[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 09/60] exec: check that alignment is a power of two
|
From: |
Paolo Bonzini |
|
Subject: |
[Qemu-devel] [PULL 09/60] exec: check that alignment is a power of two |
|
Date: |
Thu, 28 Jun 2018 22:04:19 +0200 |
From: David Hildenbrand <address@hidden>
Right now we can crash QEMU using e.g.
qemu-system-x86_64 -m 256M,maxmem=20G,slots=2 \
-object memory-backend-file,id=mem0,size=12288,mem-path=/dev/zero,align=12288 \
-device pc-dimm,id=dimm1,memdev=mem0
qemu-system-x86_64: util/mmap-alloc.c:115:
qemu_ram_mmap: Assertion `is_power_of_2(align)' failed
Fix this by adding a proper check.
Signed-off-by: David Hildenbrand <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Reviewed-by: Igor Mammedov <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
---
exec.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/exec.c b/exec.c
index 610d0c0..cdcf769 100644
--- a/exec.c
+++ b/exec.c
@@ -1841,6 +1841,10 @@ static void *file_ram_alloc(RAMBlock *block,
" must be multiples of page size 0x%zx",
block->mr->align, block->page_size);
return NULL;
+ } else if (block->mr->align && !is_power_of_2(block->mr->align)) {
+ error_setg(errp, "alignment 0x%" PRIx64
+ " must be a power of two", block->mr->align);
+ return NULL;
}
block->mr->align = MAX(block->page_size, block->mr->align);
#if defined(__s390x__)
--
1.8.3.1
- [Qemu-devel] [PULL 00/60] Misc patches for soft freeze, Paolo Bonzini, 2018/06/28
- [Qemu-devel] [PULL 03/60] chardev: don't splatter terminal settings on exit if not previously set, Paolo Bonzini, 2018/06/28
- [Qemu-devel] [PULL 01/60] exec: Fix MAP_RAM for cached access, Paolo Bonzini, 2018/06/28
- [Qemu-devel] [PULL 02/60] move public invalidate APIs out of translate-all.{c, h}, clean up, Paolo Bonzini, 2018/06/28
- [Qemu-devel] [PULL 06/60] target/i386: Fix BLSR and BLSI, Paolo Bonzini, 2018/06/28
- [Qemu-devel] [PULL 07/60] whpx: commit missing file, Paolo Bonzini, 2018/06/28
- [Qemu-devel] [PULL 04/60] main-loop: document IOCanReadHandler, Paolo Bonzini, 2018/06/28
- [Qemu-devel] [PULL 05/60] hw/char/serial: Only retry if qemu_chr_fe_write returns 0, Paolo Bonzini, 2018/06/28
- [Qemu-devel] [PULL 08/60] memory-device: turn alignment assert into check, Paolo Bonzini, 2018/06/28
- [Qemu-devel] [PULL 09/60] exec: check that alignment is a power of two,
Paolo Bonzini <=
- [Qemu-devel] [PULL 13/60] QemuMutex: support --enable-debug-mutex, Paolo Bonzini, 2018/06/28
- [Qemu-devel] [PULL 12/60] qemu-thread: introduce qemu-thread-common.h, Paolo Bonzini, 2018/06/28
- [Qemu-devel] [PULL 10/60] kvm: Delete the slot if and only if the KVM_MEM_READONLY flag is changed, Paolo Bonzini, 2018/06/28
- [Qemu-devel] [PULL 11/60] tests/atomic_add-bench: add -m option to use mutexes, Paolo Bonzini, 2018/06/28
- [Qemu-devel] [PULL 17/60] pc-dimm: remove leftover "struct pc_dimms_capacity", Paolo Bonzini, 2018/06/28
- [Qemu-devel] [PULL 15/60] Replace '-enable-kvm' with '-accel kvm' in docs and help texts, Paolo Bonzini, 2018/06/28
- [Qemu-devel] [PULL 18/60] pc: rename pc_dimm_(plug|unplug|...)* into pc_memory_(plug|unplug|...)*, Paolo Bonzini, 2018/06/28
- [Qemu-devel] [PULL 21/60] pc: factor out pc specific dimm checks into pc_memory_pre_plug(), Paolo Bonzini, 2018/06/28
- [Qemu-devel] [PULL 14/60] configure: enable debug-mutex if debug enabled, Paolo Bonzini, 2018/06/28
- [Qemu-devel] [PULL 19/60] pc-dimm: rename pc_dimm_memory_* to pc_dimm_*, Paolo Bonzini, 2018/06/28