* [Qemu-devel] [PULL 1/4] qdev: fix 64 bit properties
2015-07-13 12:04 [Qemu-devel] [PULL 0/4] pc,virtio: fixes for 2.4 Michael S. Tsirkin
@ 2015-07-13 12:04 ` Michael S. Tsirkin
2015-07-13 12:04 ` [Qemu-devel] [PULL 2/4] virtio-pci: don't crash on illegal length Michael S. Tsirkin
` (2 subsequent siblings)
3 siblings, 0 replies; 6+ messages in thread
From: Michael S. Tsirkin @ 2015-07-13 12:04 UTC (permalink / raw)
To: qemu-devel
Cc: Kevin Wolf, Peter Maydell, Eduardo Habkost, Markus Armbruster,
Christian Borntraeger, Stefan Hajnoczi, Cornelia Huck,
Paolo Bonzini
From: Cornelia Huck <cornelia.huck@de.ibm.com>
64 bit props used 32 bit callbacks in two places, leading to broken
feature bits on virtio (example: got 0x31000000000006d4 which is
obviously bogus). Fix this.
Fixes: fdba6d96 ("qdev: add 64bit properties")
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Tested-by: Christian Borntraeger <borntraeger@de.ibm.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
---
include/hw/qdev-properties.h | 2 +-
hw/core/qdev-properties.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/include/hw/qdev-properties.h b/include/hw/qdev-properties.h
index 0cfff1c..77538a8 100644
--- a/include/hw/qdev-properties.h
+++ b/include/hw/qdev-properties.h
@@ -53,7 +53,7 @@ extern PropertyInfo qdev_prop_arraylen;
}
#define DEFINE_PROP_BIT64(_name, _state, _field, _bit, _defval) { \
.name = (_name), \
- .info = &(qdev_prop_bit), \
+ .info = &(qdev_prop_bit64), \
.bitnr = (_bit), \
.offset = offsetof(_state, _field) \
+ type_check(uint64_t, typeof_field(_state, _field)), \
diff --git a/hw/core/qdev-properties.c b/hw/core/qdev-properties.c
index e9e686f..04fd80a 100644
--- a/hw/core/qdev-properties.c
+++ b/hw/core/qdev-properties.c
@@ -130,7 +130,7 @@ PropertyInfo qdev_prop_bit = {
static uint64_t qdev_get_prop_mask64(Property *prop)
{
- assert(prop->info == &qdev_prop_bit);
+ assert(prop->info == &qdev_prop_bit64);
return 0x1ull << prop->bitnr;
}
--
MST
^ permalink raw reply related [flat|nested] 6+ messages in thread* [Qemu-devel] [PULL 2/4] virtio-pci: don't crash on illegal length
2015-07-13 12:04 [Qemu-devel] [PULL 0/4] pc,virtio: fixes for 2.4 Michael S. Tsirkin
2015-07-13 12:04 ` [Qemu-devel] [PULL 1/4] qdev: fix 64 bit properties Michael S. Tsirkin
@ 2015-07-13 12:04 ` Michael S. Tsirkin
2015-07-13 12:04 ` [Qemu-devel] [PULL 3/4] Revert "virtio-net: enable virtio 1.0" Michael S. Tsirkin
2015-07-13 12:04 ` [Qemu-devel] [PULL 4/4] pc: fix reuse of pc-i440fx-2.4 in pc-i440fx-2.3 Michael S. Tsirkin
3 siblings, 0 replies; 6+ messages in thread
From: Michael S. Tsirkin @ 2015-07-13 12:04 UTC (permalink / raw)
To: qemu-devel; +Cc: Peter Maydell
Some guests seem to access cfg with an illegal length value.
It's worth fixing them but debugging is easier if
qemu does not crash.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
---
hw/virtio/virtio-pci.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
index 6ca0258..c5e8cc0 100644
--- a/hw/virtio/virtio-pci.c
+++ b/hw/virtio/virtio-pci.c
@@ -546,7 +546,8 @@ static void virtio_write_config(PCIDevice *pci_dev, uint32_t address,
off = le32_to_cpu(cfg->cap.offset);
len = le32_to_cpu(cfg->cap.length);
- if (len <= sizeof cfg->pci_cfg_data) {
+ if (len == 1 || len == 2 || len == 4) {
+ assert(len <= sizeof cfg->pci_cfg_data);
virtio_address_space_write(&proxy->modern_as, off,
cfg->pci_cfg_data, len);
}
@@ -570,7 +571,8 @@ static uint32_t virtio_read_config(PCIDevice *pci_dev,
off = le32_to_cpu(cfg->cap.offset);
len = le32_to_cpu(cfg->cap.length);
- if (len <= sizeof cfg->pci_cfg_data) {
+ if (len == 1 || len == 2 || len == 4) {
+ assert(len <= sizeof cfg->pci_cfg_data);
virtio_address_space_read(&proxy->modern_as, off,
cfg->pci_cfg_data, len);
}
--
MST
^ permalink raw reply related [flat|nested] 6+ messages in thread* [Qemu-devel] [PULL 3/4] Revert "virtio-net: enable virtio 1.0"
2015-07-13 12:04 [Qemu-devel] [PULL 0/4] pc,virtio: fixes for 2.4 Michael S. Tsirkin
2015-07-13 12:04 ` [Qemu-devel] [PULL 1/4] qdev: fix 64 bit properties Michael S. Tsirkin
2015-07-13 12:04 ` [Qemu-devel] [PULL 2/4] virtio-pci: don't crash on illegal length Michael S. Tsirkin
@ 2015-07-13 12:04 ` Michael S. Tsirkin
2015-07-13 12:04 ` [Qemu-devel] [PULL 4/4] pc: fix reuse of pc-i440fx-2.4 in pc-i440fx-2.3 Michael S. Tsirkin
3 siblings, 0 replies; 6+ messages in thread
From: Michael S. Tsirkin @ 2015-07-13 12:04 UTC (permalink / raw)
To: qemu-devel; +Cc: Cornelia Huck, Peter Maydell, Jason Wang
From: Jason Wang <jasowang@redhat.com>
This reverts commit df91055db5c9cee93d70ca8c08d72119a240b987.
This is because:
- vhost support virtio 1.0 now
- transport code (e.g virtio-pci) set this feature when modern is
enabled, setting this unconditionally will break disable-modern=on.
Cc: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
---
hw/net/virtio-net.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
index d728233..e3c2db3 100644
--- a/hw/net/virtio-net.c
+++ b/hw/net/virtio-net.c
@@ -466,7 +466,6 @@ static uint64_t virtio_net_get_features(VirtIODevice *vdev, uint64_t features)
}
if (!get_vhost_net(nc->peer)) {
- virtio_add_feature(&features, VIRTIO_F_VERSION_1);
return features;
}
return vhost_net_get_features(get_vhost_net(nc->peer), features);
--
MST
^ permalink raw reply related [flat|nested] 6+ messages in thread* [Qemu-devel] [PULL 4/4] pc: fix reuse of pc-i440fx-2.4 in pc-i440fx-2.3
2015-07-13 12:04 [Qemu-devel] [PULL 0/4] pc,virtio: fixes for 2.4 Michael S. Tsirkin
` (2 preceding siblings ...)
2015-07-13 12:04 ` [Qemu-devel] [PULL 3/4] Revert "virtio-net: enable virtio 1.0" Michael S. Tsirkin
@ 2015-07-13 12:04 ` Michael S. Tsirkin
3 siblings, 0 replies; 6+ messages in thread
From: Michael S. Tsirkin @ 2015-07-13 12:04 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Eduardo Habkost, Michael Roth,
Dr. David Alan Gilbert, Paolo Bonzini, Laszlo Ersek,
Richard Henderson
From: Eduardo Habkost <ehabkost@redhat.com>
commit fddd179ab962f6f78a8493742e1068d6a620e059,
"pc: Convert *_MACHINE_OPTIONS macros into functions"
broke the chaining of *_machine_options() functions on
pc-i440fx-2.3, at:
-#define PC_I440FX_2_3_MACHINE_OPTIONS \
- PC_I440FX_2_4_MACHINE_OPTIONS, \
- .alias = NULL, \
- .is_default = 0
+static void pc_i440fx_2_3_machine_options(QEMUMachine *m)
+{
+ pc_i440fx_machine_options(m);
+ m->alias = NULL;
+ m->is_default = 0;
+}
I have replaced PC_I440FX_2_4_MACHINE_OPTIONS with a
pc_i440fx_machine_options() call, instead of calling
pc_i440fx_2_4_machine_options(). This broke the setting of default_machine_opts
and default_display on pc-i440fx-{2.0,2,1,2.2,2.3}.
Fix this by making pc_i440fx_2_3_machine_options() reuse
pc_i440fx_2_4_machine_options().
Reported-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
---
hw/i386/pc_piix.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 0f99fdc..916d626 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -490,7 +490,7 @@ DEFINE_I440FX_MACHINE(v2_4, "pc-i440fx-2.4", NULL,
static void pc_i440fx_2_3_machine_options(MachineClass *m)
{
- pc_i440fx_machine_options(m);
+ pc_i440fx_2_4_machine_options(m);
m->alias = NULL;
m->is_default = 0;
SET_MACHINE_COMPAT(m, PC_COMPAT_2_3);
--
MST
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [Qemu-devel] [PULL 1/4] qdev: fix 64 bit properties
2015-07-13 12:23 [Qemu-devel] [PULL 0/4] pc,virtio: fixes for 2.4 Michael S. Tsirkin
@ 2015-07-13 12:23 ` Michael S. Tsirkin
0 siblings, 0 replies; 6+ messages in thread
From: Michael S. Tsirkin @ 2015-07-13 12:23 UTC (permalink / raw)
To: qemu-devel
Cc: Kevin Wolf, Peter Maydell, Eduardo Habkost, Markus Armbruster,
Christian Borntraeger, Stefan Hajnoczi, Cornelia Huck,
Paolo Bonzini
From: Cornelia Huck <cornelia.huck@de.ibm.com>
64 bit props used 32 bit callbacks in two places, leading to broken
feature bits on virtio (example: got 0x31000000000006d4 which is
obviously bogus). Fix this.
Fixes: fdba6d96 ("qdev: add 64bit properties")
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Tested-by: Christian Borntraeger <borntraeger@de.ibm.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
---
include/hw/qdev-properties.h | 2 +-
hw/core/qdev-properties.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/include/hw/qdev-properties.h b/include/hw/qdev-properties.h
index 0cfff1c..77538a8 100644
--- a/include/hw/qdev-properties.h
+++ b/include/hw/qdev-properties.h
@@ -53,7 +53,7 @@ extern PropertyInfo qdev_prop_arraylen;
}
#define DEFINE_PROP_BIT64(_name, _state, _field, _bit, _defval) { \
.name = (_name), \
- .info = &(qdev_prop_bit), \
+ .info = &(qdev_prop_bit64), \
.bitnr = (_bit), \
.offset = offsetof(_state, _field) \
+ type_check(uint64_t, typeof_field(_state, _field)), \
diff --git a/hw/core/qdev-properties.c b/hw/core/qdev-properties.c
index e9e686f..04fd80a 100644
--- a/hw/core/qdev-properties.c
+++ b/hw/core/qdev-properties.c
@@ -130,7 +130,7 @@ PropertyInfo qdev_prop_bit = {
static uint64_t qdev_get_prop_mask64(Property *prop)
{
- assert(prop->info == &qdev_prop_bit);
+ assert(prop->info == &qdev_prop_bit64);
return 0x1ull << prop->bitnr;
}
--
MST
^ permalink raw reply related [flat|nested] 6+ messages in thread