From nobody Mon Apr 29 14:17:32 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1528387068067670.3683169452815; Thu, 7 Jun 2018 08:57:48 -0700 (PDT) Received: from localhost ([::1]:58790 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fQxIF-0007qm-RM for importer@patchew.org; Thu, 07 Jun 2018 11:57:43 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:37805) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fQx8A-0007x9-DQ for qemu-devel@nongnu.org; Thu, 07 Jun 2018 11:47:19 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fQx86-0001FX-P1 for qemu-devel@nongnu.org; Thu, 07 Jun 2018 11:47:18 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:34058 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fQx86-0001FK-JQ for qemu-devel@nongnu.org; Thu, 07 Jun 2018 11:47:14 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 222F6401DEA4; Thu, 7 Jun 2018 15:47:14 +0000 (UTC) Received: from t460s.redhat.com (ovpn-117-240.ams2.redhat.com [10.36.117.240]) by smtp.corp.redhat.com (Postfix) with ESMTP id DD06810EE6C8; Thu, 7 Jun 2018 15:47:12 +0000 (UTC) From: David Hildenbrand To: qemu-devel@nongnu.org Date: Thu, 7 Jun 2018 17:47:04 +0200 Message-Id: <20180607154705.6316-2-david@redhat.com> In-Reply-To: <20180607154705.6316-1-david@redhat.com> References: <20180607154705.6316-1-david@redhat.com> X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.6]); Thu, 07 Jun 2018 15:47:14 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.6]); Thu, 07 Jun 2018 15:47:14 +0000 (UTC) for IP:'10.11.54.3' DOMAIN:'int-mx03.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'david@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v1 1/2] memory-device: turn alignment assert into check X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Crosthwaite , david@redhat.com, "Michael S . Tsirkin" , Igor Mammedov , Paolo Bonzini , Richard Henderson Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" The start of the address space indicates which maximum alignment is supported by our machine (e.g. ppc, x86 1GB). This is helpful to catch fragmenting guest physical memory in strange fashions. Right now we can crash QEMU by e.g. (there might be easier examples) qemu-system-x86_64 -m 256M,maxmem=3D20G,slots=3D2 \ -object memory-backend-file,id=3Dmem0,size=3D8192M,mem-path=3D/dev/zero,al= ign=3D8192M \ -device pc-dimm,id=3Ddimm1,memdev=3Dmem0 Signed-off-by: David Hildenbrand Reviewed-by: Igor Mammedov Reviewed-by: Michael S. Tsirkin --- hw/mem/memory-device.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/hw/mem/memory-device.c b/hw/mem/memory-device.c index 3e04f3954e..6de4f70bb4 100644 --- a/hw/mem/memory-device.c +++ b/hw/mem/memory-device.c @@ -116,9 +116,15 @@ uint64_t memory_device_get_free_addr(MachineState *ms,= const uint64_t *hint, address_space_start =3D ms->device_memory->base; address_space_end =3D address_space_start + memory_region_size(&ms->device_memory->mr); - g_assert(QEMU_ALIGN_UP(address_space_start, align) =3D=3D address_spac= e_start); g_assert(address_space_end >=3D address_space_start); =20 + /* address_space_start indicates the maximum alignment we expect */ + if (QEMU_ALIGN_UP(address_space_start, align) !=3D address_space_start= ) { + error_setg(errp, "the alignment (0%" PRIx64 ") is not supported", + align); + return 0; + } + memory_device_check_addable(ms, size, errp); if (*errp) { return 0; --=20 2.17.0 From nobody Mon Apr 29 14:17:32 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 152838690459265.23403496538879; Thu, 7 Jun 2018 08:55:04 -0700 (PDT) Received: from localhost ([::1]:58771 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fQxFc-0004u8-3X for importer@patchew.org; Thu, 07 Jun 2018 11:55:00 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:37806) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fQx8A-0007xA-Dh for qemu-devel@nongnu.org; Thu, 07 Jun 2018 11:47:19 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fQx88-0001GR-8A for qemu-devel@nongnu.org; Thu, 07 Jun 2018 11:47:18 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:49310 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fQx88-0001GG-3H for qemu-devel@nongnu.org; Thu, 07 Jun 2018 11:47:16 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 96BBBC12A1; Thu, 7 Jun 2018 15:47:15 +0000 (UTC) Received: from t460s.redhat.com (ovpn-117-240.ams2.redhat.com [10.36.117.240]) by smtp.corp.redhat.com (Postfix) with ESMTP id 5C6D610EE6C8; Thu, 7 Jun 2018 15:47:14 +0000 (UTC) From: David Hildenbrand To: qemu-devel@nongnu.org Date: Thu, 7 Jun 2018 17:47:05 +0200 Message-Id: <20180607154705.6316-3-david@redhat.com> In-Reply-To: <20180607154705.6316-1-david@redhat.com> References: <20180607154705.6316-1-david@redhat.com> X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.1]); Thu, 07 Jun 2018 15:47:15 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.1]); Thu, 07 Jun 2018 15:47:15 +0000 (UTC) for IP:'10.11.54.3' DOMAIN:'int-mx03.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'david@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v1 2/2] exec: check that alignment is a power of two X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Crosthwaite , david@redhat.com, "Michael S . Tsirkin" , Igor Mammedov , Paolo Bonzini , Richard Henderson Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Right now we can crash QEMU using e.g. qemu-system-x86_64 -m 256M,maxmem=3D20G,slots=3D2 \ -object memory-backend-file,id=3Dmem0,size=3D12288,mem-path=3D/dev/zero,al= ign=3D12288 \ -device pc-dimm,id=3Ddimm1,memdev=3Dmem0 qemu-system-x86_64: util/mmap-alloc.c:115: qemu_ram_mmap: Assertion `is_power_of_2(align)' failed Fix this by adding a proper check. Signed-off-by: David Hildenbrand Reviewed-by: Igor Mammedov Reviewed-by: Michael S. Tsirkin --- exec.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/exec.c b/exec.c index f6645ede0c..f54c83ac61 100644 --- a/exec.c +++ b/exec.c @@ -1681,6 +1681,10 @@ static void *file_ram_alloc(RAMBlock *block, " must be multiples of page size 0x%zx", block->mr->align, block->page_size); return NULL; + } else if (block->mr->align && !is_power_of_2(block->mr->align)) { + error_setg(errp, "alignment 0x%" PRIx64 + " must be a power of two", block->mr->align); + return NULL; } block->mr->align =3D MAX(block->page_size, block->mr->align); #if defined(__s390x__) --=20 2.17.0