From: Michael Roth <mdroth@linux.vnet.ibm.com>
To: qemu-devel@nongnu.org
Cc: Kevin Wolf <kwolf@redhat.com>, qemu-stable@nongnu.org
Subject: [Qemu-devel] [PATCH 53/53] ide: Clear DRQ after handling all expected accesses
Date: Thu, 30 Jul 2015 06:33:08 -0500 [thread overview]
Message-ID: <1438255988-10418-54-git-send-email-mdroth@linux.vnet.ibm.com> (raw)
In-Reply-To: <1438255988-10418-1-git-send-email-mdroth@linux.vnet.ibm.com>
From: Kevin Wolf <kwolf@redhat.com>
This is additional hardening against an end_transfer_func that fails to
clear the DRQ status bit. The bit must be unset as soon as the PIO
transfer has completed, so it's better to do this in a central place
instead of duplicating the code in all commands (and forgetting it in
some).
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
(cherry picked from commit cb72cba83021fa42719e73a5249c12096a4d1cfc)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
---
hw/ide/core.c | 16 ++++++++++++----
1 file changed, 12 insertions(+), 4 deletions(-)
diff --git a/hw/ide/core.c b/hw/ide/core.c
index 17153f5..822519b 100644
--- a/hw/ide/core.c
+++ b/hw/ide/core.c
@@ -2028,8 +2028,10 @@ void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
*(uint16_t *)p = le16_to_cpu(val);
p += 2;
s->data_ptr = p;
- if (p >= s->data_end)
+ if (p >= s->data_end) {
+ s->status &= ~DRQ_STAT;
s->end_transfer_func(s);
+ }
}
uint32_t ide_data_readw(void *opaque, uint32_t addr)
@@ -2053,8 +2055,10 @@ uint32_t ide_data_readw(void *opaque, uint32_t addr)
ret = cpu_to_le16(*(uint16_t *)p);
p += 2;
s->data_ptr = p;
- if (p >= s->data_end)
+ if (p >= s->data_end) {
+ s->status &= ~DRQ_STAT;
s->end_transfer_func(s);
+ }
return ret;
}
@@ -2078,8 +2082,10 @@ void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
*(uint32_t *)p = le32_to_cpu(val);
p += 4;
s->data_ptr = p;
- if (p >= s->data_end)
+ if (p >= s->data_end) {
+ s->status &= ~DRQ_STAT;
s->end_transfer_func(s);
+ }
}
uint32_t ide_data_readl(void *opaque, uint32_t addr)
@@ -2103,8 +2109,10 @@ uint32_t ide_data_readl(void *opaque, uint32_t addr)
ret = cpu_to_le32(*(uint32_t *)p);
p += 4;
s->data_ptr = p;
- if (p >= s->data_end)
+ if (p >= s->data_end) {
+ s->status &= ~DRQ_STAT;
s->end_transfer_func(s);
+ }
return ret;
}
--
1.9.1
next prev parent reply other threads:[~2015-07-30 11:36 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-30 11:32 [Qemu-devel] Patch Round-up for stable 2.3.1, freeze on 2015-08-06 Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 01/53] bt-sdp: fix broken uuids power-of-2 calculation Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 02/53] block/iscsi: do not forget to logout from target Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 03/53] Strip brackets from vnc host Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 04/53] nbd/trivial: fix type cast for ioctl Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 05/53] vmdk: Fix next_cluster_sector for compressed write Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 06/53] vmdk: Fix overflow if l1_size is 0x20000000 Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 07/53] qcow2: Flush pending discards before allocating cluster Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 08/53] usb: fix usb-net segfault Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 09/53] virtio-net: fix the upper bound when trying to delete queues Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 10/53] target-arm: Avoid buffer overrun on UNPREDICTABLE ldrd/strd Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 11/53] fdc: force the fifo access to be in bounds of the allocated buffer Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 12/53] Revert "block: Fix unaligned zero write" Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 13/53] block: Fix NULL deference for unaligned write if qiov is NULL Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 14/53] qemu-iotests: Test unaligned sub-block zero write Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 15/53] hw/acpi/aml-build: Fix memory leak Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 16/53] qga/commands-posix: Fix bug in guest-fstrim Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 17/53] kbd: add brazil kbd keys to qemu Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 18/53] kbd: add brazil kbd keys to x11 evdev map Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 19/53] qcow2: Set MIN_L2_CACHE_SIZE to 2 Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 20/53] iotests: qcow2 COW with minimal L2 cache size Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 21/53] vmdk: Fix index_in_cluster calculation in vmdk_co_get_block_status Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 22/53] vmdk: Use vmdk_find_index_in_cluster everywhere Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 23/53] sdl2: fix crash in handle_windowevent() when restoring the screen size Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 24/53] spice-display: fix segfault in qemu_spice_create_update Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 25/53] i8254: fix out-of-bounds memory access in pit_ioport_read() Michael Roth
2015-08-03 8:40 ` [Qemu-devel] 答复: " lidonglin
2015-08-03 11:46 ` Paolo Bonzini
2015-07-30 11:32 ` [Qemu-devel] [PATCH 26/53] hw/core: rebase sysbus_get_fw_dev_path() to g_strdup_printf() Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 27/53] vhost: correctly pass error to caller in vhost_dev_enable_notifiers() Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 28/53] virtio-ccw: complete handling of guest-initiated resets Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 29/53] block: Add bdrv_get_block_status_above Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 30/53] qmp: Add optional bool "unmap" to drive-mirror Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 31/53] mirror: Do zero write on target if sectors not allocated Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 32/53] block: Fix dirty bitmap in bdrv_co_discard Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 33/53] qemu-iotests: Make block job methods common Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 34/53] qemu-iotests: Add test case for mirror with unmap Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 35/53] iotests: Use event_wait in wait_ready Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 36/53] iotests: add QMP event waiting queue Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 37/53] block/nfs: limit maximum readahead size to 1MB Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 38/53] s390x/ipl: Fix boot if no bootindex was specified Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 39/53] spapr_vty: lookup should only return valid VTY objects Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 40/53] target-ppc: fix hugepage support when using memory-backend-file Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 41/53] Fix irq route entries exceeding KVM_MAX_IRQ_ROUTES Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 42/53] block: Initialize local_err in bdrv_append_temp_snapshot Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 43/53] mips/kvm: Fix Big endian 32-bit register access Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 44/53] mips/kvm: Sign extend registers written to KVM Michael Roth
2015-07-30 11:33 ` [Qemu-devel] [PATCH 45/53] vfio/pci: Fix RTL8168 NIC quirks Michael Roth
2015-07-30 11:33 ` [Qemu-devel] [PATCH 46/53] virtio-net: unbreak any layout Michael Roth
2015-07-30 11:33 ` [Qemu-devel] [PATCH 47/53] vfio/pci: Fix bootindex Michael Roth
2015-07-30 11:33 ` [Qemu-devel] [PATCH 48/53] scsi: fix buffer overflow in scsi_req_parse_cdb (CVE-2015-5158) Michael Roth
2015-07-30 11:33 ` [Qemu-devel] [PATCH 49/53] block: vpc - prevent overflow if max_table_entries >= 0x40000000 Michael Roth
2015-07-30 11:33 ` [Qemu-devel] [PATCH 50/53] block: qemu-iotests - add check for multiplication overflow in vpc Michael Roth
2015-07-30 11:33 ` [Qemu-devel] [PATCH 51/53] ide: Check array bounds before writing to io_buffer (CVE-2015-5154) Michael Roth
2015-07-30 11:33 ` [Qemu-devel] [PATCH 52/53] ide/atapi: Fix START STOP UNIT command completion Michael Roth
2015-07-30 11:33 ` Michael Roth [this message]
2015-08-04 17:41 ` [Qemu-devel] Patch Round-up for stable 2.3.1, freeze on 2015-08-06 Michael Roth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1438255988-10418-54-git-send-email-mdroth@linux.vnet.ibm.com \
--to=mdroth@linux.vnet.ibm.com \
--cc=kwolf@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-stable@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).