From nobody Mon Feb 9 17:24:32 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1499956985196267.00712060845524; Thu, 13 Jul 2017 07:43:05 -0700 (PDT) Received: from localhost ([::1]:60443 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dVfKX-0000jY-Vq for importer@patchew.org; Thu, 13 Jul 2017 10:43:02 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51218) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dVf3Q-0000zL-1I for qemu-devel@nongnu.org; Thu, 13 Jul 2017 10:25:20 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dVf3L-0002Na-03 for qemu-devel@nongnu.org; Thu, 13 Jul 2017 10:25:20 -0400 Received: from mail-wr0-x244.google.com ([2a00:1450:400c:c0c::244]:34406) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1dVf3K-0002ME-Pf for qemu-devel@nongnu.org; Thu, 13 Jul 2017 10:25:14 -0400 Received: by mail-wr0-x244.google.com with SMTP id k67so9397810wrc.1 for ; Thu, 13 Jul 2017 07:25:14 -0700 (PDT) Received: from 640k.lan (94-39-191-51.adsl-ull.clienti.tiscali.it. [94.39.191.51]) by smtp.gmail.com with ESMTPSA id k75sm6042448wmh.10.2017.07.13.07.25.11 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 13 Jul 2017 07:25:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references; bh=MmTddcXYR/V4jzJscxyGpU8U8Ct6y90UQ5zqG4yfTWc=; b=Rs88ylohZMAs9ZhnXNy/RmnD3zHw5lo6pPU3ngPiA5QhI2cBKM6hSWjH6N2LlfWgSS HdKEcjhjVIB5vkXMQJyPSfWs5W7Vpyj/mKL2CboTuU0VmnHB1ehHDSVJqxMEV2GoiPET JJSvOOlZtF+3l6xdQ9UK5ejSKuGDe71Ton3QgIcmQl0xNL1vxZWI3rCTCIz/ug+hENhl p0StaUQDxBMmzwHH7ez6G9fCTvnEVAyGmQZllzpWrm5Yra6QvjFE2fSV6UPOj3h2teQ+ 2UQFFY5sPPewuIJYdngThljHErlcRB+X8I7fFFFhuoNKR3p015m0N9wf3aJLqFKvwbT0 /aCQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references; bh=MmTddcXYR/V4jzJscxyGpU8U8Ct6y90UQ5zqG4yfTWc=; b=eUCLTaHIa6qyhorCfyHiy1ZLZNugTvcd7GFQoXSm6t2Wlj65KXqoendw3QR+VEdFYw UorK2MB2mYEuDayBqMzZglXxqcrUrUUzMKwjfi/yEyZE2K8U9qeuflqB6a5u6/Rt5Lvw 9+fU+BPB3aJCIkA5f+gd7VFnndvvDATxchlS/X6QfBaDwlgwOkEcX8UGF67JXnN+Sp3n tZlD1jaeSoIVxRlUI85OT1fkeMQMPUkVR0uEtAmWwcx1bbGEvzFFaC4lObzKiV/xjGX4 X38ns4518m9PhmjZYHrAMX9YEQPxUjl9cQ0MXhW5L8WsMuJINl8/S812YXgObi/nZefa qVOg== X-Gm-Message-State: AIVw110Ok2Ov02vC6GbYt1/8oy799w+MOn8NYUDsUqT8Vo0OvyB1ucUJ OLvL8CciyFWDCnKS91M= X-Received: by 10.223.169.51 with SMTP id u48mr1725693wrc.176.1499955913651; Thu, 13 Jul 2017 07:25:13 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Date: Thu, 13 Jul 2017 16:24:14 +0200 Message-Id: <1499955874-10954-22-git-send-email-pbonzini@redhat.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1499955874-10954-1-git-send-email-pbonzini@redhat.com> References: <1499955874-10954-1-git-send-email-pbonzini@redhat.com> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:400c:c0c::244 Subject: [Qemu-devel] [PULL 21/41] exec: use qemu_ram_ptr_length to access guest ram X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Prasad J Pandit Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" From: Prasad J Pandit When accessing guest's ram block during DMA operation, use 'qemu_ram_ptr_length' to get ram block pointer. It ensures that DMA operation of given length is possible; And avoids any OOB memory access situations. Reported-by: Alex Signed-off-by: Prasad J Pandit Message-Id: <20170712123840.29328-1-ppandit@redhat.com> Signed-off-by: Paolo Bonzini --- exec.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/exec.c b/exec.c index a083ff8..ad103ce 100644 --- a/exec.c +++ b/exec.c @@ -2929,7 +2929,7 @@ static MemTxResult address_space_write_continue(Addre= ssSpace *as, hwaddr addr, } } else { /* RAM case */ - ptr =3D qemu_map_ram_ptr(mr->ram_block, addr1); + ptr =3D qemu_ram_ptr_length(mr->ram_block, addr1, &l); memcpy(ptr, buf, l); invalidate_and_set_dirty(mr, addr1, l); } @@ -3020,7 +3020,7 @@ MemTxResult address_space_read_continue(AddressSpace = *as, hwaddr addr, } } else { /* RAM case */ - ptr =3D qemu_map_ram_ptr(mr->ram_block, addr1); + ptr =3D qemu_ram_ptr_length(mr->ram_block, addr1, &l); memcpy(buf, ptr, l); } =20 --=20 1.8.3.1