From: "Michael S. Tsirkin" <mst@redhat.com>
To: qemu-devel@nongnu.org
Cc: Ani Sinha <ani@anisinha.ca>,
Peter Maydell <peter.maydell@linaro.org>,
Igor Mammedov <imammedo@redhat.com>
Subject: [PULL v4 08/47] hw/smbios: add assertion to ensure handles of tables 19 and 32 do not collide
Date: Mon, 7 Mar 2022 17:44:55 -0500 [thread overview]
Message-ID: <20220307224357.682101-9-mst@redhat.com> (raw)
In-Reply-To: <20220307224357.682101-1-mst@redhat.com>
From: Ani Sinha <ani@anisinha.ca>
Since change dcf359832eec02 ("hw/smbios: fix table memory corruption with large memory vms")
we reserve additional space between handle numbers of tables 17 and 19 for
large VMs. This may cause table 19 to collide with table 32 in their handle
numbers for those large VMs. This change adds an assertion to ensure numbers
do not collide. If they do, qemu crashes with useful debug information for
taking additional steps.
Signed-off-by: Ani Sinha <ani@anisinha.ca>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20220223143322.927136-8-ani@anisinha.ca>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
---
hw/smbios/smbios.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/hw/smbios/smbios.c b/hw/smbios/smbios.c
index 44c53797a4..1f8d5c252f 100644
--- a/hw/smbios/smbios.c
+++ b/hw/smbios/smbios.c
@@ -1048,6 +1048,12 @@ void smbios_get_tables(MachineState *ms,
mem_array[i].length);
}
+ /*
+ * make sure 16 bit handle numbers in the headers of tables 19
+ * and 32 do not overlap.
+ */
+ assert((mem_array_size + offset) < (T32_BASE - T19_BASE));
+
smbios_build_type_32_table();
smbios_build_type_38_table();
smbios_build_type_41_table(errp);
--
MST
next prev parent reply other threads:[~2022-03-07 22:47 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-07 22:44 [PULL v4 00/47] virtio,pc,pci: features, cleanups, fixes Michael S. Tsirkin
2022-03-07 22:44 ` [PULL v4 01/47] qom: assert integer does not overflow Michael S. Tsirkin
2022-03-07 22:44 ` [PULL v4 02/47] ACPI ERST: specification for ERST support Michael S. Tsirkin
2022-03-07 22:44 ` [PULL v4 03/47] MAINTAINERS: no need to add my name explicitly as a reviewer for VIOT tables Michael S. Tsirkin
2022-03-07 22:44 ` [PULL v4 04/47] docs/acpi/erst: add device id for ACPI ERST device in pci-ids.txt Michael S. Tsirkin
2022-03-07 22:44 ` [PULL v4 05/47] hw/acpi/erst: clean up unused IS_UEFI_CPER_RECORD macro Michael S. Tsirkin
2022-03-07 22:44 ` [PULL v4 06/47] hw/smbios: code cleanup - use macro definitions for table header handles Michael S. Tsirkin
2022-03-07 22:44 ` [PULL v4 07/47] hw/smbios: fix overlapping table handle numbers with large memory vms Michael S. Tsirkin
2022-03-07 22:44 ` Michael S. Tsirkin [this message]
2022-03-07 22:44 ` [PULL v4 09/47] vhost-user: remove VirtQ notifier restore Michael S. Tsirkin
2022-03-07 22:45 ` [PULL v4 10/47] vhost-user: fix VirtQ notifier cleanup Michael S. Tsirkin
2022-03-07 22:45 ` [PULL v4 11/47] virtio: fix the condition for iommu_platform not supported Michael S. Tsirkin
2022-03-07 22:45 ` [PULL v4 12/47] hw/vhost-user-i2c: Add support for VIRTIO_I2C_F_ZERO_LENGTH_REQUEST Michael S. Tsirkin
2022-03-07 22:45 ` [PULL v4 13/47] hw/virtio: vdpa: Fix leak of host-notifier memory-region Michael S. Tsirkin
2022-03-07 22:45 ` [PULL v4 14/47] vhost-vdpa: make notifiers _init()/_uninit() symmetric Michael S. Tsirkin
2022-03-07 22:45 ` [PULL v4 15/47] intel_iommu: support snoop control Michael S. Tsirkin
2022-03-31 9:51 ` Peter Maydell
2022-04-01 2:10 ` Jason Wang
2022-03-07 22:45 ` [PULL v4 16/47] hw/i386: Improve bounds checking in OVMF table parsing Michael S. Tsirkin
2022-03-07 22:45 ` [PULL v4 17/47] hw/i386: Replace magic number with field length calculation Michael S. Tsirkin
2022-03-07 22:45 ` [PULL v4 18/47] virtio-iommu: Default to bypass during boot Michael S. Tsirkin
2022-03-07 22:45 ` [PULL v4 19/47] virtio-iommu: Support bypass domain Michael S. Tsirkin
2022-03-07 22:45 ` [PULL v4 20/47] tests/qtest/virtio-iommu-test: Check bypass config Michael S. Tsirkin
2022-03-07 22:45 ` [PULL v4 21/47] hw/i386/pc_piix: Mark the machine types from version 1.4 to 1.7 as deprecated Michael S. Tsirkin
2022-03-07 22:45 ` [PULL v4 22/47] hw/pci-bridge/pxb: Fix missing swizzle Michael S. Tsirkin
2022-03-07 22:45 ` [PULL v4 23/47] virtio-net: Unlimit tx queue size if peer is vdpa Michael S. Tsirkin
2022-03-07 22:45 ` [PULL v4 24/47] pcie: Add support for Single Root I/O Virtualization (SR/IOV) Michael S. Tsirkin
2022-03-07 22:45 ` [PULL v4 25/47] pcie: Add some SR/IOV API documentation in docs/pcie_sriov.txt Michael S. Tsirkin
2022-03-07 22:45 ` [PULL v4 26/47] pcie: Add a helper to the SR/IOV API Michael S. Tsirkin
2022-03-07 22:45 ` [PULL v4 27/47] pcie: Add 1.2 version token for the Power Management Capability Michael S. Tsirkin
2022-03-07 22:46 ` [PULL v4 28/47] pci-bridge/xio3130_upstream: Fix error handling Michael S. Tsirkin
2022-03-07 22:46 ` [PULL v4 29/47] pci-bridge/xio3130_downstream: " Michael S. Tsirkin
2022-03-07 22:46 ` [PULL v4 30/47] headers: Add pvpanic.h Michael S. Tsirkin
2022-03-07 22:46 ` [PULL v4 31/47] hw/misc/pvpanic: Use standard headers instead Michael S. Tsirkin
2022-03-07 22:46 ` [PULL v4 32/47] pci: show id info when pci BDF conflict Michael S. Tsirkin
2022-03-07 22:46 ` [PULL v4 33/47] pci: expose TYPE_XIO3130_DOWNSTREAM name Michael S. Tsirkin
2022-03-07 22:46 ` [PULL v4 34/47] acpi: pcihp: pcie: set power on cap on parent slot Michael S. Tsirkin
2022-03-07 22:46 ` [PULL v4 35/47] pc: add option to disable PS/2 mouse/keyboard Michael S. Tsirkin
2022-03-07 22:46 ` [PULL v4 36/47] vhost-vsock: detach the virqueue element in case of error Michael S. Tsirkin
2022-03-07 22:46 ` [PULL v4 37/47] x86: cleanup unused compat_apic_id_mode Michael S. Tsirkin
2022-03-07 22:46 ` [PULL v4 38/47] hw/smbios: Add table 4 parameter, "processor-id" Michael S. Tsirkin
2022-03-07 22:46 ` [PULL v4 39/47] pci: drop COMPAT_PROP_PCP for 2.0 machine types Michael S. Tsirkin
2022-03-07 22:46 ` [PULL v4 40/47] event_notifier: add event_notifier_get_wfd() Michael S. Tsirkin
2022-03-07 22:46 ` [PULL v4 41/47] vhost: use wfd on functions setting vring call fd Michael S. Tsirkin
2022-03-07 22:46 ` [PULL v4 42/47] configure, meson: allow enabling vhost-user on all POSIX systems Michael S. Tsirkin
2022-03-07 22:46 ` [PULL v4 43/47] docs: vhost-user: add subsection for non-Linux platforms Michael S. Tsirkin
2022-03-07 22:46 ` [PULL v4 44/47] tests/acpi: i386: allow FACP acpi table changes Michael S. Tsirkin
2022-03-07 22:46 ` [PULL v4 45/47] hw/acpi: add indication for i8042 in IA-PC boot flags of the FADT table Michael S. Tsirkin
2022-03-07 22:47 ` [PULL v4 46/47] tests/acpi: i386: update FACP table differences Michael S. Tsirkin
2022-03-07 22:47 ` [PULL v4 47/47] hw/acpi/microvm: turn on 8042 bit in FADT boot architecture flags if present Michael S. Tsirkin
2022-03-09 9:13 ` [PULL v4 00/47] virtio,pc,pci: features, cleanups, fixes Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220307224357.682101-9-mst@redhat.com \
--to=mst@redhat.com \
--cc=ani@anisinha.ca \
--cc=imammedo@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).