qemu-commits
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-commits] [qemu/qemu] cf885b: hw/xen: fix off-by-one in xen_evtchn_


From: Richard Henderson
Subject: [Qemu-commits] [qemu/qemu] cf885b: hw/xen: fix off-by-one in xen_evtchn_set_gsi()
Date: Wed, 02 Aug 2023 06:57:32 -0700

  Branch: refs/heads/staging
  Home:   https://github.com/qemu/qemu
  Commit: cf885b19579646d6a085470658bc83432d6786d2
      
https://github.com/qemu/qemu/commit/cf885b19579646d6a085470658bc83432d6786d2
  Author: David Woodhouse <dwmw@amazon.co.uk>
  Date:   2023-08-01 (Tue, 01 Aug 2023)

  Changed paths:
    M hw/i386/kvm/xen_evtchn.c

  Log Message:
  -----------
  hw/xen: fix off-by-one in xen_evtchn_set_gsi()

Coverity points out (CID 1508128) a bounds checking error. We need to check
for gsi >= IOAPIC_NUM_PINS, not just greater-than.

Also fix up an assert() that has the same problem, that Coverity didn't see.

Fixes: 4f81baa33ed6 ("hw/xen: Support GSI mapping to PIRQ")
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230801175747.145906-2-dwmw2@infradead.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>


  Commit: 19c417ec87a446ffd1a13eeec23226fe30f31b7e
      
https://github.com/qemu/qemu/commit/19c417ec87a446ffd1a13eeec23226fe30f31b7e
  Author: David Woodhouse <dwmw@amazon.co.uk>
  Date:   2023-08-01 (Tue, 01 Aug 2023)

  Changed paths:
    M target/i386/kvm/xen-emu.c

  Log Message:
  -----------
  i386/xen: consistent locking around Xen singleshot timers

Coverity points out (CID 1507534, 1507968) that we sometimes access
env->xen_singleshot_timer_ns under the protection of
env->xen_timers_lock and sometimes not.

This isn't always an issue. There are two modes for the timers; if the
kernel supports the EVTCHN_SEND capability then it handles all the timer
hypercalls and delivery internally, and all we use the field for is to
get/set the timer as part of the vCPU state via an ioctl(). If the
kernel doesn't have that support, then we do all the emulation within
qemu, and *those* are the code paths where we actually care about the
locking.

But it doesn't hurt to be a little bit more consistent and avoid having
to explain *why* it's OK.

Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Reviewed-by: Paul Durrant <paul@xen.org>
Message-Id: <20230801175747.145906-3-dwmw2@infradead.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>


  Commit: 75a87af9b228ca7d14902a9390fe5e83c4898eb0
      
https://github.com/qemu/qemu/commit/75a87af9b228ca7d14902a9390fe5e83c4898eb0
  Author: David Woodhouse <dwmw@amazon.co.uk>
  Date:   2023-08-01 (Tue, 01 Aug 2023)

  Changed paths:
    M hw/i386/kvm/xen_evtchn.c

  Log Message:
  -----------
  hw/xen: prevent guest from binding loopback event channel to itself

Fuzzing showed that a guest could bind an interdomain port to itself, by
guessing the next port to be allocated and putting that as the 'remote'
port number. By chance, that works because the newly-allocated port has
type EVTCHNSTAT_unbound. It shouldn't.

Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Reviewed-by: Paul Durrant <paul@xen.org>
Message-Id: <20230801175747.145906-4-dwmw2@infradead.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>


  Commit: 866b24e4c3d27b5b8bedd741bb92b62b9fa58044
      
https://github.com/qemu/qemu/commit/866b24e4c3d27b5b8bedd741bb92b62b9fa58044
  Author: Marc-Andre Lureau <marcandre.lureau@redhat.com>
  Date:   2023-08-01 (Tue, 01 Aug 2023)

  Changed paths:
    M ui/dbus-listener.c

  Log Message:
  -----------
  ui/dbus: fix win32 compilation when !opengl

Fixes: https://gitlab.com/qemu-project/qemu/-/issues/1782

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230725112540.53284-1-marcandre.lureau@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>


  Commit: 7b4a3f814560341b1a18b3954b52e3318c2725d2
      
https://github.com/qemu/qemu/commit/7b4a3f814560341b1a18b3954b52e3318c2725d2
  Author: Marc-André Lureau <marcandre.lureau@redhat.com>
  Date:   2023-08-01 (Tue, 01 Aug 2023)

  Changed paths:
    M ui/dbus-listener.c

  Log Message:
  -----------
  ui/dbus: fix clang compilation issue

../ui/dbus-listener.c:236:9: error: expected expression
        Error *err = NULL;

See:
https://gitlab.com/qemu-project/qemu/-/issues/1782#note_1488517427

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20230726151221.515761-1-marcandre.lureau@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>


  Commit: 313e162951682906430a6efeffdd1f2d67fd5bb4
      
https://github.com/qemu/qemu/commit/313e162951682906430a6efeffdd1f2d67fd5bb4
  Author: Stefan Weil <sw@weilnetz.de>
  Date:   2023-08-01 (Tue, 01 Aug 2023)

  Changed paths:
    M docs/about/deprecated.rst
    M docs/devel/qom.rst
    M docs/system/devices/nvme.rst
    M hw/core/loader.c
    M include/exec/memory.h
    M ui/vnc-enc-tight.c

  Log Message:
  -----------
  misc: Fix some typos in documentation and comments

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230730180329.851576-1-sw@weilnetz.de>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>


  Commit: 7a06a8fec9df3b6a0f72e7b37dff0969430aab96
      
https://github.com/qemu/qemu/commit/7a06a8fec9df3b6a0f72e7b37dff0969430aab96
  Author: Akihiko Odaki <akihiko.odaki@daynix.com>
  Date:   2023-08-01 (Tue, 01 Aug 2023)

  Changed paths:
    M tests/migration/s390x/Makefile

  Log Message:
  -----------
  tests/migration: Add -fno-stack-protector

A build of GCC 13.2 will have stack protector enabled by default if it
was configured with --enable-default-ssp option. For such a compiler,
it is necessary to explicitly disable stack protector when linking
without standard libraries.

Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20230731091042.139159-2-akihiko.odaki@daynix.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>


  Commit: c11d5bdae79a8edaf00dfcb2e49c064a50c67671
      
https://github.com/qemu/qemu/commit/c11d5bdae79a8edaf00dfcb2e49c064a50c67671
  Author: Keith Packard <keithp@keithp.com>
  Date:   2023-08-01 (Tue, 01 Aug 2023)

  Changed paths:
    M target/nios2/nios2-semi.c

  Log Message:
  -----------
  target/nios2: Pass semihosting arg to exit

Instead of using R_ARG0 (the semihost function number), use R_ARG1
(the provided exit status).

Signed-off-by: Keith Packard <keithp@keithp.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20230801152245.332749-1-keithp@keithp.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>


  Commit: 71e2dd6aa1bdbac19c661638a4ae91816002ac9e
      
https://github.com/qemu/qemu/commit/71e2dd6aa1bdbac19c661638a4ae91816002ac9e
  Author: Keith Packard <keithp@keithp.com>
  Date:   2023-08-01 (Tue, 01 Aug 2023)

  Changed paths:
    M target/nios2/nios2-semi.c

  Log Message:
  -----------
  target/nios2: Fix semihost lseek offset computation

The arguments for deposit64 are (value, start, length, fieldval); this
appears to have thought they were (value, fieldval, start,
length). Reorder the parameters to match the actual function.

Signed-off-by: Keith Packard <keithp@keithp.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Fixes: d1e23cbaa403b2d ("target/nios2: Use semihosting/syscalls.h")
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20230731235245.295513-1-keithp@keithp.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>


  Commit: 8caaae7319a5f7ca449900c0e6bfcaed78fa3ae2
      
https://github.com/qemu/qemu/commit/8caaae7319a5f7ca449900c0e6bfcaed78fa3ae2
  Author: Peter Maydell <peter.maydell@linaro.org>
  Date:   2023-08-01 (Tue, 01 Aug 2023)

  Changed paths:
    M target/m68k/m68k-semi.c

  Log Message:
  -----------
  target/m68k: Fix semihost lseek offset computation

The arguments for deposit64 are (value, start, length, fieldval); this
appears to have thought they were (value, fieldval, start,
length). Reorder the parameters to match the actual function.

Cc: qemu-stable@nongnu.org
Fixes: 950272506d ("target/m68k: Use semihosting/syscalls.h")
Reported-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230801154519.3505531-1-peter.maydell@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>


  Commit: 8abc81150f2de51eabd75ef13117f6f1561a18a5
      
https://github.com/qemu/qemu/commit/8abc81150f2de51eabd75ef13117f6f1561a18a5
  Author: Hyman Huang(黄勇) <yong.huang@smartx.com>
  Date:   2023-08-02 (Wed, 02 Aug 2023)

  Changed paths:
    M qapi/migration.json

  Log Message:
  -----------
  qapi: Reformat the dirty-limit migration doc comments

Reformat the dirty-limit migration doc comments to conform
to current conventions as commit a937b6aa739 (qapi: Reformat
doc comments to conform to current conventions).

Signed-off-by: Hyman Huang(黄勇) <yong.huang@smartx.com>
Message-ID: <169073570563.19893.2928364761104733482-1@git.sr.ht>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Whitespace tidied up]
Signed-off-by: Markus Armbruster <armbru@redhat.com>


  Commit: ef965377325e186ce1f73e5f40d07d77e2cc9410
      
https://github.com/qemu/qemu/commit/ef965377325e186ce1f73e5f40d07d77e2cc9410
  Author: Hyman Huang(黄勇) <yong.huang@smartx.com>
  Date:   2023-08-02 (Wed, 02 Aug 2023)

  Changed paths:
    M qapi/migration.json

  Log Message:
  -----------
  qapi: Craft the dirty-limit capability comment

Signed-off-by: Hyman Huang(黄勇) <yong.huang@smartx.com>
Message-ID: <169073570563.19893.2928364761104733482-2@git.sr.ht>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>


  Commit: 2b3edd95186dc505f21d823119cdd0dfb23b3ee0
      
https://github.com/qemu/qemu/commit/2b3edd95186dc505f21d823119cdd0dfb23b3ee0
  Author: Hyman Huang(黄勇) <yong.huang@smartx.com>
  Date:   2023-08-02 (Wed, 02 Aug 2023)

  Changed paths:
    M MAINTAINERS

  Log Message:
  -----------
  MAINTAINERS: Add section "Migration dirty limit and dirty page rate"

I've built interests in dirty limit and dirty page rate
features and also have been working on projects related
to this subsystem.

Add a section to the MAINTAINERS file for migration
dirty limit and dirty page rate.

Add myself as a maintainer for this subsystem so that I
can help to improve the dirty limit algorithm and review
the patches about dirty page rate.

Signed-off-by: Hyman Huang(黄勇) <yong.huang@smartx.com>
Acked-by: Peter Xu <peterx@redhat.com>
Message-ID: <169073570563.19893.2928364761104733482-3@git.sr.ht>
Acked-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>


  Commit: 081619e677f148ad91897a37f94894959729bbd4
      
https://github.com/qemu/qemu/commit/081619e677f148ad91897a37f94894959729bbd4
  Author: Richard Henderson <richard.henderson@linaro.org>
  Date:   2023-08-02 (Wed, 02 Aug 2023)

  Changed paths:
    M docs/about/deprecated.rst
    M docs/devel/qom.rst
    M docs/system/devices/nvme.rst
    M hw/core/loader.c
    M hw/i386/kvm/xen_evtchn.c
    M include/exec/memory.h
    M target/i386/kvm/xen-emu.c
    M target/m68k/m68k-semi.c
    M target/nios2/nios2-semi.c
    M tests/migration/s390x/Makefile
    M ui/dbus-listener.c
    M ui/vnc-enc-tight.c

  Log Message:
  -----------
  Merge tag 'misc-fixes-20230801' of https://github.com/philmd/qemu into staging

Misc patches queue

xen: Fix issues reported by fuzzer / Coverity
misc: Fix some typos in documentation and comments
ui/dbus: Build fixes for Clang/win32/!opengl
linux-user: Semihosting fixes on m68k/nios2
tests/migration: Disable stack protector when linking without stdlib

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmTJfrQACgkQ4+MsLN6t
# wN4Nqw/+NjoW2jdy9LNAgx7IeH2w+HfvvULpBOTDRRNahuXbGpzl6L57cS92r5a8
# UFJGfxbL2nlxrJbUdAWGONIweCvUb9jnpbT2id1dBp4wp+8aKFvPj1Al34OENNVS
# 1lQT0G6mKx9itcXP9lVSBPhEbWIB9ZMaDG0R872bA6Ec3G7PWny+AOhMvJecieol
# 2Qyv84ioA3N0xkYUB64KBVDmJOG0Tx+LYZfsXUybLKwfvBDLeVkHuHKtb94kh0G9
# MUsM/p9sHvfrC1bO+DQ9P1bzRI9zw2I2f4xMIs4QCMGPbJUrhv7edOc2PSO5XQoG
# izcV9NSL0tl6LbXZvkE7sJw0tDuR6R9sQ9KJWoltJCGRGOWlC5CeSTUfLbH9HkFc
# CXapKWth6cmOboGZNTlidn41oH7xE/kW6Em1XAD0M0eLUCUMzVjaSs1sIwKnbF7i
# sz7HcgAAuAVhmR0n4zOkphJkek72J7atLNpqU0AdYH46LR92zSdh6YoD5YDBPwY8
# hoy7VFauSkF8+5Wi7CTTjtq+edkuFRcuNMCR0Fd2iolE8KKYvxHnwEGH/5T4s2m7
# 8f40AEyQRk0nFn44tqeyb14O8c2lZL3jmDEh+LYT/PPp/rCc/X7Ugplpau+bNZsx
# OOZd0AxujbrK+Xn80Agc+3/vn4/2eAvz7OdGc/SmKuYLyseBQfo=
# =5ZLa
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 01 Aug 2023 02:52:52 PM PDT
# gpg:                using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" 
[full]

* tag 'misc-fixes-20230801' of https://github.com/philmd/qemu:
  target/m68k: Fix semihost lseek offset computation
  target/nios2: Fix semihost lseek offset computation
  target/nios2: Pass semihosting arg to exit
  tests/migration: Add -fno-stack-protector
  misc: Fix some typos in documentation and comments
  ui/dbus: fix clang compilation issue
  ui/dbus: fix win32 compilation when !opengl
  hw/xen: prevent guest from binding loopback event channel to itself
  i386/xen: consistent locking around Xen singleshot timers
  hw/xen: fix off-by-one in xen_evtchn_set_gsi()

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>


  Commit: fb695ae3fdfe34ce7bf2eaa4595d48ca809c8841
      
https://github.com/qemu/qemu/commit/fb695ae3fdfe34ce7bf2eaa4595d48ca809c8841
  Author: Richard Henderson <richard.henderson@linaro.org>
  Date:   2023-08-02 (Wed, 02 Aug 2023)

  Changed paths:
    M MAINTAINERS
    M qapi/migration.json

  Log Message:
  -----------
  Merge tag 'pull-qapi-2023-08-02' of https://repo.or.cz/qemu/armbru into 
staging

QAPI patches patches for 2023-08-02

# -----BEGIN PGP SIGNATURE-----
#
# iQJGBAABCAAwFiEENUvIs9frKmtoZ05fOHC0AOuRhlMFAmTKB9wSHGFybWJydUBy
# ZWRoYXQuY29tAAoJEDhwtADrkYZT5w4P/ReWCzwnNWDHAlInd91gQxmH5AB5VRMK
# jnLLLxzMx3KIk2cjoHG7nvVBpHKaEzhwZoyjQvILnSoHVeHUteHNvfJAS/LG0bYw
# ujpSem7C1LXT/+WPf/j2eIdfZ243Z1/WkJW4ZXWuUyZYea0Uc6M+eXgnw1VfZOPn
# UmTXrJzV35KY2mB4EMdBON2P/0VnqoXH17Ke13JxI10NDgFzzhlltM5J4CBKFqPM
# XcrpeuQdfk3NR1XxDIUIVNcYkbg1EMVrnZs1m8M8hcgnUKAxoPyYFdq2m+bVITmL
# C4uxdqg6UUvtHzwdp/CbeXPBKuuZnR4TcFIW+4uJHoCJxhLjKhACbowz8fCHh8dg
# 5999ZsmgCfK4P4KxcOYQpGG5qLm4G8L+cxx/b5Tu/UlguCwc6/CRs6njpzA0trDy
# 4Qz+F7hSGQqSX5hZT6h94l88fZ+tfrSnXGRxhpwF2pFOzTZsIvE8X43KIXo1jMWf
# M4mwb7TtMmBgF4Q6rfg1GxcYkJ7weFlro7nsWUOxPZXINJO17pDx8OI9bLkBV99x
# UQ1pfGhhTncVGai/eNOtr+REXpW0mse5DAX8UlxiBJyerQhjbqq4cKHrbMvoRE1D
# YJRt7h8t2mKwmdXpGRkVtLEvTKivhJ9x4/ZRmoKzWDlTucNN/gW5rUahbJ68d3Qf
# tsq+a97nbfp4
# =/Xq1
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 02 Aug 2023 12:38:04 AM PDT
# gpg:                using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg:                issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [undefined]
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* tag 'pull-qapi-2023-08-02' of https://repo.or.cz/qemu/armbru:
  MAINTAINERS: Add section "Migration dirty limit and dirty page rate"
  qapi: Craft the dirty-limit capability comment
  qapi: Reformat the dirty-limit migration doc comments

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>


Compare: https://github.com/qemu/qemu/compare/a51c07053878...fb695ae3fdfe



reply via email to

[Prev in Thread] Current Thread [Next in Thread]