if async schedule after raising an interrupt Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 11/32] ehci: Don't call commit_irq after raising PCD Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 12/32] uhci: Fix 1 ms delay in interrupt reporting to the guest Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 13/32] uhci: Fix pending interrupts getting lost on migration Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 14/32] uhci: Add a QH_VALID define Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 15/32] uhci: Limit amount of frames processed in one go Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 16/32] uhci: Maximize how many frames we catch up when behind Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 17/32] hid: Change idle handling to use a timer Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 18/32] usb: Fix usb_ep_find_packet_by_id Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 19/32] usb: Add an usb_device_ep_stopped USBDevice method Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 20/32] usbredir: Add an usbredir_stop_ep helper function Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 21/32] usbredir: Add USBEP2I and I2USBEP helper macros Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 22/32] usbredir: Add ep_stopped USBDevice method Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 23/32] usbredir: Verify we have 32 bits bulk length cap when redirecting to xhci Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 24/32] usbredir: Add usbredir_init_endpoints() helper Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 25/32] usb-redir: Add debugging to bufpq save / restore Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 26/32] xhci: call set-address with dummy usbpacket Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 27/32] usb/ehci: Clean up SysBus and PCI EHCI split Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 28/32] usb/ehci: Move capsbase and opregbase into SysBus EHCI class Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 29/32] usb/ehci: Add SysBus EHCI device for Exynos4210 Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 30/32] exynos4210: Add EHCI support Gerd Hoffmann
2013-01-08 13:14 ` [Qemu-devel] [PATCH 31/32] usbredir: Add support for buffered bulk input (v2) Gerd Hoffmann
2013-01-09 20:52   ` Blue Swirl
2013-01-09 22:04     ` Hans de Goede
2013-01-12 10:21       ` Blue Swirl
2013-01-08 13:14 ` [Qemu-devel] [PATCH 32/32] uhci: stop using portio lists Gerd Hoffmann
2013-01-08 20:34 ` [Qemu-devel] [PULL 00/32] usb patch queue Anthony Liguori

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:0d31597 dfblob:04301ce )
 OR (
bs:"[Qemu-devel] [PATCH 03/32] ehci: Verify guest does not change the token of inflight qtd-s" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1357650894-16982-4-git-send-email-kraxel@redhat.com \
    --to=kraxel@redhat.com \
    --cc=hdegoede@redhat.com \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).