qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH for-6.2 0/2] esp: add fix for reset before transfer

From: Paolo Bonzini
Subject: Re: [PATCH for-6.2 0/2] esp: add fix for reset before transfer
Date: Fri, 19 Nov 2021 10:14:53 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.2.0 
On 11/18/21 11:03, Mark Cave-Ayland wrote:

This is the fix for Gitlab issue #724 discovered by fuzzing which I think is
worth including in 6.2 for 2 reasons: firstly the fix is to zero out
an extra field during chip reset which normally only occurs during driver
initialisation and durring IO timeouts, and secondly the bug causes a stale
SCSI data buffer pointer dereference rather than triggering a FIFO assert.

The first patch contains the very simple fix, whilst the second patch adds a
qtest based upon the original Gitlab issue.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>


Mark Cave-Ayland (2):
   esp: ensure that async_len is reset to 0 during esp_hard_reset()
   qtest/am53c974-test: add test for reset before transfer

  hw/scsi/esp.c               |  1 +
  tests/qtest/am53c974-test.c | 30 ++++++++++++++++++++++++++++++
  2 files changed, 31 insertions(+)



Queued, thanks.

Paolo
reply via email to
[Prev in Thread] Current Thread [Next in Thread]