From nobody Thu May 16 17:55:58 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1586883081; cv=none; d=zohomail.com; s=zohoarc; b=eLUACzPWrI0AJUdqRYHS5DNYyTkWjEnt14WIOdWj2LbgKiZ2WXmHZmZuty7BT0JMds9t86MIkVn5R7yMfcNC+Kwi4VbtFo+0tMMOOaH8iRr+uD+5BjxoljsfNVrsKkg+EpyvcHxXpo/Hs0SA/fTpQHh7eNcjtpNZkBU+VE3aL3o= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1586883081; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=42lVAfyseGz1VGufIzij+GuSVkOjvcpSK4kWq6V6gmk=; b=Kof+A4m87JO8CJiA2JOWBbZeK6oeHDd3XF7aUzK2k+N6tiEqDRmaoyQtWbmYnv+0OhkO+YQ7OnXNJpzpJIUOUzFCC8WsoOmVfxKcSktGfuOGREn87+KEF7r6G+i4qgIhpILTewR5vYSetVWTgldK2SIDJps4/JoY3UDD7lNTDiw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 158688308157747.08295081731774; Tue, 14 Apr 2020 09:51:21 -0700 (PDT) Received: from localhost ([::1]:34942 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOOmO-0006PA-6o for importer@patchew.org; Tue, 14 Apr 2020 12:51:20 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:57590) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOOdZ-0000wF-N1 for qemu-devel@nongnu.org; Tue, 14 Apr 2020 12:42:14 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jOOdY-0006Mo-A0 for qemu-devel@nongnu.org; Tue, 14 Apr 2020 12:42:13 -0400 Received: from us-smtp-1.mimecast.com ([207.211.31.81]:23900 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1jOLec-0008CQ-Im for qemu-devel@nongnu.org; Tue, 14 Apr 2020 09:31:06 -0400 Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com [209.85.221.72]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-333-8hi55XSEM5WwVFPGRdm9Nw-1; Tue, 14 Apr 2020 09:31:02 -0400 Received: by mail-wr1-f72.google.com with SMTP id m5so5560435wru.15 for ; Tue, 14 Apr 2020 06:31:01 -0700 (PDT) Received: from x1w.redhat.com (116.red-83-42-57.dynamicip.rima-tde.net. [83.42.57.116]) by smtp.gmail.com with ESMTPSA id q8sm18307453wmg.22.2020.04.14.06.30.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 14 Apr 2020 06:30:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1586871066; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=42lVAfyseGz1VGufIzij+GuSVkOjvcpSK4kWq6V6gmk=; b=HzO8STMDDgZl5dL2Y9vXGJvm/TKx/4/4TO97T/alIxOK00ACgBuNHKJub7/T6sGouLPqEP TxT7h1cJdTZyxmAI2+8fLtqwCds+qSAjIm5JBTEynbB1OVidlwUKxNDrPPOfq2WYFGpu/O pPoxn0+AVNAuXnAPro6Z9wytXk9bY6Q= X-MC-Unique: 8hi55XSEM5WwVFPGRdm9Nw-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=kGKRmnKwmRxlOxdVqgxjmKtx9Q2hpJOt1NAPPmcNK0Y=; b=ikeU5bX9d8W19zyu85KnMn4Mx0PIIIq0HdRZ/qY3lYAabXGsJJknR/uZ+RsXd/1knY AxYvcloxgA8u9kM0kotDQ/nAQG0G19w2GRb7mw50YUvo2aNBlOp7QgMt7KA3mOvJdcg8 ouhDBs8pKfTH5d3UkZTjg6+uwhPeIxxO/GF28vSgDzDpxqkOhmC3yZf1OdFQUYzr6vN1 CW2qnu7v9KyLJmn3x291Fog1ptwnQfa7oLMcyAURitg6jq08wQRTrgDOiJDhwUlOuvvp AOxfQHK0rJid3VUsGtrMepoZYJWLIFpWNZ74B/oE9vbFalmF+xMWkFXjzqw7rg3T6slJ mGBg== X-Gm-Message-State: AGi0PubfwuUNQCAj5bnz/QcenVYL2CdDPyBo5m3a9aGTrUPH1gKhdbAd 1N/iJ2DR2qA/gBAwUdSwNG/EWmt6HHmI0KN6u2ht9wsxK17INGcNrHf3wqiBrL1H+voOr/uJ5Go upsEdV1BfGb6M7n8= X-Received: by 2002:a1c:ed1a:: with SMTP id l26mr23523422wmh.175.1586871060655; Tue, 14 Apr 2020 06:31:00 -0700 (PDT) X-Google-Smtp-Source: APiQypLviEloVTS1cRcyC6vYEbzQ4KMafGY7ljn+PIpkM/EA0pUQsfi5Ks+nCt7hSSsjIbmhL666ZQ== X-Received: by 2002:a1c:ed1a:: with SMTP id l26mr23523395wmh.175.1586871060392; Tue, 14 Apr 2020 06:31:00 -0700 (PDT) From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Subject: [PATCH-for-5.0 01/12] Revert "prevent crash when executing guest-file-read with large count" Date: Tue, 14 Apr 2020 15:30:41 +0200 Message-Id: <20200414133052.13712-2-philmd@redhat.com> X-Mailer: git-send-email 2.21.1 In-Reply-To: <20200414133052.13712-1-philmd@redhat.com> References: <20200414133052.13712-1-philmd@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 207.211.31.81 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , Peter Maydell , =?UTF-8?q?Daniel=20P=20=2E=20Berrang=C3=A9?= , qemu-block@nongnu.org, "Michael S. Tsirkin" , Michael Roth , Fabien Chouteau , Max Filippov , KONRAD Frederic , qemu-arm@nongnu.org, qemu-ppc@nongnu.org, Gerd Hoffmann , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Stafford Horne , Max Reitz , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Aurelien Jarno Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8"; text/plain; charset="utf-8" As noted by Daniel Berrang=C3=A9 in [*], the fix from commit 807e2b6fce which replaced malloc() by try_malloc() is not enough, the process can still run out of memory a few line later: 346 buf =3D g_try_malloc0(count + 1); 347 if (!buf) { 348 error_setg(errp, 349 "failed to allocate sufficient memory " 350 "to complete the requested service"); 351 return NULL; 352 } 353 is_ok =3D ReadFile(fh, buf, count, &read_count, NULL); 354 if (!is_ok) { 355 error_setg_win32(errp, GetLastError(), "failed to read file"); 356 slog("guest-file-read failed, handle %" PRId64, handle); 357 } else { 358 buf[read_count] =3D 0; 359 read_data =3D g_new0(GuestFileRead, 1); ^^^^^^ Instead we are going to put a low hard limit on 'count' in the next commits. This reverts commit 807e2b6fce022707418bc8f61c069d91c613b3d2. [*] https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg03471.html Suggested-by: Daniel P. Berrang=C3=A9 Signed-off-by: Philippe Mathieu-Daud=C3=A9 --- qga/commands-win32.c | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/qga/commands-win32.c b/qga/commands-win32.c index b49920e201..46cea7d1d9 100644 --- a/qga/commands-win32.c +++ b/qga/commands-win32.c @@ -343,13 +343,7 @@ GuestFileRead *qmp_guest_file_read(int64_t handle, boo= l has_count, } =20 fh =3D gfh->fh; - buf =3D g_try_malloc0(count + 1); - if (!buf) { - error_setg(errp, - "failed to allocate sufficient memory " - "to complete the requested service"); - return NULL; - } + buf =3D g_malloc0(count + 1); is_ok =3D ReadFile(fh, buf, count, &read_count, NULL); if (!is_ok) { error_setg_win32(errp, GetLastError(), "failed to read file"); --=20 2.21.1 From nobody Thu May 16 17:55:58 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1586883155; cv=none; d=zohomail.com; s=zohoarc; b=iYc4+ulwqdH2hKp7lAKYZYv2qiNt2wn83x3Cek3fLa+ImSni/Ih+AFD/z31uOeDDmCIHigURUNeeURJ4UELtG4CwF2cbx1YFYIVRI/1q+/W9CBrP/q2ycJ5kl61c5f/v8ZvGMin+84Fvf04z2waZkCAsyszebz+auvGXs2VLNTs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1586883155; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=GnJYBUthOsce7NJ4xT6W5gmharUMTFvzDWfeqO/U2B4=; b=nhkzfUNm8WxE6naocw+FLUcbJysZdfYxP6Eb/EMKBnQQO4Wn83XlbSiltiAWYU+jB+dsLyTG1WT+R5WeaVWhiEhqMaG4znnRYQ5lT27+Iac+8uM0x70laAUax3i9tdHqaKo52dl8h008zv97AoFiYb1kSH8mPO7kYB+uDD64lLE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1586883155072516.4147609577243; Tue, 14 Apr 2020 09:52:35 -0700 (PDT) Received: from localhost ([::1]:34980 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOOnZ-0008HK-QP for importer@patchew.org; Tue, 14 Apr 2020 12:52:33 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:34074) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOOln-0006Wr-3e for qemu-devel@nongnu.org; Tue, 14 Apr 2020 12:50:44 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jOOll-0002rs-1p for qemu-devel@nongnu.org; Tue, 14 Apr 2020 12:50:42 -0400 Received: from us-smtp-1.mimecast.com ([207.211.31.81]:29123 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1jOLef-0008DI-6b for qemu-devel@nongnu.org; Tue, 14 Apr 2020 09:31:09 -0400 Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-361-zDdda0cnPhuMJAx74_G21A-1; Tue, 14 Apr 2020 09:31:07 -0400 Received: by mail-wm1-f71.google.com with SMTP id f128so2617095wmf.8 for ; Tue, 14 Apr 2020 06:31:07 -0700 (PDT) Received: from x1w.redhat.com (116.red-83-42-57.dynamicip.rima-tde.net. [83.42.57.116]) by smtp.gmail.com with ESMTPSA id q19sm19299307wra.38.2020.04.14.06.31.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 14 Apr 2020 06:31:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1586871068; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=GnJYBUthOsce7NJ4xT6W5gmharUMTFvzDWfeqO/U2B4=; b=PKrk+PfAQAey7pGbNH4bRmsEQeG/8WnmpFMcQh4+HzwxZ26sj0jLKaURiEwCxvlpeOSBVs /tfgLtFMbzobr1ccNnYAEL5y5EqLpZgcXKlbWEf+/IfGW/WEMFp5yleTd7TB+51VCZPqLY bq4qMcFblG36m3lZZF2nMZxFdAYa3vk= X-MC-Unique: zDdda0cnPhuMJAx74_G21A-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=6idqut0mU47T5T/l9mhwNn6dpgHJZBNeGp23JGNjmX8=; b=fD4pnzakIDJGsaxiirmmi8LNvxkHLKdNDNyaNPi6Z7F5HSVkcAATwi76uXAjoXk/bi u/P7tJ8uWreHPFE7XzndfK7eCbzLU+plYnTcT6NiqHcP4K5otND1st2h+gybUemHbtMC ymTSvjQDMqphimSRlhHDwD3/8uU3x8T6BqSIaKZSsO6Grk/aIoBQlaF2wLT+ZNW/+GP2 L3uu/znZ/2gTZgVFYCjwr+6GVud5zyjr7XyzpaSkRn9QxSTHOLuTxL0T2MuVCK4Qa37x nkq/ArbJDATIMnl+K2/0vOZ91FCOzWoEdQyepvnsric5mR7P0gylhxCUvROzmmBDrbqx EhJQ== X-Gm-Message-State: AGi0PuZpaWN26cOZLl6UykAT1+g8LC3ExOclDYehaolwTa1k8V1LWxjO oZwqNWQ3ahzYBR74ZFx+ovMvD2ISoi9+tqGSHrNi+jTMwXl2bc+pSrGxdHBOU2CeHB+Fu4opMNP SWQqlFaAw01Ru8eE= X-Received: by 2002:a7b:c399:: with SMTP id s25mr11080821wmj.169.1586871065894; Tue, 14 Apr 2020 06:31:05 -0700 (PDT) X-Google-Smtp-Source: APiQypJT7xwqvbFm2A1e3XbxbEWYXE5l1/xS/BPhuY4kMrEK2MOnZO8H5pZCHZ8EcBxjytSIZOsDUA== X-Received: by 2002:a7b:c399:: with SMTP id s25mr11080797wmj.169.1586871065711; Tue, 14 Apr 2020 06:31:05 -0700 (PDT) From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Subject: [PATCH-for-5.0 02/12] qga: Extract guest_file_handle_find() to commands-common.h Date: Tue, 14 Apr 2020 15:30:42 +0200 Message-Id: <20200414133052.13712-3-philmd@redhat.com> X-Mailer: git-send-email 2.21.1 In-Reply-To: <20200414133052.13712-1-philmd@redhat.com> References: <20200414133052.13712-1-philmd@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 207.211.31.81 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , Peter Maydell , qemu-block@nongnu.org, "Michael S. Tsirkin" , Michael Roth , Fabien Chouteau , Max Filippov , KONRAD Frederic , qemu-arm@nongnu.org, qemu-ppc@nongnu.org, Gerd Hoffmann , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Stafford Horne , Max Reitz , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Aurelien Jarno Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8"; text/plain; charset="utf-8" As we are going to reuse this method, declare it in common header. Signed-off-by: Philippe Mathieu-Daud=C3=A9 --- qga/commands-common.h | 18 ++++++++++++++++++ qga/commands-posix.c | 7 ++++--- qga/commands-win32.c | 7 ++++--- 3 files changed, 26 insertions(+), 6 deletions(-) create mode 100644 qga/commands-common.h diff --git a/qga/commands-common.h b/qga/commands-common.h new file mode 100644 index 0000000000..af90e5481e --- /dev/null +++ b/qga/commands-common.h @@ -0,0 +1,18 @@ +/* + * QEMU Guest Agent common/cross-platform common commands + * + * Copyright (c) 2020 Red Hat, Inc. + * + * This work is licensed under the terms of the GNU GPL, version 2 or late= r. + * See the COPYING file in the top-level directory. + */ +#ifndef QGA_COMMANDS_COMMON_H +#define QGA_COMMANDS_COMMON_H + +#include "qga-qapi-types.h" + +typedef struct GuestFileHandle GuestFileHandle; + +GuestFileHandle *guest_file_handle_find(int64_t id, Error **errp); + +#endif diff --git a/qga/commands-posix.c b/qga/commands-posix.c index cc69b82704..c59c32185c 100644 --- a/qga/commands-posix.c +++ b/qga/commands-posix.c @@ -26,6 +26,7 @@ #include "qemu/sockets.h" #include "qemu/base64.h" #include "qemu/cutils.h" +#include "commands-common.h" =20 #ifdef HAVE_UTMPX #include @@ -237,12 +238,12 @@ typedef enum { RW_STATE_WRITING, } RwState; =20 -typedef struct GuestFileHandle { +struct GuestFileHandle { uint64_t id; FILE *fh; RwState state; QTAILQ_ENTRY(GuestFileHandle) next; -} GuestFileHandle; +}; =20 static struct { QTAILQ_HEAD(, GuestFileHandle) filehandles; @@ -268,7 +269,7 @@ static int64_t guest_file_handle_add(FILE *fh, Error **= errp) return handle; } =20 -static GuestFileHandle *guest_file_handle_find(int64_t id, Error **errp) +GuestFileHandle *guest_file_handle_find(int64_t id, Error **errp) { GuestFileHandle *gfh; =20 diff --git a/qga/commands-win32.c b/qga/commands-win32.c index 46cea7d1d9..cfaf6b84b8 100644 --- a/qga/commands-win32.c +++ b/qga/commands-win32.c @@ -37,6 +37,7 @@ #include "qemu/queue.h" #include "qemu/host-utils.h" #include "qemu/base64.h" +#include "commands-common.h" =20 #ifndef SHTDN_REASON_FLAG_PLANNED #define SHTDN_REASON_FLAG_PLANNED 0x80000000 @@ -50,11 +51,11 @@ =20 #define INVALID_SET_FILE_POINTER ((DWORD)-1) =20 -typedef struct GuestFileHandle { +struct GuestFileHandle { int64_t id; HANDLE fh; QTAILQ_ENTRY(GuestFileHandle) next; -} GuestFileHandle; +}; =20 static struct { QTAILQ_HEAD(, GuestFileHandle) filehandles; @@ -126,7 +127,7 @@ static int64_t guest_file_handle_add(HANDLE fh, Error *= *errp) return handle; } =20 -static GuestFileHandle *guest_file_handle_find(int64_t id, Error **errp) +GuestFileHandle *guest_file_handle_find(int64_t id, Error **errp) { GuestFileHandle *gfh; QTAILQ_FOREACH(gfh, &guest_file_state.filehandles, next) { --=20 2.21.1 From nobody Thu May 16 17:55:58 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1586885131; cv=none; d=zohomail.com; s=zohoarc; b=WH31kEILv5vMvdR4R+VVB2X8M31z3oVqPl4mGl4tY5nqb0XdC49jIfKRlo7CIGkc8kqlzqWj9xvhEvui90Ms0V1GT3rcf/eRqzjJNa5wVVpdYP3JPR+OTfE3jAtswuPXgVMYQcsm+6bGSeHbUcpP8KEVDuBs608NIFWRQOAvmHU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1586885131; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=fu0f7k/a61zvNy9hTYFT7tcEyV8paFWKyShaFKjjtn0=; b=UZEyATTb+fR6QKcR44gRWB7c4/2YtBByidkjtMjMwkw6R18/YIexXEvGAxoiQkBxZfWEUy81uPlveISyyUBEFbepnxWznwXagA+VbxvKGiXzV+cX4K5lfPZcnwpPfDtyFxQ1UTG+1+/76+uwtZml3Rb1nWSRwZbxcFbOrMDA8kw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 158688513179073.68074860543868; Tue, 14 Apr 2020 10:25:31 -0700 (PDT) Received: from localhost ([::1]:36054 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOPJS-0001dk-Hr for importer@patchew.org; Tue, 14 Apr 2020 13:25:30 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:42781) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOP1e-0008FZ-JF for qemu-devel@nongnu.org; Tue, 14 Apr 2020 13:07:07 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jOP1d-00076A-91 for qemu-devel@nongnu.org; Tue, 14 Apr 2020 13:07:06 -0400 Received: from us-smtp-delivery-1.mimecast.com ([207.211.31.120]:49145 helo=us-smtp-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1jOLej-0008ED-Qk for qemu-devel@nongnu.org; Tue, 14 Apr 2020 09:31:13 -0400 Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com [209.85.221.69]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-407-f6PJAjffOq-Itmu9i8do_Q-1; Tue, 14 Apr 2020 09:31:12 -0400 Received: by mail-wr1-f69.google.com with SMTP id q10so2142193wrv.10 for ; Tue, 14 Apr 2020 06:31:12 -0700 (PDT) Received: from x1w.redhat.com (116.red-83-42-57.dynamicip.rima-tde.net. [83.42.57.116]) by smtp.gmail.com with ESMTPSA id g186sm19354552wme.7.2020.04.14.06.31.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 14 Apr 2020 06:31:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1586871073; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=fu0f7k/a61zvNy9hTYFT7tcEyV8paFWKyShaFKjjtn0=; b=D+z8zGhIrmamczMqNdV/rE21HF4Y0sok3V6GrenWazy7hsU3m92aqUM50up6ou9pVFOP0x 7i7dEvur8rn0XpYvRP7UVFOl28EfXDBmjADzPZnXY/Guj7kpm/LKo1U3R4Lreg+c1YdyTp XWhqlGy/YHcOIH1NVgnqnYuLDCDqwvk= X-MC-Unique: f6PJAjffOq-Itmu9i8do_Q-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=eFub0oIWRGuMfBgpHGkeKThVa6ZfWPB3Vt4l4sK5QOw=; b=mfT7AEsB9x/MRUAo/w1tttsi6Jmuv/8+nKrjlhuMmc0bi8vWie6eLYur5QTVbpvERy haiCsaKuwg7eXMU6PlVxDfllWLsyfZyCtf4lXox7qQVMqZSuizhnND8IS32d6Dfkrfz3 tsQWfly+fiaiF+8yxNBdI7KBBAz9uIPBsGqZLIEUHhw/tqoH6eJqaMtsVm2pw+OLqzcK 7AlndTpDqZAOLTSAdSAV+xmrSgCQzQ+fr4azfz2sQYiXLh908aWhcLWW8OV+kNmRFxEj DvxrG8yfqfzib8mT/38O2jGyqBPpaBuUlUp8EkyPuulV3HFeo1VKwIJFqM0ofCIwqY91 qVwg== X-Gm-Message-State: AGi0PuYCcZCmQN6W3yZdcLMgDamo1eXk4RMErXcag21PuKSCzFgTjWi1 MElk6f/F9HfLqoZm6W+psbF6MfdGLCyWCUv/oUWrXk76isK0Bp3JfWmaHbFmixXJbXkk8/xcegB r/87wT37kgG8o+b4= X-Received: by 2002:a05:600c:2645:: with SMTP id 5mr23428262wmy.168.1586871070896; Tue, 14 Apr 2020 06:31:10 -0700 (PDT) X-Google-Smtp-Source: APiQypJUj1wcW67mAnc4eU4lfYsdaLbjNF0Qypi6FeeefagAzYyw4C2DE9SKNXLI4ZaMY1tuRtaf6A== X-Received: by 2002:a05:600c:2645:: with SMTP id 5mr23428234wmy.168.1586871070661; Tue, 14 Apr 2020 06:31:10 -0700 (PDT) From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Subject: [PATCH-for-5.0 03/12] qga: Extract qmp_guest_file_read() to common commands.c Date: Tue, 14 Apr 2020 15:30:43 +0200 Message-Id: <20200414133052.13712-4-philmd@redhat.com> X-Mailer: git-send-email 2.21.1 In-Reply-To: <20200414133052.13712-1-philmd@redhat.com> References: <20200414133052.13712-1-philmd@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 207.211.31.120 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , Peter Maydell , qemu-block@nongnu.org, "Michael S. Tsirkin" , Michael Roth , Fabien Chouteau , Max Filippov , KONRAD Frederic , qemu-arm@nongnu.org, qemu-ppc@nongnu.org, Gerd Hoffmann , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Stafford Horne , Max Reitz , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Aurelien Jarno Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8"; text/plain; charset="utf-8" Extract the common code shared by both POSIX/Win32 implementations. Signed-off-by: Philippe Mathieu-Daud=C3=A9 --- qga/commands-common.h | 3 +++ qga/commands-posix.c | 22 +++------------------- qga/commands-win32.c | 20 +++----------------- qga/commands.c | 26 ++++++++++++++++++++++++++ 4 files changed, 35 insertions(+), 36 deletions(-) diff --git a/qga/commands-common.h b/qga/commands-common.h index af90e5481e..90785ed4bb 100644 --- a/qga/commands-common.h +++ b/qga/commands-common.h @@ -15,4 +15,7 @@ typedef struct GuestFileHandle GuestFileHandle; =20 GuestFileHandle *guest_file_handle_find(int64_t id, Error **errp); =20 +GuestFileRead *guest_file_read_unsafe(GuestFileHandle *gfh, + int64_t count, Error **errp); + #endif diff --git a/qga/commands-posix.c b/qga/commands-posix.c index c59c32185c..a52af0315f 100644 --- a/qga/commands-posix.c +++ b/qga/commands-posix.c @@ -461,29 +461,14 @@ void qmp_guest_file_close(int64_t handle, Error **err= p) g_free(gfh); } =20 -struct GuestFileRead *qmp_guest_file_read(int64_t handle, bool has_count, - int64_t count, Error **errp) +GuestFileRead *guest_file_read_unsafe(GuestFileHandle *gfh, + int64_t count, Error **errp) { - GuestFileHandle *gfh =3D guest_file_handle_find(handle, errp); GuestFileRead *read_data =3D NULL; guchar *buf; - FILE *fh; + FILE *fh =3D gfh->fh; size_t read_count; =20 - if (!gfh) { - return NULL; - } - - if (!has_count) { - count =3D QGA_READ_COUNT_DEFAULT; - } else if (count < 0 || count >=3D UINT32_MAX) { - error_setg(errp, "value '%" PRId64 "' is invalid for argument coun= t", - count); - return NULL; - } - - fh =3D gfh->fh; - /* explicitly flush when switching from writing to reading */ if (gfh->state =3D=3D RW_STATE_WRITING) { int ret =3D fflush(fh); @@ -498,7 +483,6 @@ struct GuestFileRead *qmp_guest_file_read(int64_t handl= e, bool has_count, read_count =3D fread(buf, 1, count, fh); if (ferror(fh)) { error_setg_errno(errp, errno, "failed to read file"); - slog("guest-file-read failed, handle: %" PRId64, handle); } else { buf[read_count] =3D 0; read_data =3D g_new0(GuestFileRead, 1); diff --git a/qga/commands-win32.c b/qga/commands-win32.c index cfaf6b84b8..9717a8d52d 100644 --- a/qga/commands-win32.c +++ b/qga/commands-win32.c @@ -322,33 +322,19 @@ void qmp_guest_shutdown(bool has_mode, const char *mo= de, Error **errp) } } =20 -GuestFileRead *qmp_guest_file_read(int64_t handle, bool has_count, - int64_t count, Error **errp) +GuestFileRead *guest_file_read_unsafe(GuestFileHandle *gfh, + int64_t count, Error **errp) { GuestFileRead *read_data =3D NULL; guchar *buf; - HANDLE fh; + HANDLE fh =3D gfh->fh; bool is_ok; DWORD read_count; - GuestFileHandle *gfh =3D guest_file_handle_find(handle, errp); =20 - if (!gfh) { - return NULL; - } - if (!has_count) { - count =3D QGA_READ_COUNT_DEFAULT; - } else if (count < 0 || count >=3D UINT32_MAX) { - error_setg(errp, "value '%" PRId64 - "' is invalid for argument count", count); - return NULL; - } - - fh =3D gfh->fh; buf =3D g_malloc0(count + 1); is_ok =3D ReadFile(fh, buf, count, &read_count, NULL); if (!is_ok) { error_setg_win32(errp, GetLastError(), "failed to read file"); - slog("guest-file-read failed, handle %" PRId64, handle); } else { buf[read_count] =3D 0; read_data =3D g_new0(GuestFileRead, 1); diff --git a/qga/commands.c b/qga/commands.c index 4471a9f08d..5611117372 100644 --- a/qga/commands.c +++ b/qga/commands.c @@ -18,6 +18,7 @@ #include "qemu/base64.h" #include "qemu/cutils.h" #include "qemu/atomic.h" +#include "commands-common.h" =20 /* Maximum captured guest-exec out_data/err_data - 16MB */ #define GUEST_EXEC_MAX_OUTPUT (16*1024*1024) @@ -547,3 +548,28 @@ error: g_free(info); return NULL; } + +GuestFileRead *qmp_guest_file_read(int64_t handle, bool has_count, + int64_t count, Error **errp) +{ + GuestFileHandle *gfh =3D guest_file_handle_find(handle, errp); + GuestFileRead *read_data; + + if (!gfh) { + return NULL; + } + if (!has_count) { + count =3D QGA_READ_COUNT_DEFAULT; + } else if (count < 0 || count >=3D UINT32_MAX) { + error_setg(errp, "value '%" PRId64 "' is invalid for argument coun= t", + count); + return NULL; + } + + read_data =3D guest_file_read_unsafe(gfh, count, errp); + if (!read_data) { + slog("guest-file-write failed, handle: %" PRId64, handle); + } + + return read_data; +} --=20 2.21.1 From nobody Thu May 16 17:55:58 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1586881572; cv=none; d=zohomail.com; s=zohoarc; b=O8kygs+euU5xQdxO/ky+H7aJQj6Y5sfZctBwRiJaHKwQ06B7ocvZ7jJu87AAacZuw6T+XXiy4r6q6V2FEY/upCtfF44cnQGb5SF+pdGYZI0+/a9j3/LMQrGXqAB/Pnj4GT4rmk0DjTDEgHiZ4Eh5SZj4uHbJmLU/AkZvUWnkRzk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1586881572; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Y/rgFY7WNEMopOTmHlFa39Xjz5jZHofpKGPcxFb/Lr8=; b=CiNHpsaZhPiUiBDJ9WZFqxfr2TLfM4K0PtizRWrxziQm94hJjettVemTczP/LmtT5KA1myXFk8vJ81CxBESoDmuWsUp32pke44aMcHEvxB6Ev1U/ncz9Ng//c1C7Nv/q1T/fbswy7e6gxkEgr8oW4yl6lp3c0oDnPOAgoDq0DmI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 158688157266629.38315795919459; Tue, 14 Apr 2020 09:26:12 -0700 (PDT) Received: from localhost ([::1]:33884 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOOO3-0004ZZ-9R for importer@patchew.org; Tue, 14 Apr 2020 12:26:11 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:51407) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOON7-0003rh-EX for qemu-devel@nongnu.org; Tue, 14 Apr 2020 12:25:19 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jOON1-0006iF-8b for qemu-devel@nongnu.org; Tue, 14 Apr 2020 12:25:13 -0400 Received: from us-smtp-1.mimecast.com ([207.211.31.81]:36205 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1jOLeq-0008Ff-Dm for qemu-devel@nongnu.org; Tue, 14 Apr 2020 09:31:20 -0400 Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com [209.85.221.69]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-121-kBqa8BUDMSKoST0di2BHZw-1; Tue, 14 Apr 2020 09:31:17 -0400 Received: by mail-wr1-f69.google.com with SMTP id y1so8684609wrp.5 for ; Tue, 14 Apr 2020 06:31:17 -0700 (PDT) Received: from x1w.redhat.com (116.red-83-42-57.dynamicip.rima-tde.net. [83.42.57.116]) by smtp.gmail.com with ESMTPSA id n124sm19188823wma.11.2020.04.14.06.31.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 14 Apr 2020 06:31:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1586871080; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Y/rgFY7WNEMopOTmHlFa39Xjz5jZHofpKGPcxFb/Lr8=; b=Qmeltb+pv+hSwqGqUeblQePyK/3g6YyiuxOOH7hGw/bOlF09gqpZhM7lpSEOnTtDYbkLWR irXG/MLGKX9CakEN7eVhc2GLqNuD/xZq43DlAy4qAY1rXazK3xwywCvBdckASrY+3wBJYC HG9KRdK4ejWbwoScXmbloBcUL4otm04= X-MC-Unique: kBqa8BUDMSKoST0di2BHZw-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=aBqRmHSNFWw2QuttdTKpWx4Ao+NBp9FCppR6Q9xcm8c=; b=sJqvrGQENkwAg2Eaz/fev5S3ZLBMUXeer5fwwbTdX/RiY2EpwXyAgisC1KHzr7EljK 8K908bA67tBh4bmj9E9hWi8wAdsBXjZYx70zRVqCsznLCbKh8y8EgPvHVMjh0uCMolWo d4v33iudgzoPZlMsvI+3Pqhsynr0158IVz4Sbk1QztOw632lUD/CfE0nvk9yb9L4aBOW OKRHaGSUuH/tUS+x6e69jZjJam3EUgjM82L4B8H94zRUGTQ/wLletLSHEBRGLCOLOvI6 OE+6SL9PnXL61wh2eDRrn85K+HvIOp1XE7A0X+cTvi3ZqeTbPikd/uv6JUkInBv21tOM Ftpg== X-Gm-Message-State: AGi0PuY9NHY+gJ/4C/0vM+0eXmKSd+Rj1T/oZWTnv3gmcoNKQggHhurB 6pd/OVtw7eZucGjbQ9H12o8eJYzF70Vk/+mK/iRHoLfIIV4PLx8mVjxJt1T47yQW2dPxwF7gyLr 1oxDEB9ycEJdTUY8= X-Received: by 2002:adf:fe41:: with SMTP id m1mr23553728wrs.52.1586871075983; Tue, 14 Apr 2020 06:31:15 -0700 (PDT) X-Google-Smtp-Source: APiQypIpehqpNEU6kwMReFPq4nrfgvGDWucnK9DKLGum5HcpqgVW1nq5J7UsN36PVSBkRAQUC1G70Q== X-Received: by 2002:adf:fe41:: with SMTP id m1mr23553695wrs.52.1586871075712; Tue, 14 Apr 2020 06:31:15 -0700 (PDT) From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Subject: [PATCH-for-5.0 04/12] qga: Restrict guest-file-read count to 48 MB to avoid crashes Date: Tue, 14 Apr 2020 15:30:44 +0200 Message-Id: <20200414133052.13712-5-philmd@redhat.com> X-Mailer: git-send-email 2.21.1 In-Reply-To: <20200414133052.13712-1-philmd@redhat.com> References: <20200414133052.13712-1-philmd@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 207.211.31.81 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , Peter Maydell , =?UTF-8?q?Daniel=20P=20=2E=20Berrang=C3=A9?= , qemu-block@nongnu.org, "Michael S. Tsirkin" , Fakhri Zulkifli , Michael Roth , Fabien Chouteau , Max Filippov , KONRAD Frederic , qemu-arm@nongnu.org, qemu-ppc@nongnu.org, Gerd Hoffmann , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Stafford Horne , Max Reitz , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Aurelien Jarno Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8"; text/plain; charset="utf-8" On [*] Daniel Berrang=C3=A9 commented: The QEMU guest agent protocol is not sensible way to access huge files inside the guest. It requires the inefficient process of reading the entire data into memory than duplicating it again in base64 format, and then copying it again in the JSON serializer / monitor code. For arbitrary general purpose file access, especially for large files, use a real file transfer program or use a network block device, not the QEMU guest agent. To avoid bug reports as BZ#1594054 (CVE-2018-12617), follow his suggestion to put a low, hard limit on "count" in the guest agent QAPI schema, and don't allow count to be larger than 48 MB. [*] https://www.mail-archive.com/qemu-devel@nongnu.org/msg693176.html Fixes: CVE-2018-12617 Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=3D1594054 Reported-by: Fakhri Zulkifli Suggested-by: Daniel P. Berrang=C3=A9 Signed-off-by: Philippe Mathieu-Daud=C3=A9 --- qga/qapi-schema.json | 6 ++++-- qga/commands.c | 9 ++++++++- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/qga/qapi-schema.json b/qga/qapi-schema.json index f6fcb59f34..7758d9daf8 100644 --- a/qga/qapi-schema.json +++ b/qga/qapi-schema.json @@ -266,11 +266,13 @@ ## # @guest-file-read: # -# Read from an open file in the guest. Data will be base64-encoded +# Read from an open file in the guest. Data will be base64-encoded. +# As this command is just for limited, ad-hoc debugging, such as log +# file access, the number of bytes to read is limited to 10 MB. # # @handle: filehandle returned by guest-file-open # -# @count: maximum number of bytes to read (default is 4KB) +# @count: maximum number of bytes to read (default is 4KB, maximum is 10MB) # # Returns: @GuestFileRead on success. # diff --git a/qga/commands.c b/qga/commands.c index 5611117372..efc8b90281 100644 --- a/qga/commands.c +++ b/qga/commands.c @@ -11,6 +11,7 @@ */ =20 #include "qemu/osdep.h" +#include "qemu/units.h" #include "guest-agent-core.h" #include "qga-qapi-commands.h" #include "qapi/error.h" @@ -24,6 +25,12 @@ #define GUEST_EXEC_MAX_OUTPUT (16*1024*1024) /* Allocation and I/O buffer for reading guest-exec out_data/err_data - 4K= B */ #define GUEST_EXEC_IO_SIZE (4*1024) +/* + * Maximum file size to read - 48MB + * + * (48MB + Base64 3:4 overhead =3D JSON parser 64 MB limit) + */ +#define GUEST_FILE_READ_COUNT_MAX (48 * MiB) =20 /* Note: in some situations, like with the fsfreeze, logging may be * temporarilly disabled. if it is necessary that a command be able @@ -560,7 +567,7 @@ GuestFileRead *qmp_guest_file_read(int64_t handle, bool= has_count, } if (!has_count) { count =3D QGA_READ_COUNT_DEFAULT; - } else if (count < 0 || count >=3D UINT32_MAX) { + } else if (count < 0 || count > GUEST_FILE_READ_COUNT_MAX) { error_setg(errp, "value '%" PRId64 "' is invalid for argument coun= t", count); return NULL; --=20 2.21.1 From nobody Thu May 16 17:55:58 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1586884104; cv=none; d=zohomail.com; s=zohoarc; b=mLwD9xow5ZsVCH/syt6uLoO9deFlxVZ7uyWmLUCGniv/KoMpAQ6IjTsZYL4sxPRIiDbetDrH48fAVlCwIRXI4zieYQr9dbd+CDvGwLpOpodA3TP82MOL8lx6FmHwisvetQgYpBFPOxYp8W7ciilUlMMmK6YaZQi4TFoL72dY3/k= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1586884104; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=PwwyvF6CHPHLQYK0ni4C07URn8wv+xD7OizfGx3R5og=; b=SeNLs2/4gqmbwlBHl+SqKXSof4ynhxy8/G64mS0TNq9PpiWgbQE1I9bPla6PmBy8P6PtGJuCSD2z6XXmNGh95BJ3YS+q1uS/U1rUPrV7LH1/Ns+SlpzyQft+6+zvGr6nKRrsCllczKEQmDFNSOeg/tu0kdU6+E4i3rSxrERqTR8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1586884104592141.85396194799034; Tue, 14 Apr 2020 10:08:24 -0700 (PDT) Received: from localhost ([::1]:35702 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOP2t-0001DO-Ak for importer@patchew.org; Tue, 14 Apr 2020 13:08:23 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:40257) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOOy0-0001eK-Pd for qemu-devel@nongnu.org; Tue, 14 Apr 2020 13:03:22 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jOOxz-0003sw-G3 for qemu-devel@nongnu.org; Tue, 14 Apr 2020 13:03:20 -0400 Received: from us-smtp-1.mimecast.com ([205.139.110.61]:57567 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1jOLeu-0008Gn-5U for qemu-devel@nongnu.org; Tue, 14 Apr 2020 09:31:24 -0400 Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com [209.85.221.69]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-236-GncWqAcSPV2LwUlmLngDfw-1; Tue, 14 Apr 2020 09:31:22 -0400 Received: by mail-wr1-f69.google.com with SMTP id g6so8659613wru.8 for ; Tue, 14 Apr 2020 06:31:22 -0700 (PDT) Received: from x1w.redhat.com (116.red-83-42-57.dynamicip.rima-tde.net. [83.42.57.116]) by smtp.gmail.com with ESMTPSA id a1sm9922751wrn.80.2020.04.14.06.31.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 14 Apr 2020 06:31:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1586871083; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=PwwyvF6CHPHLQYK0ni4C07URn8wv+xD7OizfGx3R5og=; b=fGwdIH97qx4S/8MoDdptGB/WaxMutybLUzEZJ/5DhPbXeDEiOQr55WFUPeBUrHleu2VDBy ONfZvnB6IsD219XUSNPaVX4RKupaFeGolCdk1hX7VDVk0rUeZmjjX0ubx/1zo+x5aELtxe hsguH5IPUCiARWROkAnKxGsy1bfQkQU= X-MC-Unique: GncWqAcSPV2LwUlmLngDfw-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=+J7WGWS9eBH3j6xbXcrU1P0OHfkg4KZSoUk6HMMZuss=; b=HT/8p/mPG+2LI1XWzWszw6C28gsd7lsmOnckIpM8YK0T4iSjrM4//SDF0hr65pV6c/ PXes2HA7lUubafZrvnaUYTCgygYj5FNvQtxaztzCUzODKWndoaeBo0YKvkGc/atZKWuH cBkd/qL6YfGefha6etqlRh2J8fFGEkXB6YiermhnKxHzkcNWUC9SInDXMlpLw7ArhEt9 /8U9BFIrkmDx9Ch6CKKNIefDO32VSGLyr2fCIqEraTFRf/sXIipGLnRTYKg5n0p8pZH1 3idamePCuvgidWjJtnrTKeb38084Xc9o53WBcEi/DEl8FYpXPWoQqSJPY87YoCEXwF2z 3kEQ== X-Gm-Message-State: AGi0PuZ9grZkx/D8kfXlfr1uQNLbOEh2MLi8siZ+YH+9lfUrqES6O0fp /FtuBjI/rP2lrvmYjwV4rMLaWyoIrDObYuWCeD8FOWcc6V11W8XtqQ8RWc9f0QBd1gjx3NKtWB6 wNpoORaFI4IwLNJg= X-Received: by 2002:a5d:43c6:: with SMTP id v6mr23929048wrr.395.1586871080979; Tue, 14 Apr 2020 06:31:20 -0700 (PDT) X-Google-Smtp-Source: APiQypKgGUDuJPZuz3ryDLaXtieYi+AGnY2jg/DIB7w+5V0Fi0X8UWoftiRF1dPd3vm50nfUsw9g5Q== X-Received: by 2002:a5d:43c6:: with SMTP id v6mr23929027wrr.395.1586871080810; Tue, 14 Apr 2020 06:31:20 -0700 (PDT) From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Subject: [PATCH-for-5.0 05/12] vhost-user-gpu: Release memory returned by vu_queue_pop() with free() Date: Tue, 14 Apr 2020 15:30:45 +0200 Message-Id: <20200414133052.13712-6-philmd@redhat.com> X-Mailer: git-send-email 2.21.1 In-Reply-To: <20200414133052.13712-1-philmd@redhat.com> References: <20200414133052.13712-1-philmd@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 205.139.110.61 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , Peter Maydell , qemu-block@nongnu.org, "Michael S. Tsirkin" , qemu-stable@nongnu.org, Michael Roth , Fabien Chouteau , Max Filippov , KONRAD Frederic , qemu-arm@nongnu.org, qemu-ppc@nongnu.org, Gerd Hoffmann , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Stafford Horne , Max Reitz , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Aurelien Jarno Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8"; text/plain; charset="utf-8" vu_queue_pop() returns memory that must be freed with free(). Cc: qemu-stable@nongnu.org Reported-by: Coverity (CID 1421887 ALLOC_FREE_MISMATCH) Suggested-by: Peter Maydell Reviewed-by: Marc-Andr=C3=A9 Lureau Signed-off-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Michael S. Tsirkin --- contrib/vhost-user-gpu/vhost-user-gpu.c | 4 ++-- contrib/vhost-user-gpu/virgl.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/contrib/vhost-user-gpu/vhost-user-gpu.c b/contrib/vhost-user-g= pu/vhost-user-gpu.c index b45d2019b4..a019d0a9ac 100644 --- a/contrib/vhost-user-gpu/vhost-user-gpu.c +++ b/contrib/vhost-user-gpu/vhost-user-gpu.c @@ -848,7 +848,7 @@ vg_handle_ctrl(VuDev *dev, int qidx) QTAILQ_INSERT_TAIL(&vg->fenceq, cmd, next); vg->inflight++; } else { - g_free(cmd); + free(cmd); } } } @@ -939,7 +939,7 @@ vg_handle_cursor(VuDev *dev, int qidx) } vu_queue_push(dev, vq, elem, 0); vu_queue_notify(dev, vq); - g_free(elem); + free(elem); } } =20 diff --git a/contrib/vhost-user-gpu/virgl.c b/contrib/vhost-user-gpu/virgl.c index 43413e29df..b0bc22c3c1 100644 --- a/contrib/vhost-user-gpu/virgl.c +++ b/contrib/vhost-user-gpu/virgl.c @@ -519,7 +519,7 @@ virgl_write_fence(void *opaque, uint32_t fence) g_debug("FENCE %" PRIu64, cmd->cmd_hdr.fence_id); vg_ctrl_response_nodata(g, cmd, VIRTIO_GPU_RESP_OK_NODATA); QTAILQ_REMOVE(&g->fenceq, cmd, next); - g_free(cmd); + free(cmd); g->inflight--; } } --=20 2.21.1 From nobody Thu May 16 17:55:58 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1586883659; cv=none; d=zohomail.com; s=zohoarc; b=ceWRXxn1hfLVBmqUesJ0kY/juzkSIpfctrPAGEOaZoAhfDJm4wXCLV12wErFzoPDtZcq5pmWlrHesNZl26sLsOUvCfueHDdCnMj7jzSmPaE3ESNSaYsg07PWMYRfcMpa55p+HBcmyANLMvy+8ys/PtehlVo4WKTTKZYwGYzB5cc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1586883659; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=P044dvCGY+OjnhTCca21kcGYqk6pkGT1ZkSmX3AzxY4=; b=Ls26Z5zrvDhgjz5/AtZ2WmBASHe40NLJ8cqvLQ7Ztp3XQUKBAlHElJ1rApI2sofUIekjRmVk7XAhj+N9NHQLS8vLvFl23VNDpczcpoWoFP5+xXF+3lLw3kOGoND9PCGl9+6KYEOwxENDH0lME8FSLg/NVVT8velPsJQYXKJcxEU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1586883659263750.2665715911637; Tue, 14 Apr 2020 10:00:59 -0700 (PDT) Received: from localhost ([::1]:35348 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOOvf-0005uJ-Kp for importer@patchew.org; Tue, 14 Apr 2020 13:00:55 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:58948) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOOfb-0004Ph-2x for qemu-devel@nongnu.org; Tue, 14 Apr 2020 12:44:20 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jOOfa-0007Td-1Z for qemu-devel@nongnu.org; Tue, 14 Apr 2020 12:44:19 -0400 Received: from us-smtp-delivery-1.mimecast.com ([205.139.110.120]:43407 helo=us-smtp-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1jOLez-0008IG-Ic for qemu-devel@nongnu.org; Tue, 14 Apr 2020 09:31:29 -0400 Received: from mail-wr1-f71.google.com (mail-wr1-f71.google.com [209.85.221.71]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-320-EXeZjF_pOMy7z_-6C77rdw-1; Tue, 14 Apr 2020 09:31:27 -0400 Received: by mail-wr1-f71.google.com with SMTP id 11so2362487wrc.3 for ; Tue, 14 Apr 2020 06:31:27 -0700 (PDT) Received: from x1w.redhat.com (116.red-83-42-57.dynamicip.rima-tde.net. [83.42.57.116]) by smtp.gmail.com with ESMTPSA id 145sm19761961wma.1.2020.04.14.06.31.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 14 Apr 2020 06:31:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1586871089; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=P044dvCGY+OjnhTCca21kcGYqk6pkGT1ZkSmX3AzxY4=; b=OlBgHsdw1akwjcLTR2pJx7+X/wxCHp/25lludZ4nyzvc0aOSdd0UEKW1TWgm9Xmr5lWa5s HsSj9HR0f9OGem7MCjf3XSz+pM5tZZsnpGGsnrBklhPPXoEn1h+qiYihZ6MGZkuErMyIA5 z6kx4hiKHABrwhjq4qE9lwfXUzYcqAA= X-MC-Unique: EXeZjF_pOMy7z_-6C77rdw-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=xOsd+sUVGYzNkkVeZbzr6M338X1UIcZTXkjxKBvcId0=; b=N1qOVKQgTzXB1+gv2FjaeQZJ8WJSxkOy/n20jj72WnsY+17DzpF7RcKHzZfHUmuaFQ AqelZKIj4j7LH4U1yL6+PP8g4NVAedEuGl8Pji5dXgds1cLRxmHL5s8pAlxepPnRo3kg SR07sRkRWpi/FBG6Ke601ILOFhlSBm574OaG0qxYMp4yxYS0QWfH4qmvhpcu3kYnVp81 CzpH/+9WQSSIcjJXlPB5XlpUh7R9R2DCvXRcEuqQ+FrCL1vf63CwFQs8xiLw+BU0vxQY Lqv9NSJmZiJYD4IrxeRlKFq2B87Vq2d93vrCCJL+KPlPqK5IkLIHZkXKZgi9YX3qgs42 vOjg== X-Gm-Message-State: AGi0Pub8iXQhW2W/tCSSJ5pGWT2HDGtS58uwQ8CkJaVlfcZElIV3MTec /qs+GxcwxTag7XhNDx66i2Lg1t5sjrBKQ/UVZJNOK0uxEXfYDQZAcJ/kNLPUdpRjuBZ7nvcaJTj lZ6ATYuQ6wqzOsH8= X-Received: by 2002:a1c:9dd1:: with SMTP id g200mr25248736wme.82.1586871086013; Tue, 14 Apr 2020 06:31:26 -0700 (PDT) X-Google-Smtp-Source: APiQypKYpggjSDgsYUwYvwjJsdDbyn4hOLFjHZrOLIrKXq+2ftERkt+CSot485qp6+APjGWdVvuG4A== X-Received: by 2002:a1c:9dd1:: with SMTP id g200mr25248707wme.82.1586871085864; Tue, 14 Apr 2020 06:31:25 -0700 (PDT) From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Subject: [PATCH-for-5.0 06/12] hw/openrisc/pic_cpu: Use qdev gpio rather than qemu_allocate_irqs() Date: Tue, 14 Apr 2020 15:30:46 +0200 Message-Id: <20200414133052.13712-7-philmd@redhat.com> X-Mailer: git-send-email 2.21.1 In-Reply-To: <20200414133052.13712-1-philmd@redhat.com> References: <20200414133052.13712-1-philmd@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 205.139.110.120 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , Peter Maydell , qemu-block@nongnu.org, "Michael S. Tsirkin" , Michael Roth , Fabien Chouteau , Max Filippov , KONRAD Frederic , qemu-arm@nongnu.org, qemu-ppc@nongnu.org, Gerd Hoffmann , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Stafford Horne , Max Reitz , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Aurelien Jarno , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8"; text/plain; charset="utf-8" From: Philippe Mathieu-Daud=C3=A9 Coverity points out (CID 1421934) that we are leaking the memory returned by qemu_allocate_irqs(). We can avoid this leak by switching to using qdev_init_gpio_in(); the base class finalize will free the irqs that this allocates under the hood. Patch created mechanically using spatch with this script inspired from commit d6ef883d9d7: @@ typedef qemu_irq; identifier irqs, handler; expression opaque, count, i; @@ - qemu_irq *irqs; ... - irqs =3D qemu_allocate_irqs(handler, opaque, count); + qdev_init_gpio_in(DEVICE(opaque), handler, count); <+... - irqs[i] + qdev_get_gpio_in(DEVICE(opaque), i) ...+> ?- g_free(irqs); Reported-by: Coverity (CID 1421934 Resource leak) Inspired-by: Peter Maydell Signed-off-by: Philippe Mathieu-Daud=C3=A9 Message-Id: <20200412212943.4117-4-f4bug@amsat.org> Signed-off-by: Philippe Mathieu-Daud=C3=A9 --- hw/openrisc/pic_cpu.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/hw/openrisc/pic_cpu.c b/hw/openrisc/pic_cpu.c index 36f9350830..4b0c92f842 100644 --- a/hw/openrisc/pic_cpu.c +++ b/hw/openrisc/pic_cpu.c @@ -52,10 +52,9 @@ static void openrisc_pic_cpu_handler(void *opaque, int i= rq, int level) void cpu_openrisc_pic_init(OpenRISCCPU *cpu) { int i; - qemu_irq *qi; - qi =3D qemu_allocate_irqs(openrisc_pic_cpu_handler, cpu, NR_IRQS); + qdev_init_gpio_in(DEVICE(cpu), openrisc_pic_cpu_handler, NR_IRQS); =20 for (i =3D 0; i < NR_IRQS; i++) { - cpu->env.irq[i] =3D qi[i]; + cpu->env.irq[i] =3D qdev_get_gpio_in(DEVICE(cpu), i); } } --=20 2.21.1 From nobody Thu May 16 17:55:58 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1586882128; cv=none; d=zohomail.com; s=zohoarc; b=ItfV7zxi/aAQ4MGETUqlXAJ9mvKLqVNrofgFun2/XlMj2yV1HUIwOwSOyy0MCvSnyv6GvHU/X8S8srVJ1F/4x8peqCdkUPdZJZjIfnbEeA7mSFjSS6KCD1aZU+nwMByPjEHyZ6gq1HOmUtE70uTqhdRo9UQCBExxMrwSflQ++oo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1586882128; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=YAfEGA4pShKXRTklWkYx1xXMbd4XoGQUU9RSc9eismw=; b=CxxJlvvh2duI9j6flgQKZ6vjEr11S0hTSdtccHMasxV4bbSmmeVKm9yiw5zh3TrhmbOa3vZOlpZVfrEr8T66esibabBOmuO4hQh8UVSXTwmqeTVGU+2Umdn1gKCuVtXDhRItqlYoI2PrVW8TzUq1NreRVi07P6so/SUipq9fHeM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1586882128744937.9057170649132; Tue, 14 Apr 2020 09:35:28 -0700 (PDT) Received: from localhost ([::1]:34266 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOOX0-0003iE-7U for importer@patchew.org; Tue, 14 Apr 2020 12:35:26 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:52726) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOOS6-0005Gu-Mk for qemu-devel@nongnu.org; Tue, 14 Apr 2020 12:30:23 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jOOS4-0000dX-Ex for qemu-devel@nongnu.org; Tue, 14 Apr 2020 12:30:21 -0400 Received: from us-smtp-delivery-1.mimecast.com ([205.139.110.120]:37296 helo=us-smtp-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1jOLf4-0008JT-In for qemu-devel@nongnu.org; Tue, 14 Apr 2020 09:31:34 -0400 Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com [209.85.221.69]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-328-EgdhwhkWOzyD8oAqmnu0OA-1; Tue, 14 Apr 2020 09:31:32 -0400 Received: by mail-wr1-f69.google.com with SMTP id m5so5561897wru.15 for ; Tue, 14 Apr 2020 06:31:32 -0700 (PDT) Received: from x1w.redhat.com (116.red-83-42-57.dynamicip.rima-tde.net. [83.42.57.116]) by smtp.gmail.com with ESMTPSA id b11sm19174133wrq.26.2020.04.14.06.31.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 14 Apr 2020 06:31:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1586871094; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=YAfEGA4pShKXRTklWkYx1xXMbd4XoGQUU9RSc9eismw=; b=T4MethA7voJWKGjKKYvNPmXRgHLi+tJZ8tSDIvQ4IRKhp6qwvmoBL8dQ/XUL7TGzIivUOS aoie3BKTXd9A31DezrNxGYKBmiMyr32nA+pq9dLat11N7PGahgWvMGDV+j5cH2JQUto0wP Ns2X408AXii0E/QyMt0/iOGLcrg6KcY= X-MC-Unique: EgdhwhkWOzyD8oAqmnu0OA-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=R16ilq50Jn1I1kGv3Dmicd9P1j+Zk5asckFlP1ZiX90=; b=BBX2+9wwK7a+doBbpBbwWeT+jZaqV/XZlobUYEqV9wWcqBj87wvM/MpqXxfK4QFdAy sy2gnmGYMp22XBNWnkN3tC7m2eMzynAMwFMn4c/HqGmc+tqjdez1BWRB7fawcBiw46EA cWB3lN9pEFXG1wL5lpldbjkD9fCpG6FJvczFyz5SANMFIECi8ib5MU8YjEqBFi+qnv+J JbGNgbSYSo6WkavhNG4262p5GlPvaAZIwFDokeP7TzxYD96hOOTNzee8er0Okm+PFoba 5jaSHwMfxh1wsQbBfqPfI4JQHI3QvMzDNTlTW9Odj+jRPsgAnshwpNxGvx3am13zU26L 3h5Q== X-Gm-Message-State: AGi0PuYxCQfcoq/DnNRQw8Vzgdxr5EL3wzlCAkdyYGUc+kbIQCXRZHLd b/w540cSIpmCZDtxMgqNBwB0kOk4Xj6L6GldkjPQbBIegwUuiIewAEBUBzQV2g2xcgYl2lC24uG RLgjAam3YrOpPf90= X-Received: by 2002:a1c:2b06:: with SMTP id r6mr25127865wmr.25.1586871091259; Tue, 14 Apr 2020 06:31:31 -0700 (PDT) X-Google-Smtp-Source: APiQypIKxHy3Uzk8jeWwU9k6qAkmvuC/6JDPqfgkBrtZcfvHkg3qCEUxYyJmOMaSLkPh1mCkZWM9Ww== X-Received: by 2002:a1c:2b06:: with SMTP id r6mr25127835wmr.25.1586871091004; Tue, 14 Apr 2020 06:31:31 -0700 (PDT) From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Subject: [PATCH-for-5.0 07/12] hw/misc/grlib_ahb_apb_pnp: Avoid crash when writing to AHB PnP registers Date: Tue, 14 Apr 2020 15:30:47 +0200 Message-Id: <20200414133052.13712-8-philmd@redhat.com> X-Mailer: git-send-email 2.21.1 In-Reply-To: <20200414133052.13712-1-philmd@redhat.com> References: <20200414133052.13712-1-philmd@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 205.139.110.120 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , Peter Maydell , qemu-block@nongnu.org, "Michael S. Tsirkin" , Michael Roth , Fabien Chouteau , Max Filippov , KONRAD Frederic , qemu-arm@nongnu.org, qemu-ppc@nongnu.org, Gerd Hoffmann , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Stafford Horne , Max Reitz , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Aurelien Jarno , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8"; text/plain; charset="utf-8" From: Philippe Mathieu-Daud=C3=A9 Similarly to commit 158b659451 with the APB PnP registers, guests can crash QEMU when writting to the AHB PnP registers: $ echo 'writeb 0xfffff042 69' | qemu-system-sparc -M leon3_generic -S -bi= os /etc/magic -qtest stdio [I 1571938309.932255] OPENED [R +0.063474] writeb 0xfffff042 69 Segmentation fault (core dumped) (gdb) bt #0 0x0000000000000000 in () #1 0x0000562999110df4 in memory_region_write_with_attrs_accessor (mr=3Dmr@entry=3D0x56299aa28ea0, addr=3D66, value=3Dvalue@entry=3D0x7= fff6abe13b8, size=3Dsize@entry=3D1, shift=3D, mask=3Dmask@en= try=3D255, attrs=3D...) at memory.c:503 #2 0x000056299911095e in access_with_adjusted_size (addr=3Daddr@entry=3D66, value=3Dvalue@entry=3D0x7fff6abe13b8, size= =3Dsize@entry=3D1, access_size_min=3D, access_size_max=3D, access_fn=3Daccess_fn@entry=3D 0x562999110d70 , mr=3D0x5629= 9aa28ea0, attrs=3D...) at memory.c:539 #3 0x0000562999114fba in memory_region_dispatch_write (mr=3Dmr@entry=3D0= x56299aa28ea0, addr=3D66, data=3D, op=3D, att= rs=3Dattrs@entry=3D...) at memory.c:1482 #4 0x00005629990c0860 in flatview_write_continue (fv=3Dfv@entry=3D0x56299aa7d8a0, addr=3Daddr@entry=3D4294963266, attr= s=3D..., ptr=3Dptr@entry=3D0x7fff6abe1540, len=3Dlen@entry=3D1, addr1=3D, l=3D, mr=3D0x56299aa28ea0) at include/qemu/host-utils.h:164 #5 0x00005629990c0a76 in flatview_write (fv=3D0x56299aa7d8a0, addr=3D429= 4963266, attrs=3D..., buf=3D0x7fff6abe1540, len=3D1) at exec.c:3165 #6 0x00005629990c4c1b in address_space_write (as=3D, addr= =3D, attrs=3D..., attrs@entry=3D..., buf=3Dbuf@entry=3D0x7ff= f6abe1540, len=3Dlen@entry=3D1) at exec.c:3256 #7 0x000056299910f807 in qtest_process_command (chr=3Dchr@entry=3D0x5629= 995ee920 , words=3Dwords@entry=3D0x56299acfcfa0) at qtest.c:437 Instead of crashing, log the access as unimplemented. Reviewed-by: KONRAD Frederic Signed-off-by: Philippe Mathieu-Daud=C3=A9 Message-Id: <20200331105048.27989-3-f4bug@amsat.org> Signed-off-by: Philippe Mathieu-Daud=C3=A9 --- hw/misc/grlib_ahb_apb_pnp.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/hw/misc/grlib_ahb_apb_pnp.c b/hw/misc/grlib_ahb_apb_pnp.c index e230e25363..72a8764776 100644 --- a/hw/misc/grlib_ahb_apb_pnp.c +++ b/hw/misc/grlib_ahb_apb_pnp.c @@ -136,8 +136,15 @@ static uint64_t grlib_ahb_pnp_read(void *opaque, hwadd= r offset, unsigned size) return ahb_pnp->regs[offset >> 2]; } =20 +static void grlib_ahb_pnp_write(void *opaque, hwaddr addr, + uint64_t val, unsigned size) +{ + qemu_log_mask(LOG_UNIMP, "%s not implemented\n", __func__); +} + static const MemoryRegionOps grlib_ahb_pnp_ops =3D { .read =3D grlib_ahb_pnp_read, + .write =3D grlib_ahb_pnp_write, .endianness =3D DEVICE_BIG_ENDIAN, }; =20 --=20 2.21.1 From nobody Thu May 16 17:55:58 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1586884894; cv=none; d=zohomail.com; s=zohoarc; b=nr51QtJW0pr0OxipfIpCnt98FJTDVGKJpcp2iCNQxTum7kit9dhU6JXOWYCmjGwumIM4e+Zo4S7jSEf35jGyh3z7mKl2XmKUzh03mOElSCWYbKhRwioFu3qeNgzpdoLbQQZQK/pBcB5c/lHk98Ie3XqWCPueTtkrfLFOX9929l8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1586884894; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=sp8SzHLCDmolhv1WuiLlsIvFgsrHTJti0rZsOPUJPyM=; b=NjPMN9fkKQZVhu4DNtK2INZrIQWWHrdTu0jztTyGbwfwMnGjMGdk4fyqJRZiLiKPLkyBZ1ZU5LNLf4kboVDEd7wnZ1yKTmeIkhe/Auszhl73wgG5TNbo9VEkG2LAEwg0gp5t0WvtViOUIc0OrmR1g9fov1IPvrRUDOoBEqDuahI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1586884894942336.3539428672873; Tue, 14 Apr 2020 10:21:34 -0700 (PDT) Received: from localhost ([::1]:35996 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOPFc-0005Zv-8l for importer@patchew.org; Tue, 14 Apr 2020 13:21:32 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:42513) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOP1L-0007a6-GC for qemu-devel@nongnu.org; Tue, 14 Apr 2020 13:06:48 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jOP1K-0006o1-BK for qemu-devel@nongnu.org; Tue, 14 Apr 2020 13:06:47 -0400 Received: from us-smtp-1.mimecast.com ([205.139.110.61]:40598 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1jOLfA-0008Kd-Bi for qemu-devel@nongnu.org; Tue, 14 Apr 2020 09:31:40 -0400 Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-352-lhnjZcTPPweyx_9poJXKgA-1; Tue, 14 Apr 2020 09:31:37 -0400 Received: by mail-wr1-f70.google.com with SMTP id o12so5624730wra.14 for ; Tue, 14 Apr 2020 06:31:37 -0700 (PDT) Received: from x1w.redhat.com (116.red-83-42-57.dynamicip.rima-tde.net. [83.42.57.116]) by smtp.gmail.com with ESMTPSA id t13sm2952131wre.70.2020.04.14.06.31.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 14 Apr 2020 06:31:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1586871100; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=sp8SzHLCDmolhv1WuiLlsIvFgsrHTJti0rZsOPUJPyM=; b=N+Vob9krwCKOimUmtELkT+ceW5juhZCEe8tn455q7ofep3e5aMGFaa5lkcuC2T0ryRNfFs Bc2w6yMUNoUPTDawAWNP3RA3/BtPBKHR2LozuwXDZgNV/jFzxLdwShDT+O/OdWXvPw+w1E bKy/s0iqSx/albh89N7lolzlt/Wv4o8= X-MC-Unique: lhnjZcTPPweyx_9poJXKgA-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=tNX3//qXDnRxcPpWRn8QtDnslzojVakNKy5THztVse4=; b=uiy49fAn5d7RVhgC1iZY76apypPNmQ31qu317/C3iMTAXq1DZRHlgWDaW8HpfrOlAC tg/n7n2a6q07mP7vXiIX4PYOFi3OaRiEUH3MUnFHXrR838u8tMMxmr7iDXWtDaUVkGDM EqJB3X2mHXcoEBwU8QBlgCTal20TXEu7Q/Zued1xe6sOgYaskHr672UftS1JwcgwUe/m F5tFAkgQ5TBq/8y/JoLWh7vcgV4dc2xIrQXb1fE63/chfoljrYJuLzJFTFHkcFzeZPsB S26lNvfkLihceBY9PPzs64XGgjGGWN1/kUZHOdCBRVD0dxsHGKci6x7kHzbanscoantq UjbQ== X-Gm-Message-State: AGi0PuYaEzYvU7YuLJCEvBYtbPwCx/nPNBGLzI88uSaWNlWs3TUy8wwT t5IZx+XR802w0qZMf+iYtO/9WG9vY0Rtmlbeu9cmXi2/0QDieiUx+/bM5pOvgUq+jmBfj0+4Li4 mJ1g3Ons/qxKjT4I= X-Received: by 2002:a5d:460b:: with SMTP id t11mr21176976wrq.319.1586871096166; Tue, 14 Apr 2020 06:31:36 -0700 (PDT) X-Google-Smtp-Source: APiQypIv9RBVDEd3xw1GEDZI6IhmUZJUQ1PGjXeX5+q1aweflnJmMAgLsdEz4/QVZsnGZyoClpC5sg== X-Received: by 2002:a5d:460b:: with SMTP id t11mr21176965wrq.319.1586871095937; Tue, 14 Apr 2020 06:31:35 -0700 (PDT) From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Subject: [PATCH-for-5.0 08/12] hw/misc/grlib_ahb_apb_pnp: Fix AHB PnP 8-bit accesses Date: Tue, 14 Apr 2020 15:30:48 +0200 Message-Id: <20200414133052.13712-9-philmd@redhat.com> X-Mailer: git-send-email 2.21.1 In-Reply-To: <20200414133052.13712-1-philmd@redhat.com> References: <20200414133052.13712-1-philmd@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 205.139.110.61 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , Peter Maydell , qemu-block@nongnu.org, "Michael S. Tsirkin" , Michael Roth , Fabien Chouteau , Max Filippov , KONRAD Frederic , qemu-arm@nongnu.org, qemu-ppc@nongnu.org, Gerd Hoffmann , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Stafford Horne , Max Reitz , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Aurelien Jarno , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8"; text/plain; charset="utf-8" From: Philippe Mathieu-Daud=C3=A9 The Plug & Play region of the AHB/APB bridge can be accessed by various word size, however the implementation is clearly restricted to 32-bit: static uint64_t grlib_ahb_pnp_read(void *opaque, hwaddr offset, unsigned = size) { AHBPnp *ahb_pnp =3D GRLIB_AHB_PNP(opaque); return ahb_pnp->regs[offset >> 2]; } Similarly to commit 0fbe394a64 with the APB PnP registers, set the MemoryRegionOps::impl min/max fields to 32-bit, so memory.c::access_with_adjusted_size() can adjust when the access is not 32-bit. Reviewed-by: KONRAD Frederic Signed-off-by: Philippe Mathieu-Daud=C3=A9 Message-Id: <20200331105048.27989-4-f4bug@amsat.org> Signed-off-by: Philippe Mathieu-Daud=C3=A9 --- hw/misc/grlib_ahb_apb_pnp.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/hw/misc/grlib_ahb_apb_pnp.c b/hw/misc/grlib_ahb_apb_pnp.c index 72a8764776..d22ed00206 100644 --- a/hw/misc/grlib_ahb_apb_pnp.c +++ b/hw/misc/grlib_ahb_apb_pnp.c @@ -146,6 +146,10 @@ static const MemoryRegionOps grlib_ahb_pnp_ops =3D { .read =3D grlib_ahb_pnp_read, .write =3D grlib_ahb_pnp_write, .endianness =3D DEVICE_BIG_ENDIAN, + .impl =3D { + .min_access_size =3D 4, + .max_access_size =3D 4, + }, }; =20 static void grlib_ahb_pnp_realize(DeviceState *dev, Error **errp) --=20 2.21.1 From nobody Thu May 16 17:55:58 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1586883795; cv=none; d=zohomail.com; s=zohoarc; b=L/9b70Nqk9SUhNBkqpU+wMRFqyyCS/OECwnZFQ8/B0rlXwbCTb76DhbAKTWZWsbxJR7b0zbrklUNVCqAptU83oVDV3GrcAWaZ3S6SKRiE6BDfuXxCGoUbF/xl2a+fbcU76cd7MYsVsqrPCvLCNlXyo6gBg47TOqzojU8K9x2PRI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1586883795; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=5F5VGUrhvJ/6dwp4oORH6NykPEQT94CUfCEwFf8jKAI=; b=FEthM3WHZmslytsbbKIsuMRu5AZzRevKhXZJSKerbhlv6agBVPnWEcOFR1We8gr36BYl6JZRqCTm8sLL0o/vk3CbX6UkvJG8jNTaItlqs8hiO/9e8GmPMqCUQ8lztEWxInag0JiCuM8AUt1GwZiDIkHACg7OvERM/+jA2QZAF+Y= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1586883795285439.78457355226953; Tue, 14 Apr 2020 10:03:15 -0700 (PDT) Received: from localhost ([::1]:35458 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOOxt-0000Wn-Tz for importer@patchew.org; Tue, 14 Apr 2020 13:03:14 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:39092) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOOvy-0006yU-7d for qemu-devel@nongnu.org; Tue, 14 Apr 2020 13:01:17 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jOOvt-0002KY-GO for qemu-devel@nongnu.org; Tue, 14 Apr 2020 13:01:13 -0400 Received: from us-smtp-delivery-1.mimecast.com ([207.211.31.120]:43066 helo=us-smtp-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1jOLfK-0008MU-3t for qemu-devel@nongnu.org; Tue, 14 Apr 2020 09:31:50 -0400 Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-337-j-iFQrp8NIuLMlyoDjyX-A-1; Tue, 14 Apr 2020 09:31:44 -0400 Received: by mail-wm1-f69.google.com with SMTP id n127so3769576wme.4 for ; Tue, 14 Apr 2020 06:31:44 -0700 (PDT) Received: from x1w.redhat.com (116.red-83-42-57.dynamicip.rima-tde.net. [83.42.57.116]) by smtp.gmail.com with ESMTPSA id j68sm19680265wrj.32.2020.04.14.06.31.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 14 Apr 2020 06:31:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1586871109; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=5F5VGUrhvJ/6dwp4oORH6NykPEQT94CUfCEwFf8jKAI=; b=gRuTmzrlipJ+G0VE/i9jILhxh4/WUuefnDmrs1cg4WJosgegZGxzsarSwjJGSclsYu6Vab U6TL1mx4a1kViSdS2eQDQ0FiI4wR1S3EP7eJsm1u0Lgi0VKreK3JMzPb5sGfcWeZqsxKr/ DcCKc6jy7QL2iKUzgnO2Qc8cY7RC6RY= X-MC-Unique: j-iFQrp8NIuLMlyoDjyX-A-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=TyZlA8S5K4aOaRBq4xW9gDApmrrmteGX4XubxYmsTLk=; b=L+4DzkCE+sYx2MXMIBFQPPWYx5DNX81I6uTbu8U2RzoLIGpOOwMYn6S19TpWp6di/2 N0dl9RY3Dibm1r0YS2ZxyqfE18OFXrlv8osX8spXdc/QsqVFsy45dHj9mCnT04Yayu2G 7YdqxD4Ho1MWCIhCo9mkb5FIM+Hm8DJQ/F+fHoT7HWBM8oRhWhdajEXQviPr8MiO3a20 kVEMGdM9s4tRvQthc4dl7w2UbKmOOqsg7R9p5Fen7yZfhg85LK/ETbJjvpUmJM7bNsmY Hz6RegsMYAbQDl00mgOMhs/AEI7RdpGotQUSURAvXQ3ZaOubDBYgj7uqwpjVO5lBnzj6 bXuw== X-Gm-Message-State: AGi0PuZtO6YSssKFGKQ9+xPpi6Y5nY7/H/qCONYIJ2aGxqBENAiiPuMB DH+WIpvRVPpi+7aYZFlsiulDyOc0PBQg61I2IGc3J5BLnW3eptJtQVXhhSdiqUHYF1QUVJuCijh JhHbMUxliip62bxI= X-Received: by 2002:adf:f1c2:: with SMTP id z2mr25296875wro.40.1586871101510; Tue, 14 Apr 2020 06:31:41 -0700 (PDT) X-Google-Smtp-Source: APiQypJP6fHl4xNW7Nqa11UFZNTCw4vVRGUyy4CcjNllaD1Gvcu9E5d3AraZgLgF6aFxBzGxafB78g== X-Received: by 2002:adf:f1c2:: with SMTP id z2mr25296846wro.40.1586871101209; Tue, 14 Apr 2020 06:31:41 -0700 (PDT) From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Subject: [PATCH-for-5.0 09/12] hw/display/sm501: Avoid heap overflow in sm501_2d_operation() Date: Tue, 14 Apr 2020 15:30:49 +0200 Message-Id: <20200414133052.13712-10-philmd@redhat.com> X-Mailer: git-send-email 2.21.1 In-Reply-To: <20200414133052.13712-1-philmd@redhat.com> References: <20200414133052.13712-1-philmd@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 207.211.31.120 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , Peter Maydell , qemu-block@nongnu.org, "Michael S. Tsirkin" , qemu-stable@nongnu.org, Michael Roth , Fabien Chouteau , Zhang Zi Ming <1015138407@qq.com>, Max Filippov , KONRAD Frederic , qemu-arm@nongnu.org, qemu-ppc@nongnu.org, Gerd Hoffmann , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Stafford Horne , Max Reitz , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Aurelien Jarno , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8"; text/plain; charset="utf-8" From: Philippe Mathieu-Daud=C3=A9 Zhang Zi Ming reported a heap overflow in the Drawing Engine of the SM501 companion chip model, in particular in the COPY_AREA() macro in sm501_2d_operation(). Add a simple check to avoid the heap overflow. This fixes: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D20518=3D=3DERROR: AddressSanitizer: heap-buffer-overflow on address= 0x7f6f4c3fffff at pc 0x55b1e1d358f0 bp 0x7ffce464dfb0 sp 0x7ffce464dfa8 READ of size 1 at 0x7f6f4c3fffff thread T0 #0 0x55b1e1d358ef in sm501_2d_operation hw/display/sm501.c:788:13 #1 0x55b1e1d32c38 in sm501_2d_engine_write hw/display/sm501.c:1466:13 #2 0x55b1e0cd19d8 in memory_region_write_accessor memory.c:483:5 #3 0x55b1e0cd1404 in access_with_adjusted_size memory.c:544:18 #4 0x55b1e0ccfb9d in memory_region_dispatch_write memory.c:1476:16 #5 0x55b1e0ae55a8 in flatview_write_continue exec.c:3125:23 #6 0x55b1e0ad3e87 in flatview_write exec.c:3165:14 #7 0x55b1e0ad3a24 in address_space_write exec.c:3256:18 0x7f6f4c3fffff is located 4194303 bytes to the right of 4194304-byte regi= on [0x7f6f4bc00000,0x7f6f4c000000) allocated by thread T0 here: #0 0x55b1e0a6e715 in __interceptor_posix_memalign (ppc64-softmmu/qemu= -system-ppc64+0x19c0715) #1 0x55b1e31c1482 in qemu_try_memalign util/oslib-posix.c:189:11 #2 0x55b1e31c168c in qemu_memalign util/oslib-posix.c:205:27 #3 0x55b1e11a00b3 in spapr_reallocate_hpt hw/ppc/spapr.c:1560:23 #4 0x55b1e11a0ce4 in spapr_setup_hpt hw/ppc/spapr.c:1593:5 #5 0x55b1e11c2fba in spapr_machine_reset hw/ppc/spapr.c:1644:9 #6 0x55b1e1368b01 in qemu_system_reset softmmu/vl.c:1391:9 #7 0x55b1e1375af3 in qemu_init softmmu/vl.c:4436:5 #8 0x55b1e2fc8a59 in main softmmu/main.c:48:5 #9 0x7f6f8150bf42 in __libc_start_main (/lib64/libc.so.6+0x23f42) SUMMARY: AddressSanitizer: heap-buffer-overflow hw/display/sm501.c:788:13= in sm501_2d_operation Shadow bytes around the buggy address: 0x0fee69877fa0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0fee69877fb0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0fee69877fc0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0fee69877fd0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0fee69877fe0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa =3D>0x0fee69877ff0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa[fa] 0x0fee69878000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0fee69878010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0fee69878020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0fee69878030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0fee69878040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Poisoned by user: f7 ASan internal: fe =3D=3D20518=3D=3DABORTING Cc: qemu-stable@nongnu.org Fixes: 07d8a50cb0e ("sm501: add 2D engine copyrect support") Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=3D1786026 Reported-by: Zhang Zi Ming <1015138407@qq.com> Acked-by: BALATON Zoltan Signed-off-by: Philippe Mathieu-Daud=C3=A9 Message-Id: <20200413220100.18628-1-f4bug@amsat.org> Signed-off-by: Philippe Mathieu-Daud=C3=A9 --- hw/display/sm501.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/hw/display/sm501.c b/hw/display/sm501.c index de0ab9d977..902acb3875 100644 --- a/hw/display/sm501.c +++ b/hw/display/sm501.c @@ -726,6 +726,12 @@ static void sm501_2d_operation(SM501State *s) int crt =3D (s->dc_crt_control & SM501_DC_CRT_CONTROL_SEL) ? 1 : 0; int fb_len =3D get_width(s, crt) * get_height(s, crt) * get_bpp(s, crt= ); =20 + if (rtl && (src_x < operation_width || src_y < operation_height)) { + qemu_log_mask(LOG_GUEST_ERROR, "sm501: Illegal RTL address (%i, %i= )\n", + src_x, src_y); + return; + } + if (addressing !=3D 0x0) { printf("%s: only XY addressing is supported.\n", __func__); abort(); --=20 2.21.1 From nobody Thu May 16 17:55:58 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1586883761; cv=none; d=zohomail.com; s=zohoarc; b=caG+N7eGeTKXIZg+4OUjLjSc+Qxmq610NlWbgKKB8R+HX3EcUfKgLNX1J4HpLc86uPKJGzEx6ZLvF5TGXoA/9xASS/+hdLLnWlRSHeH5fMR+9SuaIww/dC1YA1ZrSIxY+JLtuc58glA0SzrIWrxHbDr8chIAeFL54/vWKtK1tpU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1586883761; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=paXjZbPCkV37DDf2O1tNOwKJgrQ4LCbjZD9did5UhGw=; b=AE8cBsMSbtfMwHJvhghNRBg5MIPAbqUXrYwzq/JiVdP4mmTfHeD0v4sIu5OBW2gAaV5eA2KEWT2kcpyJlU76/kyw0ugqX+cZt33XmcyT0tumtldf2GtBvv9fPQFDLk3tbpLgiueMao9ZG3WWIpdDzZjkz6MfNynssWwtFszwwhE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1586883761580206.3898644328267; Tue, 14 Apr 2020 10:02:41 -0700 (PDT) Received: from localhost ([::1]:35416 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOOxM-0007xZ-7N for importer@patchew.org; Tue, 14 Apr 2020 13:02:40 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:38085) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOOtr-0003Fh-4V for qemu-devel@nongnu.org; Tue, 14 Apr 2020 12:59:04 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jOOtp-0000s6-QI for qemu-devel@nongnu.org; Tue, 14 Apr 2020 12:59:03 -0400 Received: from us-smtp-1.mimecast.com ([205.139.110.61]:23199 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1jOLfK-0008MW-6f for qemu-devel@nongnu.org; Tue, 14 Apr 2020 09:31:50 -0400 Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com [209.85.221.72]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-36-ZiymqHNpMOeHZ2i9ivgSZg-1; Tue, 14 Apr 2020 09:31:48 -0400 Received: by mail-wr1-f72.google.com with SMTP id j22so8731086wrb.4 for ; Tue, 14 Apr 2020 06:31:48 -0700 (PDT) Received: from x1w.redhat.com (116.red-83-42-57.dynamicip.rima-tde.net. [83.42.57.116]) by smtp.gmail.com with ESMTPSA id n6sm19582479wrs.81.2020.04.14.06.31.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 14 Apr 2020 06:31:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1586871109; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=paXjZbPCkV37DDf2O1tNOwKJgrQ4LCbjZD9did5UhGw=; b=CAGhbGeEVE5IyK+HvnZYSW7f5eF2gadfvEwuzlPQDNkQLqri0uaa2u0KsLOrBBwckTH6Hv 9Usw7wPKZpz7b+bSVNnsrVZZDmKN+3pnTfUKqNoH96Pb+r5pZ5CN9nUt6nHKHf423t9mVq hCeEd4FOy32vd8Cfe80b8T9B6FAhI7M= X-MC-Unique: ZiymqHNpMOeHZ2i9ivgSZg-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=VKuurj9MXRedKfmA5ryNgu9rBKfxRZmPvNByOLPGMI4=; b=OVMY/b6a+dIxrG1hJ8HbdyxjlYxlweN38AkNMQbhIYlBmXRkOvYjAmZgKb0F2WOltu A6ynRqZoXg6vk5foQaDnLDU1G+QXkoATYNBGotKz/LsqE1Nl4D1Th+DTD9R1VLIEwP7Q SVRUdhP5buympBdwJlPjTrnP/xeXusZ8XfnE9Akt+SguZ7Q20Ya6iqUD41jrY05RrKMJ 1qvuy0kTqFcYUTLI7eONSxi1uKWjnKok7SkRwElxJ+aeLBBI1QTsG/DcrhwKhNapO3b4 8SHJHcdmEmUJrEYoI+IqCfmh2bT8wJxOMhhbKsxJSHtUAr+TtZoJWTdIUBol5yYYqVsx Fm1g== X-Gm-Message-State: AGi0PuZqhJ10coNUdsQ1TqAi9L+Agbt6+D0G70KNnejWPxoCTBKWPqbU d/xP5mxbVX2rAWFtgaEdzPxiPDUc523drzOuvcQ2pGgIzjDB8Wa+XnaVQJG2GyoGUxvliyHlRwk 4dr8v0Mc6ZT3zXIk= X-Received: by 2002:a1c:bd54:: with SMTP id n81mr22998501wmf.141.1586871107033; Tue, 14 Apr 2020 06:31:47 -0700 (PDT) X-Google-Smtp-Source: APiQypJVzEvlOYwkSBwVlRPHnYkDX8MfVacv5//9ggyGXKU+OID2YJMC0BXwtMAu7MVAX7f0ZUOUlQ== X-Received: by 2002:a1c:bd54:: with SMTP id n81mr22998457wmf.141.1586871106571; Tue, 14 Apr 2020 06:31:46 -0700 (PDT) From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Subject: [PATCH-for-5.0 10/12] hw/block/pflash: Check return value of blk_pwrite() Date: Tue, 14 Apr 2020 15:30:50 +0200 Message-Id: <20200414133052.13712-11-philmd@redhat.com> X-Mailer: git-send-email 2.21.1 In-Reply-To: <20200414133052.13712-1-philmd@redhat.com> References: <20200414133052.13712-1-philmd@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 205.139.110.61 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , Peter Maydell , qemu-block@nongnu.org, "Michael S. Tsirkin" , Mansour Ahmadi , Michael Roth , Fabien Chouteau , Max Filippov , KONRAD Frederic , qemu-arm@nongnu.org, qemu-ppc@nongnu.org, Gerd Hoffmann , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Stafford Horne , Max Reitz , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Aurelien Jarno Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8"; text/plain; charset="utf-8" From: Mansour Ahmadi When updating the PFLASH file contents, we should check for a possible failure of blk_pwrite(). Similar to commit 3a688294e. Signed-off-by: Mansour Ahmadi Message-Id: <20200408003552.58095-1-mansourweb@gmail.com> [PMD: Add missing "qemu/error-report.h" include and TODO comment] Signed-off-by: Philippe Mathieu-Daud=C3=A9 Reported-by: Coverity (CID 1357678 CHECKED_RETURN) --- hw/block/pflash_cfi01.c | 8 +++++++- hw/block/pflash_cfi02.c | 8 +++++++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/hw/block/pflash_cfi01.c b/hw/block/pflash_cfi01.c index 24f3bce7ef..be1954c5d8 100644 --- a/hw/block/pflash_cfi01.c +++ b/hw/block/pflash_cfi01.c @@ -42,6 +42,7 @@ #include "hw/qdev-properties.h" #include "sysemu/block-backend.h" #include "qapi/error.h" +#include "qemu/error-report.h" #include "qemu/timer.h" #include "qemu/bitops.h" #include "qemu/error-report.h" @@ -399,13 +400,18 @@ static void pflash_update(PFlashCFI01 *pfl, int offse= t, int size) { int offset_end; + int ret; if (pfl->blk) { offset_end =3D offset + size; /* widen to sector boundaries */ offset =3D QEMU_ALIGN_DOWN(offset, BDRV_SECTOR_SIZE); offset_end =3D QEMU_ALIGN_UP(offset_end, BDRV_SECTOR_SIZE); - blk_pwrite(pfl->blk, offset, pfl->storage + offset, + ret =3D blk_pwrite(pfl->blk, offset, pfl->storage + offset, offset_end - offset, 0); + if (ret < 0) { + /* TODO set error bit in status */ + error_report("Could not update PFLASH: %s", strerror(-ret)); + } } } =20 diff --git a/hw/block/pflash_cfi02.c b/hw/block/pflash_cfi02.c index 12f18d401a..c6b6f2d082 100644 --- a/hw/block/pflash_cfi02.c +++ b/hw/block/pflash_cfi02.c @@ -37,6 +37,7 @@ #include "hw/block/flash.h" #include "hw/qdev-properties.h" #include "qapi/error.h" +#include "qemu/error-report.h" #include "qemu/bitmap.h" #include "qemu/timer.h" #include "sysemu/block-backend.h" @@ -393,13 +394,18 @@ static uint64_t pflash_read(void *opaque, hwaddr offs= et, unsigned int width) static void pflash_update(PFlashCFI02 *pfl, int offset, int size) { int offset_end; + int ret; if (pfl->blk) { offset_end =3D offset + size; /* widen to sector boundaries */ offset =3D QEMU_ALIGN_DOWN(offset, BDRV_SECTOR_SIZE); offset_end =3D QEMU_ALIGN_UP(offset_end, BDRV_SECTOR_SIZE); - blk_pwrite(pfl->blk, offset, pfl->storage + offset, + ret =3D blk_pwrite(pfl->blk, offset, pfl->storage + offset, offset_end - offset, 0); + if (ret < 0) { + /* TODO set error bit in status */ + error_report("Could not update PFLASH: %s", strerror(-ret)); + } } } =20 --=20 2.21.1 From nobody Thu May 16 17:55:58 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1586882185; cv=none; d=zohomail.com; s=zohoarc; b=l5cqZX38GfTD5bX0P+6EDOVN8OYegIitTQMt1oMGyxHFpROUT56dI7CycdZVfMPD7QATka7t66W+DTmxmaSXxrfK4Pb6LSlE0kMBBQyva3ZiZFNDEZIq4C7pf5t7nL3n3yY7eIXQ2QgzUFr6FABdckUE9XHkdk3mdkwOq9qFvkY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1586882185; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Fjs4yVSzX/t7eIZ4BMJCeGD5o8nvdl+6NyWwA/aHCM0=; b=aey7iQ32cHK3oftU+tARLT0pb6j9N+qcGb70pyATwegkbniC+rj4DqXeeqav451hzzrZ3xZL2jzd+AaNfSl5h5t2jNZVXhC7qI95bL5LJ4BtwDEu0HtgXu+Ckcj46+bNwvtQBpgl3hJbMGbxL+oBYjw6zIHZ8VsTilTrDYvUFHI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1586882185096973.7935399755095; Tue, 14 Apr 2020 09:36:25 -0700 (PDT) Received: from localhost ([::1]:34336 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOOXv-0005L3-Lv for importer@patchew.org; Tue, 14 Apr 2020 12:36:23 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:52026) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOOPN-0007Jd-Lx for qemu-devel@nongnu.org; Tue, 14 Apr 2020 12:27:35 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jOOPM-0007Zo-8B for qemu-devel@nongnu.org; Tue, 14 Apr 2020 12:27:33 -0400 Received: from us-smtp-delivery-1.mimecast.com ([207.211.31.120]:26198 helo=us-smtp-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1jOLfQ-0008P6-5J for qemu-devel@nongnu.org; Tue, 14 Apr 2020 09:31:56 -0400 Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-453-_fImy4kmMVWZ7V47WhgILQ-1; Tue, 14 Apr 2020 09:31:54 -0400 Received: by mail-wr1-f70.google.com with SMTP id j16so8003354wrw.20 for ; Tue, 14 Apr 2020 06:31:54 -0700 (PDT) Received: from x1w.redhat.com (116.red-83-42-57.dynamicip.rima-tde.net. [83.42.57.116]) by smtp.gmail.com with ESMTPSA id s14sm19592651wme.33.2020.04.14.06.31.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 14 Apr 2020 06:31:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1586871115; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Fjs4yVSzX/t7eIZ4BMJCeGD5o8nvdl+6NyWwA/aHCM0=; b=fCVIrjvANftPw/cpB8vc7GG2NPioQJ7Z3AUnVzDsLd8yUWu7dH9dsNYx8A0nZhEdBe12PQ KPrIaEvm8vF3a66ADEwLEkKpNUMql4RkKMRx3V5TEp0iJ1foSypHn3UKxC9XfWj2Al/nVN +zVlOZ3jTXgrxaPT8PJdoTH2q4ZJfJY= X-MC-Unique: _fImy4kmMVWZ7V47WhgILQ-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=RxFffFGRSs8+HS+rlE7EgcZ1aLnSCjkXM0Jmxf700XU=; b=jwEuGYIg8w5PKRqVQyATdwRSZpDQrtUFoSe9rRl7b4v9uhkSkYy0+wYjFA1yjQ4MAR oPBc/Uh3+JLW/k1F+SYT42PlOmFQ1Kzu5BJg17Asjz7L8d5eNAeifYLW1yf4BEgfv4UF hpf6UTZTTRNyRrANFKyF12LyHI6alu8Ds6RbF3At+zMnr0IY9Y9rNEJleZulhBTNLd0R QBZNcfNhhgVRWFShVSFFqf753az6QI8T7DSon3WnYbx95cEwiqqX3aFvlzNkb5e/HU4P Dp6vCKmYzEP6UuyluElc06kIwn/eMVkcPSzvpFa6EJ/pdyioZ3v3EIeGpWX0Tf2P7MZs KUQQ== X-Gm-Message-State: AGi0PuZJfhvKWw9iJjdFRsWn4uCGm7VByDRQD9Nd+zAMeaL/MaJOwoTR lP4pRzOLzHJKQmwWKRxgLnXaw2DKot3kPbkvSRdoNtMAob+qz8Al57/s2r4ffyXhEsegp5EqWlk +QFqdgFIw2KwQmdU= X-Received: by 2002:a1c:2e0a:: with SMTP id u10mr23597880wmu.146.1586871112676; Tue, 14 Apr 2020 06:31:52 -0700 (PDT) X-Google-Smtp-Source: APiQypJRJH2vy/dj6LD4fLL4gnrOHkxWz7ywj/Mxkgl91RzwfuK8MqCUULM6H1h+c2ndOXnhvXAG4g== X-Received: by 2002:a1c:2e0a:: with SMTP id u10mr23597795wmu.146.1586871111491; Tue, 14 Apr 2020 06:31:51 -0700 (PDT) From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Subject: [PATCH-for-5.0 11/12] gdbstub: Do not use memset() on GByteArray Date: Tue, 14 Apr 2020 15:30:51 +0200 Message-Id: <20200414133052.13712-12-philmd@redhat.com> X-Mailer: git-send-email 2.21.1 In-Reply-To: <20200414133052.13712-1-philmd@redhat.com> References: <20200414133052.13712-1-philmd@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 207.211.31.120 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , Peter Maydell , qemu-block@nongnu.org, "Michael S. Tsirkin" , Michael Roth , Fabien Chouteau , Max Filippov , KONRAD Frederic , qemu-arm@nongnu.org, qemu-ppc@nongnu.org, Gerd Hoffmann , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Stafford Horne , Max Reitz , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Aurelien Jarno Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8"; text/plain; charset="utf-8" Introduce gdb_get_zeroes() to fill a GByteArray with zeroes. Fixes: a010bdbe719 ("extend GByteArray to read register helpers") Suggested-by: Peter Maydell Signed-off-by: Philippe Mathieu-Daud=C3=A9 --- Since v1: Use memset (pm215) --- include/exec/gdbstub.h | 10 ++++++++++ target/arm/gdbstub.c | 3 +-- target/xtensa/gdbstub.c | 6 ++---- 3 files changed, 13 insertions(+), 6 deletions(-) diff --git a/include/exec/gdbstub.h b/include/exec/gdbstub.h index 30b909ebd2..f44bdd2270 100644 --- a/include/exec/gdbstub.h +++ b/include/exec/gdbstub.h @@ -125,6 +125,16 @@ static inline int gdb_get_reg128(GByteArray *buf, uint= 64_t val_hi, return 16; } =20 +static inline int gdb_get_zeroes(GByteArray *array, size_t len) +{ + guint oldlen =3D array->len; + + g_byte_array_set_size(array, oldlen + len); + memset(array->data + oldlen, 0, len); + + return len; +} + /** * gdb_get_reg_ptr: get pointer to start of last element * @len: length of element diff --git a/target/arm/gdbstub.c b/target/arm/gdbstub.c index 8efc535f2a..063551df23 100644 --- a/target/arm/gdbstub.c +++ b/target/arm/gdbstub.c @@ -47,8 +47,7 @@ int arm_cpu_gdb_read_register(CPUState *cs, GByteArray *m= em_buf, int n) if (gdb_has_xml) { return 0; } - memset(mem_buf, 0, 12); - return 12; + return gdb_get_zeroes(mem_buf, 12); } switch (n) { case 24: diff --git a/target/xtensa/gdbstub.c b/target/xtensa/gdbstub.c index 0ee3feabe5..4d43f1340a 100644 --- a/target/xtensa/gdbstub.c +++ b/target/xtensa/gdbstub.c @@ -105,8 +105,7 @@ int xtensa_cpu_gdb_read_register(CPUState *cs, GByteArr= ay *mem_buf, int n) default: qemu_log_mask(LOG_UNIMP, "%s from reg %d of unsupported size %= d\n", __func__, n, reg->size); - memset(mem_buf, 0, reg->size); - return reg->size; + return gdb_get_zeroes(mem_buf, reg->size); } =20 case xtRegisterTypeWindow: /*a*/ @@ -115,8 +114,7 @@ int xtensa_cpu_gdb_read_register(CPUState *cs, GByteArr= ay *mem_buf, int n) default: qemu_log_mask(LOG_UNIMP, "%s from reg %d of unsupported type %d\n", __func__, n, reg->type); - memset(mem_buf, 0, reg->size); - return reg->size; + return gdb_get_zeroes(mem_buf, reg->size); } } =20 --=20 2.21.1 From nobody Thu May 16 17:55:58 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1586885226; cv=none; d=zohomail.com; s=zohoarc; b=JN6tlk/420xuamONNaQUslUHp33F6co0FQe4wAD2ly7W3qtVeYKeEW56iNx06U0xVJ0YUFrafIqvEdHwjz/n33ZXNusLZ78mRznpOoGEQgEOG2kAISn77m+lhqqNcMMgp+63LQ6BINxwx2TINbQTKbsgUcBa975Lw6bSNhn6Jsk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1586885226; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=n59eKf+0oDoamY0gLsMDzHfLMPXzKnb/MCgiWXZhTz8=; b=n3/7Onjbtv6YH45xCsXhJnYZwbyKTgHIJ8mg6JgJOkjpKn9CDBCR/nEBWd4JMIBJ74kknvgM95M1DGs/hjwC6qOx2lML95BMwDvPC1UVw92Euz+dFV7Vis/JCkhv00CV01Jvh4wI0BcbtrXQkkyifvro+fUXldQhpsB+0PCfLlc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1586885226728492.16413325346855; Tue, 14 Apr 2020 10:27:06 -0700 (PDT) Received: from localhost ([::1]:36116 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOPKz-0004hy-G4 for importer@patchew.org; Tue, 14 Apr 2020 13:27:05 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43295) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jOP2e-0001Pp-Bp for qemu-devel@nongnu.org; Tue, 14 Apr 2020 13:08:09 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jOP2c-0007mY-VD for qemu-devel@nongnu.org; Tue, 14 Apr 2020 13:08:08 -0400 Received: from us-smtp-1.mimecast.com ([207.211.31.81]:52723 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1jOLfW-0008QO-FJ for qemu-devel@nongnu.org; Tue, 14 Apr 2020 09:32:02 -0400 Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com [209.85.221.72]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-419-Yf7dFgbKNairJ9qPhXYCfQ-1; Tue, 14 Apr 2020 09:32:00 -0400 Received: by mail-wr1-f72.google.com with SMTP id v14so8693450wrq.13 for ; Tue, 14 Apr 2020 06:31:59 -0700 (PDT) Received: from x1w.redhat.com (116.red-83-42-57.dynamicip.rima-tde.net. [83.42.57.116]) by smtp.gmail.com with ESMTPSA id a7sm2414016wrs.61.2020.04.14.06.31.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 14 Apr 2020 06:31:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1586871122; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=n59eKf+0oDoamY0gLsMDzHfLMPXzKnb/MCgiWXZhTz8=; b=LsUdJIZx68+f13Io4YQ8CITy7P4w1N6jtm9wWOKxt9BeTERKa5H6mfgCVJ4sAl9pjcmccy F541cxSUiDVhZStOZxp16uEV9jr6a4pt1ogZR+DERvE8sKjZza4CfOCOY4hNBORCfU5hxY gOLcq2lev21zPant6A5za6hjFP8lmYc= X-MC-Unique: Yf7dFgbKNairJ9qPhXYCfQ-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=KS4zH+Aytjp2L30CAb1LBJ5X0HgAg1y2VGWQ+0RaCBU=; b=LGHxbv14d8TpJ/ls/5ozP+llI1kQ1rtygC0Vym6MjBjqtzTv2NvIcytHGRqlAWv0h/ M5kwbiuUQd0EDQXat4baRKl6uo0C/ucB6D647quKpz8B3NSYTAkquVIkFQIqXupsf8X2 zFjDf37V0KfBs80tJ3QCG0MJJ3RhEXbhpcUY3b8cE5Xh5zRH6O6Ec4kn8JiIlgMJAi9r Fvu7ENFNk9T/+VP6NEcxQNZCmDWY77aMbILJTG3ulhhtvj0CqB7OxW1q3G+WKJTOvhhf jpfd/IrpibvfUIWj+1cZde5Lh38Puz5VsSHZ3h2L65u05txiVhoKGBCErbDMTZGpmcQL ++5g== X-Gm-Message-State: AGi0PuY5zgkCJSlkAIKOZz1Y+OwMxvKo5zxdEbM0iLsVJ8akrSzqkwJM 3iPoyancjvyjAvzZWSZu8Ckxkw9qBS05B12WQmSqUBxSk0/jh6oTBr7CjbflqLVKOWvSaoVIRNg XOxJk5FpiO9WmukY= X-Received: by 2002:a05:600c:a:: with SMTP id g10mr24285279wmc.153.1586871116613; Tue, 14 Apr 2020 06:31:56 -0700 (PDT) X-Google-Smtp-Source: APiQypL3uroLMeRg90QZWpGZ1WUFQokPTl6qoFHzPiMBF81f8x+sVHwBkls+HCO4GqUUhj2AY5KJiw== X-Received: by 2002:a05:600c:a:: with SMTP id g10mr24285254wmc.153.1586871116450; Tue, 14 Apr 2020 06:31:56 -0700 (PDT) From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Subject: [PATCH-for-5.0 12/12] gdbstub: Introduce gdb_get_freg32() to get float32 registers Date: Tue, 14 Apr 2020 15:30:52 +0200 Message-Id: <20200414133052.13712-13-philmd@redhat.com> X-Mailer: git-send-email 2.21.1 In-Reply-To: <20200414133052.13712-1-philmd@redhat.com> References: <20200414133052.13712-1-philmd@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 207.211.31.81 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , Peter Maydell , qemu-block@nongnu.org, "Michael S. Tsirkin" , Michael Roth , Fabien Chouteau , Max Filippov , KONRAD Frederic , qemu-arm@nongnu.org, qemu-ppc@nongnu.org, Gerd Hoffmann , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Stafford Horne , Max Reitz , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Aurelien Jarno Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8"; text/plain; charset="utf-8" Since we now use a GByteArray, we can not use stfl_p() directly. Introduce the gdb_get_freg32() helper to load a float32 register. Fixes: a010bdbe719 ("extend GByteArray to read register helpers") Signed-off-by: Philippe Mathieu-Daud=C3=A9 --- include/exec/gdbstub.h | 12 ++++++++++++ target/sh4/gdbstub.c | 6 ++---- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/include/exec/gdbstub.h b/include/exec/gdbstub.h index f44bdd2270..6d41234071 100644 --- a/include/exec/gdbstub.h +++ b/include/exec/gdbstub.h @@ -125,6 +125,18 @@ static inline int gdb_get_reg128(GByteArray *buf, uint= 64_t val_hi, return 16; } =20 +static inline int gdb_get_freg32(GByteArray *array, float32 val) +{ + uint8_t buf[4]; + + QEMU_BUILD_BUG_ON(sizeof(CPU_FloatU) !=3D sizeof(buf)); + + stfl_p(buf, val); + g_byte_array_append(array, buf, sizeof(buf)); + + return sizeof(buf); +} + static inline int gdb_get_zeroes(GByteArray *array, size_t len) { guint oldlen =3D array->len; diff --git a/target/sh4/gdbstub.c b/target/sh4/gdbstub.c index 49fc4a0cc6..da95205889 100644 --- a/target/sh4/gdbstub.c +++ b/target/sh4/gdbstub.c @@ -58,11 +58,9 @@ int superh_cpu_gdb_read_register(CPUState *cs, GByteArra= y *mem_buf, int n) return gdb_get_regl(mem_buf, env->fpscr); case 25 ... 40: if (env->fpscr & FPSCR_FR) { - stfl_p(mem_buf, env->fregs[n - 9]); - } else { - stfl_p(mem_buf, env->fregs[n - 25]); + return gdb_get_freg32(mem_buf, env->fregs[n - 9]); } - return 4; + return gdb_get_freg32(mem_buf, env->fregs[n - 25]); case 41: return gdb_get_regl(mem_buf, env->ssr); case 42: --=20 2.21.1