From: David Gibson <david@gibson.dropbear.id.au>
To: peter.maydell@linaro.org
Cc: lvivier@redhat.com, aik@ozlabs.ru, mdroth@linux.vnet.ibm.com,
qemu-devel@nongnu.org, groug@kaod.org, qemu-ppc@nongnu.org,
clg@kaod.org, "Paolo Bonzini" <pbonzini@redhat.com>,
"Philippe Mathieu-Daudé" <philmd@redhat.com>,
"David Gibson" <david@gibson.dropbear.id.au>
Subject: [PULL 26/45] hw/scsi/spapr_vscsi: Do not mix SRP IU size with DMA buffer size
Date: Tue, 17 Mar 2020 21:04:04 +1100 [thread overview]
Message-ID: <20200317100423.622643-27-david@gibson.dropbear.id.au> (raw)
In-Reply-To: <20200317100423.622643-1-david@gibson.dropbear.id.au>
From: Philippe Mathieu-Daudé <philmd@redhat.com>
The 'union srp_iu' is meant as a pointer to any SRP Information
Unit type, it is not related to the size of a VIO DMA buffer.
Use a plain buffer for the VIO DMA read/write calls.
We can remove the reserved buffer from the 'union srp_iu'.
This issue was noticed when replacing the zero-length arrays
from hw/scsi/srp.h with flexible array member,
'clang -fsanitize=undefined' reported:
hw/scsi/spapr_vscsi.c:69:29: error: field 'iu' with variable sized type 'union viosrp_iu' not at the end of a struct or class is a GNU extension [-Werror,-Wgnu-variable-sized-type-not-at-end]
union viosrp_iu iu;
^
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20200305121253.19078-6-philmd@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
hw/scsi/spapr_vscsi.c | 10 +++++-----
hw/scsi/viosrp.h | 1 -
2 files changed, 5 insertions(+), 6 deletions(-)
diff --git a/hw/scsi/spapr_vscsi.c b/hw/scsi/spapr_vscsi.c
index 70547f98ac..acf9bb50bc 100644
--- a/hw/scsi/spapr_vscsi.c
+++ b/hw/scsi/spapr_vscsi.c
@@ -66,7 +66,7 @@ typedef union vscsi_crq {
typedef struct vscsi_req {
vscsi_crq crq;
- union viosrp_iu iu;
+ uint8_t viosrp_iu_buf[SRP_MAX_IU_LEN];
/* SCSI request tracking */
SCSIRequest *sreq;
@@ -99,7 +99,7 @@ typedef struct {
static union viosrp_iu *req_iu(vscsi_req *req)
{
- return &req->iu;
+ return (union viosrp_iu *)req->viosrp_iu_buf;
}
static struct vscsi_req *vscsi_get_req(VSCSIState *s)
@@ -183,7 +183,7 @@ static int vscsi_send_iu(VSCSIState *s, vscsi_req *req,
/* First copy the SRP */
rc = spapr_vio_dma_write(&s->vdev, req->crq.s.IU_data_ptr,
- &req->iu, length);
+ &req->viosrp_iu_buf, length);
if (rc) {
fprintf(stderr, "vscsi_send_iu: DMA write failure !\n");
}
@@ -602,7 +602,7 @@ static const VMStateDescription vmstate_spapr_vscsi_req = {
.minimum_version_id = 1,
.fields = (VMStateField[]) {
VMSTATE_BUFFER(crq.raw, vscsi_req),
- VMSTATE_BUFFER(iu.srp.reserved, vscsi_req),
+ VMSTATE_BUFFER(viosrp_iu_buf, vscsi_req),
VMSTATE_UINT32(qtag, vscsi_req),
VMSTATE_BOOL(active, vscsi_req),
VMSTATE_UINT32(data_len, vscsi_req),
@@ -1103,7 +1103,7 @@ static void vscsi_got_payload(VSCSIState *s, vscsi_crq *crq)
}
/* XXX Handle failure differently ? */
- if (spapr_vio_dma_read(&s->vdev, crq->s.IU_data_ptr, &req->iu,
+ if (spapr_vio_dma_read(&s->vdev, crq->s.IU_data_ptr, &req->viosrp_iu_buf,
crq->s.IU_length)) {
fprintf(stderr, "vscsi_got_payload: DMA read failure !\n");
vscsi_put_req(req);
diff --git a/hw/scsi/viosrp.h b/hw/scsi/viosrp.h
index 25676c2383..e5f9768e8f 100644
--- a/hw/scsi/viosrp.h
+++ b/hw/scsi/viosrp.h
@@ -49,7 +49,6 @@ union srp_iu {
struct srp_tsk_mgmt tsk_mgmt;
struct srp_cmd cmd;
struct srp_rsp rsp;
- uint8_t reserved[SRP_MAX_IU_LEN];
};
enum viosrp_crq_formats {
--
2.24.1
next prev parent reply other threads:[~2020-03-17 10:26 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-17 10:03 [PULL 00/45] ppc-for-5.0 queue 20200317 David Gibson
2020-03-17 10:03 ` [PULL 01/45] pseries: Update SLOF firmware image David Gibson
2020-03-17 10:03 ` [PULL 02/45] spapr: Handle pending hot plug/unplug requests at CAS David Gibson
2020-03-17 10:03 ` [PULL 03/45] ppc: Officially deprecate the CPU "compat" property David Gibson
2020-03-17 10:03 ` [PULL 04/45] spapr: Fix Coverity warning while validating nvdimm options David Gibson
2020-03-17 10:03 ` [PULL 05/45] hw/ppc/pnv: Fix typo in comment David Gibson
2020-03-17 10:03 ` [PULL 06/45] ppc: Remove stub support for 32-bit hypervisor mode David Gibson
2020-03-17 10:03 ` [PULL 07/45] ppc: Remove stub of PPC970 HID4 implementation David Gibson
2020-03-17 10:03 ` [PULL 08/45] target/ppc: Correct handling of real mode accesses with vhyp on hash MMU David Gibson
2020-03-17 10:03 ` [PULL 09/45] target/ppc: Introduce ppc_hash64_use_vrma() helper David Gibson
2020-03-17 10:03 ` [PULL 10/45] spapr, ppc: Remove VPM0/RMLS hacks for POWER9 David Gibson
2020-03-17 10:03 ` [PULL 11/45] target/ppc: Remove RMOR register from POWER9 & POWER10 David Gibson
2020-03-17 10:03 ` [PULL 12/45] target/ppc: Use class fields to simplify LPCR masking David Gibson
2020-03-17 10:03 ` [PULL 13/45] target/ppc: Streamline calculation of RMA limit from LPCR[RMLS] David Gibson
2020-03-17 10:03 ` [PULL 14/45] target/ppc: Correct RMLS table David Gibson
2020-03-17 10:03 ` [PULL 15/45] target/ppc: Only calculate RMLS derived RMA limit on demand David Gibson
2020-03-17 10:03 ` [PULL 16/45] target/ppc: Don't store VRMA SLBE persistently David Gibson
2020-03-17 10:03 ` [PULL 17/45] spapr: Don't use weird units for MIN_RMA_SLOF David Gibson
2020-03-17 10:03 ` [PULL 18/45] spapr,ppc: Simplify signature of kvmppc_rma_size() David Gibson
2020-03-17 10:03 ` [PULL 19/45] spapr: Don't attempt to clamp RMA to VRMA constraint David Gibson
2020-03-17 10:03 ` [PULL 20/45] spapr: Don't clamp RMA to 16GiB on new machine types David Gibson
2020-03-17 10:03 ` [PULL 21/45] spapr: Clean up RMA size calculation David Gibson
2020-03-17 10:04 ` [PULL 22/45] hw/scsi/viosrp: Add missing 'hw/scsi/srp.h' include David Gibson
2020-03-17 10:04 ` [PULL 23/45] hw/scsi/spapr_vscsi: Use SRP_MAX_IU_LEN instead of sizeof flexible array David Gibson
2020-03-17 10:04 ` [PULL 24/45] hw/scsi/spapr_vscsi: Simplify a bit David Gibson
2020-03-17 10:04 ` [PULL 25/45] hw/scsi/spapr_vscsi: Introduce req_iu() helper David Gibson
2020-03-17 10:04 ` David Gibson [this message]
2020-03-17 10:04 ` [PULL 27/45] hw/scsi/spapr_vscsi: Prevent buffer overflow David Gibson
2020-03-17 10:04 ` [PULL 28/45] hw/scsi/spapr_vscsi: Convert debug fprintf() to trace event David Gibson
2020-03-17 10:04 ` [PULL 29/45] spapr/xive: use SPAPR_IRQ_IPI to define IPI ranges exposed to the guest David Gibson
2020-03-17 10:04 ` [PULL 30/45] target/ppc: Fix rlwinm on ppc64 David Gibson
2020-03-17 10:04 ` [PULL 31/45] ppc/spapr: Move GPRs setup to one place David Gibson
2020-03-17 10:04 ` [PULL 32/45] pseries: Update SLOF firmware image David Gibson
2020-03-17 10:04 ` [PULL 33/45] spapr/rtas: Reserve space for RTAS blob and log David Gibson
2020-03-17 10:04 ` [PULL 34/45] spapr: Move creation of ibm, dynamic-reconfiguration-memory dt node David Gibson
2020-03-17 10:04 ` [PULL 35/45] spapr: Move creation of ibm,architecture-vec-5 property David Gibson
2020-03-17 10:04 ` [PULL 36/45] spapr: Rename DT functions to newer naming convention David Gibson
2020-03-17 10:04 ` [PULL 37/45] ppc/spapr: Fix FWNMI machine check failure handling David Gibson
2020-03-17 10:04 ` [PULL 38/45] ppc/spapr: Change FWNMI names David Gibson
2020-03-17 10:04 ` [PULL 39/45] ppc/spapr: Add FWNMI System Reset state David Gibson
2020-03-17 10:04 ` [PULL 40/45] ppc/spapr: Fix FWNMI machine check interrupt delivery David Gibson
2020-03-17 10:04 ` [PULL 41/45] ppc/spapr: Allow FWNMI on TCG David Gibson
2020-03-17 10:04 ` [PULL 42/45] target/ppc: allow ppc_cpu_do_system_reset to take an alternate vector David Gibson
2020-03-17 10:04 ` [PULL 43/45] ppc/spapr: Implement FWNMI System Reset delivery David Gibson
2020-03-17 10:04 ` [PULL 44/45] ppc/spapr: Ignore common "ibm,nmi-interlock" Linux bug David Gibson
2020-03-17 10:04 ` [PULL 45/45] pseries: Update SLOF firmware image David Gibson
2020-03-17 10:30 ` [PULL 00/45] ppc-for-5.0 queue 20200317 Paolo Bonzini
2020-03-17 22:33 ` David Gibson
2020-03-17 23:58 ` Alexey Kardashevskiy
2020-03-18 5:46 ` David Gibson
2020-03-17 11:24 ` no-reply
2020-03-18 17:57 ` Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200317100423.622643-27-david@gibson.dropbear.id.au \
--to=david@gibson.dropbear.id.au \
--cc=aik@ozlabs.ru \
--cc=clg@kaod.org \
--cc=groug@kaod.org \
--cc=lvivier@redhat.com \
--cc=mdroth@linux.vnet.ibm.com \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=philmd@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-ppc@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).