[Qemu-devel] [PATCH 0/2] [PULL] qemu-kvm.git uq/master queue

[Qemu-devel] [PATCH 0/2] [PULL] qemu-kvm.git uq/master queue

[Marcelo Tosatti]

The following changes since commit 748a4ee311b8353292e85851034cb917906aac14:
  Blue Swirl (1):
        sparc32: use FW_CFG_CMDLINE_SIZE

are available in the git repository at:

  git://git.kernel.org/pub/scm/virt/kvm/qemu-kvm.git uq/master

Alex Williamson (1):
      kvm: Don't walk memory_size == 0 slots in kvm_client_migration_log

Gleb Natapov (1):
      kvm: remove guest triggerable abort()

 kvm-all.c |   19 +++++++------------
 1 files changed, 7 insertions(+), 12 deletions(-)

[Qemu-devel] [PATCH 1/2] kvm: Don't walk memory_size == 0 slots in kvm_client_migration_log

[Marcelo Tosatti]

From: Alex Williamson <alex.williamson@redhat.com>

If we've unregistered a memory area, we should avoid calling
qemu_get_ram_ptr() on the left over phys_offset cruft in the
slot array.  Now that we support removing ramblocks, the
phys_offset ram_addr_t can go away and cause a lookup fault
and abort.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
---
 kvm-all.c |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/kvm-all.c b/kvm-all.c
index 7635f2f..736c516 100644
--- a/kvm-all.c
+++ b/kvm-all.c
@@ -274,6 +274,9 @@ static int kvm_set_migration_log(int enable)
     for (i = 0; i < ARRAY_SIZE(s->slots); i++) {
         mem = &s->slots[i];
 
+        if (!mem->memory_size) {
+            continue;
+        }
         if (!!(mem->flags & KVM_MEM_LOG_DIRTY_PAGES) == enable) {
             continue;
         }
-- 
1.6.6.1

[Qemu-devel] [PATCH 2/2] kvm: remove guest triggerable abort()

[Marcelo Tosatti]

From: Gleb Natapov <gleb@redhat.com>

This abort() condition is easily triggerable by a guest if it configures
pci bar with unaligned address that overlaps main memory.

Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
---
 kvm-all.c |   16 ++++------------
 1 files changed, 4 insertions(+), 12 deletions(-)

diff --git a/kvm-all.c b/kvm-all.c
index 736c516..85f2e58 100644
--- a/kvm-all.c
+++ b/kvm-all.c
@@ -432,18 +432,10 @@ static void kvm_set_phys_mem(target_phys_addr_t start_addr,
     KVMSlot *mem, old;
     int err;
 
-    if (start_addr & ~TARGET_PAGE_MASK) {
-        if (flags >= IO_MEM_UNASSIGNED) {
-            if (!kvm_lookup_overlapping_slot(s, start_addr,
-                                             start_addr + size)) {
-                return;
-            }
-            fprintf(stderr, "Unaligned split of a KVM memory slot\n");
-        } else {
-            fprintf(stderr, "Only page-aligned memory slots supported\n");
-        }
-        abort();
-    }
+    /* kvm works in page size chunks, but the function may be called
+       with sub-page size and unaligned start address. */
+    size = TARGET_PAGE_ALIGN(size);
+    start_addr = TARGET_PAGE_ALIGN(start_addr);
 
     /* KVM does not support read-only slots */
     phys_offset &= ~IO_MEM_ROM;
-- 
1.6.6.1