From nobody Thu Nov 6 21:13:46 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1543848391611143.30734962327654; Mon, 3 Dec 2018 06:46:31 -0800 (PST) Received: from localhost ([::1]:49870 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gTpUU-00074d-FL for importer@patchew.org; Mon, 03 Dec 2018 09:46:30 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:33746) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gTpNt-00021X-IL for qemu-devel@nongnu.org; Mon, 03 Dec 2018 09:39:46 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gTpNp-0000fl-Vf for qemu-devel@nongnu.org; Mon, 03 Dec 2018 09:39:41 -0500 Received: from mga02.intel.com ([134.134.136.20]:32844) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gTpNp-0000ex-L3 for qemu-devel@nongnu.org; Mon, 03 Dec 2018 09:39:37 -0500 Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 03 Dec 2018 06:39:37 -0800 Received: from gying1-mobl.ccr.corp.intel.com (HELO haswell-OptiPlex-9020.ccr.corp.intel.com) ([10.255.31.82]) by fmsmga005.fm.intel.com with ESMTP; 03 Dec 2018 06:39:35 -0800 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,310,1539673200"; d="scan'208";a="300566994" From: Li Zhijian To: qemu-devel@nongnu.org, mst@redhat.com, peter.maydell@linaro.org Date: Mon, 3 Dec 2018 22:48:49 +0800 Message-Id: <1543848532-12604-2-git-send-email-lizhijian@cn.fujitsu.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1543848532-12604-1-git-send-email-lizhijian@cn.fujitsu.com> References: <1543848532-12604-1-git-send-email-lizhijian@cn.fujitsu.com> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 134.134.136.20 Subject: [Qemu-devel] [PATCH for-4.0 v3 1/4] unify len and addr type for memory/address APIs X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Li Zhijian , Peter Crosthwaite , philip.li@intel.com, zhijianx.li@intel.com, Paolo Bonzini , Richard Henderson Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Some address/memory APIs have different type between 'hwaddr/target_ulong addr' and 'int len'. It is very unsafety, espcially some APIs will be passed a non-int len by caller which might cause overflow quietly. Below is an potential overflow case: dma_memory_read(uint32_t len) -> dma_memory_rw(uint32_t len) -> dma_memory_rw_relaxed(uint32_t len) -> address_space_rw(int len) # len overflow CC: Paolo Bonzini CC: Peter Crosthwaite CC: Richard Henderson CC: Peter Maydell Signed-off-by: Li Zhijian Reviewed-by: Peter Maydell Reviewed-by: Richard Henderson --- V3: use the same type between len and addr(Peter Maydell) rebase code basing on https://patchew.org/QEMU/20181122133507.30950-1-p= eter.maydell@linaro.org/ --- exec.c | 47 +++++++++++++++++++++++--------------------= ---- include/exec/cpu-all.h | 2 +- include/exec/cpu-common.h | 8 ++++---- include/exec/memory.h | 22 +++++++++++----------- 4 files changed, 39 insertions(+), 40 deletions(-) diff --git a/exec.c b/exec.c index 6e875f0..f475974 100644 --- a/exec.c +++ b/exec.c @@ -2848,10 +2848,10 @@ static const MemoryRegionOps watch_mem_ops =3D { }; =20 static MemTxResult flatview_read(FlatView *fv, hwaddr addr, - MemTxAttrs attrs, uint8_t *buf, int = len); + MemTxAttrs attrs, uint8_t *buf, hwad= dr len); static MemTxResult flatview_write(FlatView *fv, hwaddr addr, MemTxAttrs at= trs, - const uint8_t *buf, int len); -static bool flatview_access_valid(FlatView *fv, hwaddr addr, int len, + const uint8_t *buf, hwaddr len); +static bool flatview_access_valid(FlatView *fv, hwaddr addr, hwaddr len, bool is_write, MemTxAttrs attrs); =20 static MemTxResult subpage_read(void *opaque, hwaddr addr, uint64_t *data, @@ -3099,10 +3099,10 @@ MemoryRegion *get_system_io(void) /* physical memory access (slow version, mainly for debug) */ #if defined(CONFIG_USER_ONLY) int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr, - uint8_t *buf, int len, int is_write) + uint8_t *buf, target_ulong len, int is_write) { - int l, flags; - target_ulong page; + int flags; + target_ulong l, page; void * p; =20 while (len > 0) { @@ -3215,7 +3215,7 @@ static bool prepare_mmio_access(MemoryRegion *mr) static MemTxResult flatview_write_continue(FlatView *fv, hwaddr addr, MemTxAttrs attrs, const uint8_t *buf, - int len, hwaddr addr1, + hwaddr len, hwaddr addr1, hwaddr l, MemoryRegion *mr) { uint8_t *ptr; @@ -3260,7 +3260,7 @@ static MemTxResult flatview_write_continue(FlatView *= fv, hwaddr addr, =20 /* Called from RCU critical section. */ static MemTxResult flatview_write(FlatView *fv, hwaddr addr, MemTxAttrs at= trs, - const uint8_t *buf, int len) + const uint8_t *buf, hwaddr len) { hwaddr l; hwaddr addr1; @@ -3278,7 +3278,7 @@ static MemTxResult flatview_write(FlatView *fv, hwadd= r addr, MemTxAttrs attrs, /* Called within RCU critical section. */ MemTxResult flatview_read_continue(FlatView *fv, hwaddr addr, MemTxAttrs attrs, uint8_t *buf, - int len, hwaddr addr1, hwaddr l, + hwaddr len, hwaddr addr1, hwaddr l, MemoryRegion *mr) { uint8_t *ptr; @@ -3321,7 +3321,7 @@ MemTxResult flatview_read_continue(FlatView *fv, hwad= dr addr, =20 /* Called from RCU critical section. */ static MemTxResult flatview_read(FlatView *fv, hwaddr addr, - MemTxAttrs attrs, uint8_t *buf, int len) + MemTxAttrs attrs, uint8_t *buf, hwaddr le= n) { hwaddr l; hwaddr addr1; @@ -3334,7 +3334,7 @@ static MemTxResult flatview_read(FlatView *fv, hwaddr= addr, } =20 MemTxResult address_space_read_full(AddressSpace *as, hwaddr addr, - MemTxAttrs attrs, uint8_t *buf, int le= n) + MemTxAttrs attrs, uint8_t *buf, hwaddr= len) { MemTxResult result =3D MEMTX_OK; FlatView *fv; @@ -3351,7 +3351,7 @@ MemTxResult address_space_read_full(AddressSpace *as,= hwaddr addr, =20 MemTxResult address_space_write(AddressSpace *as, hwaddr addr, MemTxAttrs attrs, - const uint8_t *buf, int len) + const uint8_t *buf, hwaddr len) { MemTxResult result =3D MEMTX_OK; FlatView *fv; @@ -3367,7 +3367,7 @@ MemTxResult address_space_write(AddressSpace *as, hwa= ddr addr, } =20 MemTxResult address_space_rw(AddressSpace *as, hwaddr addr, MemTxAttrs att= rs, - uint8_t *buf, int len, bool is_write) + uint8_t *buf, hwaddr len, bool is_write) { if (is_write) { return address_space_write(as, addr, attrs, buf, len); @@ -3377,7 +3377,7 @@ MemTxResult address_space_rw(AddressSpace *as, hwaddr= addr, MemTxAttrs attrs, } =20 void cpu_physical_memory_rw(hwaddr addr, uint8_t *buf, - int len, int is_write) + hwaddr len, int is_write) { address_space_rw(&address_space_memory, addr, MEMTXATTRS_UNSPECIFIED, buf, len, is_write); @@ -3392,7 +3392,7 @@ static inline MemTxResult address_space_write_rom_int= ernal(AddressSpace *as, hwaddr addr, MemTxAttrs attr= s, const uint8_t *= buf, - int len, + hwaddr len, enum write_rom_= type type) { hwaddr l; @@ -3432,13 +3432,13 @@ static inline MemTxResult address_space_write_rom_i= nternal(AddressSpace *as, /* used for ROM loading : can write in RAM and ROM */ MemTxResult address_space_write_rom(AddressSpace *as, hwaddr addr, MemTxAttrs attrs, - const uint8_t *buf, int len) + const uint8_t *buf, hwaddr len) { return address_space_write_rom_internal(as, addr, attrs, buf, len, WRITE_DATA); } =20 -void cpu_flush_icache_range(hwaddr start, int len) +void cpu_flush_icache_range(hwaddr start, hwaddr len) { /* * This function should do the same thing as an icache flush that was @@ -3541,7 +3541,7 @@ static void cpu_notify_map_clients(void) qemu_mutex_unlock(&map_client_list_lock); } =20 -static bool flatview_access_valid(FlatView *fv, hwaddr addr, int len, +static bool flatview_access_valid(FlatView *fv, hwaddr addr, hwaddr len, bool is_write, MemTxAttrs attrs) { MemoryRegion *mr; @@ -3564,7 +3564,7 @@ static bool flatview_access_valid(FlatView *fv, hwadd= r addr, int len, } =20 bool address_space_access_valid(AddressSpace *as, hwaddr addr, - int len, bool is_write, + hwaddr len, bool is_write, MemTxAttrs attrs) { FlatView *fv; @@ -3817,7 +3817,7 @@ static inline MemoryRegion *address_space_translate_c= ached( */ void address_space_read_cached_slow(MemoryRegionCache *cache, hwaddr addr, - void *buf, int len) + void *buf, hwaddr len) { hwaddr addr1, l; MemoryRegion *mr; @@ -3835,7 +3835,7 @@ address_space_read_cached_slow(MemoryRegionCache *cac= he, hwaddr addr, */ void address_space_write_cached_slow(MemoryRegionCache *cache, hwaddr addr, - const void *buf, int len) + const void *buf, hwaddr len) { hwaddr addr1, l; MemoryRegion *mr; @@ -3858,11 +3858,10 @@ address_space_write_cached_slow(MemoryRegionCache *= cache, hwaddr addr, =20 /* virtual memory access for debug (includes writing to ROM) */ int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr, - uint8_t *buf, int len, int is_write) + uint8_t *buf, target_ulong len, int is_write) { - int l; hwaddr phys_addr; - target_ulong page; + target_ulong l, page; =20 cpu_synchronize_state(cpu); while (len > 0) { diff --git a/include/exec/cpu-all.h b/include/exec/cpu-all.h index 117d2fb..b16c9ec 100644 --- a/include/exec/cpu-all.h +++ b/include/exec/cpu-all.h @@ -367,7 +367,7 @@ void dump_opcount_info(FILE *f, fprintf_function cpu_fp= rintf); #endif /* !CONFIG_USER_ONLY */ =20 int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr, - uint8_t *buf, int len, int is_write); + uint8_t *buf, target_ulong len, int is_write); =20 int cpu_exec(CPUState *cpu); =20 diff --git a/include/exec/cpu-common.h b/include/exec/cpu-common.h index 2ad2d6d..63ec1f9 100644 --- a/include/exec/cpu-common.h +++ b/include/exec/cpu-common.h @@ -83,14 +83,14 @@ size_t qemu_ram_pagesize(RAMBlock *block); size_t qemu_ram_pagesize_largest(void); =20 void cpu_physical_memory_rw(hwaddr addr, uint8_t *buf, - int len, int is_write); + hwaddr len, int is_write); static inline void cpu_physical_memory_read(hwaddr addr, - void *buf, int len) + void *buf, hwaddr len) { cpu_physical_memory_rw(addr, buf, len, 0); } static inline void cpu_physical_memory_write(hwaddr addr, - const void *buf, int len) + const void *buf, hwaddr len) { cpu_physical_memory_rw(addr, (void *)buf, len, 1); } @@ -111,7 +111,7 @@ bool cpu_physical_memory_is_io(hwaddr phys_addr); */ void qemu_flush_coalesced_mmio_buffer(void); =20 -void cpu_flush_icache_range(hwaddr start, int len); +void cpu_flush_icache_range(hwaddr start, hwaddr len); =20 extern struct MemoryRegion io_mem_rom; extern struct MemoryRegion io_mem_notdirty; diff --git a/include/exec/memory.h b/include/exec/memory.h index ffd23ed..6235f77 100644 --- a/include/exec/memory.h +++ b/include/exec/memory.h @@ -1773,7 +1773,7 @@ void address_space_destroy(AddressSpace *as); */ MemTxResult address_space_rw(AddressSpace *as, hwaddr addr, MemTxAttrs attrs, uint8_t *buf, - int len, bool is_write); + hwaddr len, bool is_write); =20 /** * address_space_write: write to address space. @@ -1790,7 +1790,7 @@ MemTxResult address_space_rw(AddressSpace *as, hwaddr= addr, */ MemTxResult address_space_write(AddressSpace *as, hwaddr addr, MemTxAttrs attrs, - const uint8_t *buf, int len); + const uint8_t *buf, hwaddr len); =20 /** * address_space_write_rom: write to address space, including ROM. @@ -1816,7 +1816,7 @@ MemTxResult address_space_write(AddressSpace *as, hwa= ddr addr, */ MemTxResult address_space_write_rom(AddressSpace *as, hwaddr addr, MemTxAttrs attrs, - const uint8_t *buf, int len); + const uint8_t *buf, hwaddr len); =20 /* address_space_ld*: load from an address space * address_space_st*: store to an address space @@ -2017,7 +2017,7 @@ static inline MemoryRegion *address_space_translate(A= ddressSpace *as, * @is_write: indicates the transfer direction * @attrs: memory attributes */ -bool address_space_access_valid(AddressSpace *as, hwaddr addr, int len, +bool address_space_access_valid(AddressSpace *as, hwaddr addr, hwaddr len, bool is_write, MemTxAttrs attrs); =20 /* address_space_map: map a physical memory region into a host virtual add= ress @@ -2054,19 +2054,19 @@ void address_space_unmap(AddressSpace *as, void *bu= ffer, hwaddr len, =20 /* Internal functions, part of the implementation of address_space_read. = */ MemTxResult address_space_read_full(AddressSpace *as, hwaddr addr, - MemTxAttrs attrs, uint8_t *buf, int le= n); + MemTxAttrs attrs, uint8_t *buf, hwaddr= len); MemTxResult flatview_read_continue(FlatView *fv, hwaddr addr, MemTxAttrs attrs, uint8_t *buf, - int len, hwaddr addr1, hwaddr l, + hwaddr len, hwaddr addr1, hwaddr l, MemoryRegion *mr); void *qemu_map_ram_ptr(RAMBlock *ram_block, ram_addr_t addr); =20 /* Internal functions, part of the implementation of address_space_read_ca= ched * and address_space_write_cached. */ void address_space_read_cached_slow(MemoryRegionCache *cache, - hwaddr addr, void *buf, int len); + hwaddr addr, void *buf, hwaddr len); void address_space_write_cached_slow(MemoryRegionCache *cache, - hwaddr addr, const void *buf, int len= ); + hwaddr addr, const void *buf, hwaddr = len); =20 static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write) { @@ -2094,7 +2094,7 @@ static inline bool memory_access_is_direct(MemoryRegi= on *mr, bool is_write) static inline __attribute__((__always_inline__)) MemTxResult address_space_read(AddressSpace *as, hwaddr addr, MemTxAttrs attrs, uint8_t *buf, - int len) + hwaddr len) { MemTxResult result =3D MEMTX_OK; hwaddr l, addr1; @@ -2133,7 +2133,7 @@ MemTxResult address_space_read(AddressSpace *as, hwad= dr addr, */ static inline void address_space_read_cached(MemoryRegionCache *cache, hwaddr addr, - void *buf, int len) + void *buf, hwaddr len) { assert(addr < cache->len && len <=3D cache->len - addr); if (likely(cache->ptr)) { @@ -2153,7 +2153,7 @@ address_space_read_cached(MemoryRegionCache *cache, h= waddr addr, */ static inline void address_space_write_cached(MemoryRegionCache *cache, hwaddr addr, - void *buf, int len) + void *buf, hwaddr len) { assert(addr < cache->len && len <=3D cache->len - addr); if (likely(cache->ptr)) { --=20 2.7.4 From nobody Thu Nov 6 21:13:46 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1543848279501712.6349600196147; Mon, 3 Dec 2018 06:44:39 -0800 (PST) Received: from localhost ([::1]:49851 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gTpSg-0005hn-BI for importer@patchew.org; Mon, 03 Dec 2018 09:44:38 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:33747) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gTpNt-00021Z-Ii for qemu-devel@nongnu.org; Mon, 03 Dec 2018 09:39:46 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gTpNr-0000gj-SO for qemu-devel@nongnu.org; Mon, 03 Dec 2018 09:39:41 -0500 Received: from mga02.intel.com ([134.134.136.20]:32862) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gTpNr-0000gE-KX for qemu-devel@nongnu.org; Mon, 03 Dec 2018 09:39:39 -0500 Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 03 Dec 2018 06:39:38 -0800 Received: from gying1-mobl.ccr.corp.intel.com (HELO haswell-OptiPlex-9020.ccr.corp.intel.com) ([10.255.31.82]) by fmsmga005.fm.intel.com with ESMTP; 03 Dec 2018 06:39:37 -0800 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,310,1539673200"; d="scan'208";a="300567003" From: Li Zhijian To: qemu-devel@nongnu.org, mst@redhat.com, peter.maydell@linaro.org Date: Mon, 3 Dec 2018 22:48:50 +0800 Message-Id: <1543848532-12604-3-git-send-email-lizhijian@cn.fujitsu.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1543848532-12604-1-git-send-email-lizhijian@cn.fujitsu.com> References: <1543848532-12604-1-git-send-email-lizhijian@cn.fujitsu.com> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 134.134.136.20 Subject: [Qemu-devel] [PATCH for-4.0 v3 2/4] refactor load_image_size X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: philip.li@intel.com, zhijianx.li@intel.com, Li Zhijian Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Don't expect read(2) can always read as many as it's told. Signed-off-by: Li Zhijian Reviewed-by: Richard Henderson --- hw/core/loader.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/hw/core/loader.c b/hw/core/loader.c index fa41842..9cbceab 100644 --- a/hw/core/loader.c +++ b/hw/core/loader.c @@ -77,21 +77,20 @@ int64_t get_image_size(const char *filename) ssize_t load_image_size(const char *filename, void *addr, size_t size) { int fd; - ssize_t actsize; + ssize_t actsize, l =3D 0; =20 fd =3D open(filename, O_RDONLY | O_BINARY); if (fd < 0) { return -1; } =20 - actsize =3D read(fd, addr, size); - if (actsize < 0) { - close(fd); - return -1; + while ((actsize =3D read(fd, addr + l, size - l)) > 0) { + l +=3D actsize; } + close(fd); =20 - return actsize; + return actsize < 0 ? -1 : l; } =20 /* read()-like version */ --=20 2.7.4 From nobody Thu Nov 6 21:13:46 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1543848087592878.9908100264252; Mon, 3 Dec 2018 06:41:27 -0800 (PST) Received: from localhost ([::1]:49834 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gTpPa-00034O-CF for importer@patchew.org; Mon, 03 Dec 2018 09:41:26 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:33748) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gTpNt-00021a-Ib for qemu-devel@nongnu.org; Mon, 03 Dec 2018 09:39:46 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gTpNs-0000h0-LO for qemu-devel@nongnu.org; Mon, 03 Dec 2018 09:39:41 -0500 Received: from mga02.intel.com ([134.134.136.20]:32862) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gTpNs-0000gE-DE for qemu-devel@nongnu.org; Mon, 03 Dec 2018 09:39:40 -0500 Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 03 Dec 2018 06:39:40 -0800 Received: from gying1-mobl.ccr.corp.intel.com (HELO haswell-OptiPlex-9020.ccr.corp.intel.com) ([10.255.31.82]) by fmsmga005.fm.intel.com with ESMTP; 03 Dec 2018 06:39:38 -0800 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,310,1539673200"; d="scan'208";a="300567021" From: Li Zhijian To: qemu-devel@nongnu.org, mst@redhat.com, peter.maydell@linaro.org Date: Mon, 3 Dec 2018 22:48:51 +0800 Message-Id: <1543848532-12604-4-git-send-email-lizhijian@cn.fujitsu.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1543848532-12604-1-git-send-email-lizhijian@cn.fujitsu.com> References: <1543848532-12604-1-git-send-email-lizhijian@cn.fujitsu.com> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 134.134.136.20 Subject: [Qemu-devel] [PATCH for-4.0 v3 3/4] i386: import bootparam.h X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: philip.li@intel.com, zhijianx.li@intel.com, Li Zhijian Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" It provides setup_data struct and header fields CC: Michael S. Tsirkin Signed-off-by: Li Zhijian --- V3: new patch --- hw/i386/pc.c | 15 +-------------- 1 file changed, 1 insertion(+), 14 deletions(-) diff --git a/hw/i386/pc.c b/hw/i386/pc.c index 067d23a..8db7417 100644 --- a/hw/i386/pc.c +++ b/hw/i386/pc.c @@ -74,6 +74,7 @@ #include "hw/nmi.h" #include "hw/i386/intel_iommu.h" #include "hw/net/ne2000-isa.h" +#include =20 /* debug PC/ISA interrupts */ //#define DEBUG_IRQ @@ -820,20 +821,6 @@ static long get_file_size(FILE *f) return size; } =20 -/* setup_data types */ -#define SETUP_NONE 0 -#define SETUP_E820_EXT 1 -#define SETUP_DTB 2 -#define SETUP_PCI 3 -#define SETUP_EFI 4 - -struct setup_data { - uint64_t next; - uint32_t type; - uint32_t len; - uint8_t data[0]; -} __attribute__((packed)); - static void load_linux(PCMachineState *pcms, FWCfgState *fw_cfg) { --=20 2.7.4 From nobody Thu Nov 6 21:13:46 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1543848115399116.50922082954628; Mon, 3 Dec 2018 06:41:55 -0800 (PST) Received: from localhost ([::1]:49837 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gTpQ2-0003NY-87 for importer@patchew.org; Mon, 03 Dec 2018 09:41:54 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:33798) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gTpNv-00023M-Ex for qemu-devel@nongnu.org; Mon, 03 Dec 2018 09:39:46 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gTpNu-0000iN-MP for qemu-devel@nongnu.org; Mon, 03 Dec 2018 09:39:43 -0500 Received: from mga02.intel.com ([134.134.136.20]:32862) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gTpNu-0000gE-B2 for qemu-devel@nongnu.org; Mon, 03 Dec 2018 09:39:42 -0500 Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 03 Dec 2018 06:39:41 -0800 Received: from gying1-mobl.ccr.corp.intel.com (HELO haswell-OptiPlex-9020.ccr.corp.intel.com) ([10.255.31.82]) by fmsmga005.fm.intel.com with ESMTP; 03 Dec 2018 06:39:40 -0800 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,310,1539673200"; d="scan'208";a="300567049" From: Li Zhijian To: qemu-devel@nongnu.org, mst@redhat.com, peter.maydell@linaro.org Date: Mon, 3 Dec 2018 22:48:52 +0800 Message-Id: <1543848532-12604-5-git-send-email-lizhijian@cn.fujitsu.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1543848532-12604-1-git-send-email-lizhijian@cn.fujitsu.com> References: <1543848532-12604-1-git-send-email-lizhijian@cn.fujitsu.com> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 134.134.136.20 Subject: [Qemu-devel] [PATCH for-4.0 v3 4/4] i386: allow to load initrd below 4G for recent linux X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Eduardo Habkost , Li Zhijian , philip.li@intel.com, zhijianx.li@intel.com, Paolo Bonzini , Richard Henderson Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" a new field xloadflags was added to recent x86 linux, and BIT 1: XLF_CAN_BE_LOADED_ABOVE_4G is used to tell bootload that where initrd can be loaded safely. Current QEMU/BIOS always loads initrd below below_4g_mem_size which is alwa= ys less than 4G, so here limiting initrd_max to 4G - 1 simply is enough if this bit is set. CC: Paolo Bonzini CC: Richard Henderson CC: Eduardo Habkost CC: "Michael S. Tsirkin" CC: Marcel Apfelbaum Signed-off-by: Li Zhijian --- V3: correct grammar and check XLF_CAN_BE_LOADED_ABOVE_4G first (Michael S. = Tsirkin) Signed-off-by: Li Zhijian --- hw/i386/pc.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/hw/i386/pc.c b/hw/i386/pc.c index 8db7417..ebaa65f 100644 --- a/hw/i386/pc.c +++ b/hw/i386/pc.c @@ -897,7 +897,15 @@ static void load_linux(PCMachineState *pcms, #endif =20 /* highest address for loading the initrd */ - if (protocol >=3D 0x203) { + if (protocol >=3D 0x20c && + lduw_p(header+0x236) & XLF_CAN_BE_LOADED_ABOVE_4G) { + /* + * Although kernel allows initrd loading to above 4G, + * it just makes it as large as possible while still staying below= 4G + * since current BIOS always loads initrd below pcms->below_4g_mem= _size + */ + initrd_max =3D UINT32_MAX; + } else if (protocol >=3D 0x203) { initrd_max =3D ldl_p(header+0x22c); } else { initrd_max =3D 0x37ffffff; --=20 2.7.4