From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:47823)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jasowang@redhat.com>) id 1ZoRCT-0008EZ-BK
	for qemu-devel@nongnu.org; Tue, 20 Oct 2015 03:19:19 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <jasowang@redhat.com>) id 1ZoRCM-00069J-AI
	for qemu-devel@nongnu.org; Tue, 20 Oct 2015 03:19:09 -0400
Received: from mx1.redhat.com ([209.132.183.28]:46054)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jasowang@redhat.com>) id 1ZoRCM-00069F-4Y
	for qemu-devel@nongnu.org; Tue, 20 Oct 2015 03:19:06 -0400
References: <1444906470-21216-1-git-send-email-dana.rubin@ravellosystems.com>
	<18791EE9-6D20-498A-B67E-6211A9DFF542@daynix.com>
	<5625B021.7070208@redhat.com>
	<53A3BF51-41E9-40E4-A815-71BA882F5286@daynix.com>
From: Jason Wang <jasowang@redhat.com>
Message-ID: <5625EAE3.3030406@redhat.com>
Date: Tue, 20 Oct 2015 15:18:59 +0800
MIME-Version: 1.0
In-Reply-To: <53A3BF51-41E9-40E4-A815-71BA882F5286@daynix.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH] vmxnet3: Do not fill stats if device is
 inactive
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Dmitry Fleytman <dmitry@daynix.com>
Cc: Leonid Shatz <leonid.shatz@ravellosystems.com>, Dana Rubin <dana.rubin@ravellosystems.com>, Idan Brown <idan.brown@ravellosystems.com>, Dana Rubin <shmulik.ladkani@ravellosystems.com>, qemu-devel@nongnu.org



On 10/20/2015 03:11 PM, Dmitry Fleytman wrote:
> Hi Jason,
>
> Sure. No problem.
>
> Acked-by: Dmitry Fleytman <dmitry@daynix.com <mailto:dmitry@daynix.com>>
>
> Dmitry.

Thanks.

>
>> On 20 Oct 2015, at 06:08 AM, Jason Wang <jasowang@redhat.com
>> <mailto:jasowang@redhat.com>> wrote:
>>
>>
>>
>> On 10/18/2015 03:16 PM, Dmitry Fleytman wrote:
>>> ACK
>>
>> Hi Dmitry:
>>
>> Thanks a lot for the reviewing.
>>
>> As I want to add your "Acked-by" in the patch, could you pls add a
>> formal one in the future? (Which can make my life a little bit easier).
>>
>>>> On 15 Oct 2015, at 13:54 PM, Dana Rubin
>>>> <shmulik.ladkani@ravellosystems.com
>>>> <mailto:shmulik.ladkani@ravellosystems.com>> wrote:
>>>>
>>>> From: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com
>>>> <mailto:shmulik.ladkani@ravellosystems.com>>
>>>>
>>>> Guest OS may issue VMXNET3_CMD_GET_STATS even before device was
>>>> activated (for example in linux, after insmod but prior net-dev open).
>>>>
>>>> Accessing shared descriptors prior device activation is illegal as the
>>>> VMXNET3State structures have not been fully initialized.
>>>>
>>>> As a result, guest memory gets corrupted and may lead to guest OS
>>>> crashes.
>>>>
>>>> Fix, by not filling the stats descriptors if device is inactive.
>>>>
>>>> Reported-by: Leonid Shatz <leonid.shatz@ravellosystems.com
>>>> <mailto:leonid.shatz@ravellosystems.com>>
>>>> Signed-off-by: Dana Rubin <dana.rubin@ravellosystems.com
>>>> <mailto:dana.rubin@ravellosystems.com>>
>>>> Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com
>>>> <mailto:shmulik.ladkani@ravellosystems.com>>
>>>> ---
>>>> hw/net/vmxnet3.c | 4 ++++
>>>> 1 file changed, 4 insertions(+)
>>>>
>>>> diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
>>>> index 3c5e10d..5e3a233 100644
>>>> --- a/hw/net/vmxnet3.c
>>>> +++ b/hw/net/vmxnet3.c
>>>> @@ -1289,6 +1289,10 @@ static uint32_t
>>>> vmxnet3_get_interrupt_config(VMXNET3State *s)
>>>> static void vmxnet3_fill_stats(VMXNET3State *s)
>>>> {
>>>>    int i;
>>>> +
>>>> +    if (!s->device_active)
>>>> +        return;
>>>> +
>>>>    for (i = 0; i < s->txq_num; i++) {
>>>>        cpu_physical_memory_write(s->txq_descr[i].tx_stats_pa,
>>>>                                  &s->txq_descr[i].txq_stats,
>>>> -- 
>>>> 1.9.1
>>>>
>>>
>>
>