From: Cornelia Huck <cohuck@redhat.com>
To: peter.maydell@linaro.org
Cc: qemu-devel@nongnu.org, qemu-s390x@nongnu.org, rth@twiddle.net,
agraf@suse.de, thuth@redhat.com, borntraeger@de.ibm.com,
david@redhat.com, Claudio Imbrenda <imbrenda@linux.vnet.ibm.com>,
qemu-stable@nongnu.org, Cornelia Huck <cohuck@redhat.com>
Subject: [Qemu-devel] [PULL 5/9] s390x: fix storage attributes migration for non-small guests
Date: Mon, 22 Jan 2018 13:00:41 +0100 [thread overview]
Message-ID: <20180122120045.13538-6-cohuck@redhat.com> (raw)
In-Reply-To: <20180122120045.13538-1-cohuck@redhat.com>
From: Claudio Imbrenda <imbrenda@linux.vnet.ibm.com>
Fix storage attribute migration so that it does not fail for guests
with more than a few GB of RAM.
With such guests, the index in the buffer would go out of bounds,
usually by large amounts, thus receiving -EFAULT from the kernel.
Migration itself would be successful, but storage attributes would then
not be migrated completely.
This patch fixes the out of bounds access, and thus migration of all
storage attributes when the guest have large amounts of memory.
Cc: qemu-stable@nongnu.org
Signed-off-by: Claudio Imbrenda <imbrenda@linux.vnet.ibm.com>
Fixes: 903fd80b03243476 ("s390x/migration: Storage attributes device")
Message-Id: <1516297904-18188-1-git-send-email-imbrenda@linux.vnet.ibm.com>
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
---
hw/s390x/s390-stattrib-kvm.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/s390x/s390-stattrib-kvm.c b/hw/s390x/s390-stattrib-kvm.c
index 41770a7dec..480551c3db 100644
--- a/hw/s390x/s390-stattrib-kvm.c
+++ b/hw/s390x/s390-stattrib-kvm.c
@@ -116,7 +116,7 @@ static void kvm_s390_stattrib_synchronize(S390StAttribState *sa)
for (cx = 0; cx + len <= max; cx += len) {
clog.start_gfn = cx;
clog.count = len;
- clog.values = (uint64_t)(sas->incoming_buffer + cx * len);
+ clog.values = (uint64_t)(sas->incoming_buffer + cx);
r = kvm_vm_ioctl(kvm_state, KVM_S390_SET_CMMA_BITS, &clog);
if (r) {
error_report("KVM_S390_SET_CMMA_BITS failed: %s", strerror(-r));
@@ -126,7 +126,7 @@ static void kvm_s390_stattrib_synchronize(S390StAttribState *sa)
if (cx < max) {
clog.start_gfn = cx;
clog.count = max - cx;
- clog.values = (uint64_t)(sas->incoming_buffer + cx * len);
+ clog.values = (uint64_t)(sas->incoming_buffer + cx);
r = kvm_vm_ioctl(kvm_state, KVM_S390_SET_CMMA_BITS, &clog);
if (r) {
error_report("KVM_S390_SET_CMMA_BITS failed: %s", strerror(-r));
--
2.13.6
next prev parent reply other threads:[~2018-01-22 12:01 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-22 12:00 [Qemu-devel] [PULL 0/9] s390x update Cornelia Huck
2018-01-22 12:00 ` [Qemu-devel] [PULL 1/9] s390x/sclp: fixup highest CPU address Cornelia Huck
2018-01-22 12:00 ` [Qemu-devel] [PULL 2/9] s390x/tcg: implement TEST PROTECTION Cornelia Huck
2018-01-22 12:00 ` [Qemu-devel] [PULL 3/9] s390x/sclp: fix missing be conversion Cornelia Huck
2018-01-22 12:00 ` [Qemu-devel] [PULL 4/9] hw/s390x: Replace fprintf(stderr, "*\n" with qemu_log_mask() Cornelia Huck
2018-01-22 12:00 ` Cornelia Huck [this message]
2018-01-22 12:00 ` [Qemu-devel] [PULL 6/9] s390x/tcg: fixup TEST PROTECTION Cornelia Huck
2018-01-22 12:00 ` [Qemu-devel] [PULL 7/9] linux-headers: update Cornelia Huck
2018-01-22 12:00 ` [Qemu-devel] [PULL 8/9] s390x/kvm: Handle bpb feature Cornelia Huck
2018-01-22 12:00 ` [Qemu-devel] [PULL 9/9] s390x/kvm: provide stfle.81 Cornelia Huck
2018-01-24 15:28 ` [Qemu-devel] [PULL 0/9] s390x update Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180122120045.13538-6-cohuck@redhat.com \
--to=cohuck@redhat.com \
--cc=agraf@suse.de \
--cc=borntraeger@de.ibm.com \
--cc=david@redhat.com \
--cc=imbrenda@linux.vnet.ibm.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=qemu-s390x@nongnu.org \
--cc=qemu-stable@nongnu.org \
--cc=rth@twiddle.net \
--cc=thuth@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).