[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] cf885b: hw/xen: fix off-by-one in xen_evtchn_
|
From: |
Richard Henderson |
|
Subject: |
[Qemu-commits] [qemu/qemu] cf885b: hw/xen: fix off-by-one in xen_evtchn_set_gsi() |
|
Date: |
Wed, 02 Aug 2023 08:14:01 -0700 |
Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: cf885b19579646d6a085470658bc83432d6786d2
https://github.com/qemu/qemu/commit/cf885b19579646d6a085470658bc83432d6786d2
Author: David Woodhouse <dwmw@amazon.co.uk>
Date: 2023-08-01 (Tue, 01 Aug 2023)
Changed paths:
M hw/i386/kvm/xen_evtchn.c
Log Message:
-----------
hw/xen: fix off-by-one in xen_evtchn_set_gsi()
Coverity points out (CID 1508128) a bounds checking error. We need to check
for gsi >= IOAPIC_NUM_PINS, not just greater-than.
Also fix up an assert() that has the same problem, that Coverity didn't see.
Fixes: 4f81baa33ed6 ("hw/xen: Support GSI mapping to PIRQ")
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230801175747.145906-2-dwmw2@infradead.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Commit: 19c417ec87a446ffd1a13eeec23226fe30f31b7e
https://github.com/qemu/qemu/commit/19c417ec87a446ffd1a13eeec23226fe30f31b7e
Author: David Woodhouse <dwmw@amazon.co.uk>
Date: 2023-08-01 (Tue, 01 Aug 2023)
Changed paths:
M target/i386/kvm/xen-emu.c
Log Message:
-----------
i386/xen: consistent locking around Xen singleshot timers
Coverity points out (CID 1507534, 1507968) that we sometimes access
env->xen_singleshot_timer_ns under the protection of
env->xen_timers_lock and sometimes not.
This isn't always an issue. There are two modes for the timers; if the
kernel supports the EVTCHN_SEND capability then it handles all the timer
hypercalls and delivery internally, and all we use the field for is to
get/set the timer as part of the vCPU state via an ioctl(). If the
kernel doesn't have that support, then we do all the emulation within
qemu, and *those* are the code paths where we actually care about the
locking.
But it doesn't hurt to be a little bit more consistent and avoid having
to explain *why* it's OK.
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Reviewed-by: Paul Durrant <paul@xen.org>
Message-Id: <20230801175747.145906-3-dwmw2@infradead.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Commit: 75a87af9b228ca7d14902a9390fe5e83c4898eb0
https://github.com/qemu/qemu/commit/75a87af9b228ca7d14902a9390fe5e83c4898eb0
Author: David Woodhouse <dwmw@amazon.co.uk>
Date: 2023-08-01 (Tue, 01 Aug 2023)
Changed paths:
M hw/i386/kvm/xen_evtchn.c
Log Message:
-----------
hw/xen: prevent guest from binding loopback event channel to itself
Fuzzing showed that a guest could bind an interdomain port to itself, by
guessing the next port to be allocated and putting that as the 'remote'
port number. By chance, that works because the newly-allocated port has
type EVTCHNSTAT_unbound. It shouldn't.
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Reviewed-by: Paul Durrant <paul@xen.org>
Message-Id: <20230801175747.145906-4-dwmw2@infradead.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Commit: 866b24e4c3d27b5b8bedd741bb92b62b9fa58044
https://github.com/qemu/qemu/commit/866b24e4c3d27b5b8bedd741bb92b62b9fa58044
Author: Marc-Andre Lureau <marcandre.lureau@redhat.com>
Date: 2023-08-01 (Tue, 01 Aug 2023)
Changed paths:
M ui/dbus-listener.c
Log Message:
-----------
ui/dbus: fix win32 compilation when !opengl
Fixes: https://gitlab.com/qemu-project/qemu/-/issues/1782
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230725112540.53284-1-marcandre.lureau@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Commit: 7b4a3f814560341b1a18b3954b52e3318c2725d2
https://github.com/qemu/qemu/commit/7b4a3f814560341b1a18b3954b52e3318c2725d2
Author: Marc-André Lureau <marcandre.lureau@redhat.com>
Date: 2023-08-01 (Tue, 01 Aug 2023)
Changed paths:
M ui/dbus-listener.c
Log Message:
-----------
ui/dbus: fix clang compilation issue
../ui/dbus-listener.c:236:9: error: expected expression
Error *err = NULL;
See:
https://gitlab.com/qemu-project/qemu/-/issues/1782#note_1488517427
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20230726151221.515761-1-marcandre.lureau@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Commit: 313e162951682906430a6efeffdd1f2d67fd5bb4
https://github.com/qemu/qemu/commit/313e162951682906430a6efeffdd1f2d67fd5bb4
Author: Stefan Weil <sw@weilnetz.de>
Date: 2023-08-01 (Tue, 01 Aug 2023)
Changed paths:
M docs/about/deprecated.rst
M docs/devel/qom.rst
M docs/system/devices/nvme.rst
M hw/core/loader.c
M include/exec/memory.h
M ui/vnc-enc-tight.c
Log Message:
-----------
misc: Fix some typos in documentation and comments
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230730180329.851576-1-sw@weilnetz.de>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Commit: 7a06a8fec9df3b6a0f72e7b37dff0969430aab96
https://github.com/qemu/qemu/commit/7a06a8fec9df3b6a0f72e7b37dff0969430aab96
Author: Akihiko Odaki <akihiko.odaki@daynix.com>
Date: 2023-08-01 (Tue, 01 Aug 2023)
Changed paths:
M tests/migration/s390x/Makefile
Log Message:
-----------
tests/migration: Add -fno-stack-protector
A build of GCC 13.2 will have stack protector enabled by default if it
was configured with --enable-default-ssp option. For such a compiler,
it is necessary to explicitly disable stack protector when linking
without standard libraries.
Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20230731091042.139159-2-akihiko.odaki@daynix.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Commit: c11d5bdae79a8edaf00dfcb2e49c064a50c67671
https://github.com/qemu/qemu/commit/c11d5bdae79a8edaf00dfcb2e49c064a50c67671
Author: Keith Packard <keithp@keithp.com>
Date: 2023-08-01 (Tue, 01 Aug 2023)
Changed paths:
M target/nios2/nios2-semi.c
Log Message:
-----------
target/nios2: Pass semihosting arg to exit
Instead of using R_ARG0 (the semihost function number), use R_ARG1
(the provided exit status).
Signed-off-by: Keith Packard <keithp@keithp.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20230801152245.332749-1-keithp@keithp.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Commit: 71e2dd6aa1bdbac19c661638a4ae91816002ac9e
https://github.com/qemu/qemu/commit/71e2dd6aa1bdbac19c661638a4ae91816002ac9e
Author: Keith Packard <keithp@keithp.com>
Date: 2023-08-01 (Tue, 01 Aug 2023)
Changed paths:
M target/nios2/nios2-semi.c
Log Message:
-----------
target/nios2: Fix semihost lseek offset computation
The arguments for deposit64 are (value, start, length, fieldval); this
appears to have thought they were (value, fieldval, start,
length). Reorder the parameters to match the actual function.
Signed-off-by: Keith Packard <keithp@keithp.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Fixes: d1e23cbaa403b2d ("target/nios2: Use semihosting/syscalls.h")
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20230731235245.295513-1-keithp@keithp.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Commit: 8caaae7319a5f7ca449900c0e6bfcaed78fa3ae2
https://github.com/qemu/qemu/commit/8caaae7319a5f7ca449900c0e6bfcaed78fa3ae2
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2023-08-01 (Tue, 01 Aug 2023)
Changed paths:
M target/m68k/m68k-semi.c
Log Message:
-----------
target/m68k: Fix semihost lseek offset computation
The arguments for deposit64 are (value, start, length, fieldval); this
appears to have thought they were (value, fieldval, start,
length). Reorder the parameters to match the actual function.
Cc: qemu-stable@nongnu.org
Fixes: 950272506d ("target/m68k: Use semihosting/syscalls.h")
Reported-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230801154519.3505531-1-peter.maydell@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Commit: 8abc81150f2de51eabd75ef13117f6f1561a18a5
https://github.com/qemu/qemu/commit/8abc81150f2de51eabd75ef13117f6f1561a18a5
Author: Hyman Huang(黄勇) <yong.huang@smartx.com>
Date: 2023-08-02 (Wed, 02 Aug 2023)
Changed paths:
M qapi/migration.json
Log Message:
-----------
qapi: Reformat the dirty-limit migration doc comments
Reformat the dirty-limit migration doc comments to conform
to current conventions as commit a937b6aa739 (qapi: Reformat
doc comments to conform to current conventions).
Signed-off-by: Hyman Huang(黄勇) <yong.huang@smartx.com>
Message-ID: <169073570563.19893.2928364761104733482-1@git.sr.ht>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Whitespace tidied up]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Commit: ef965377325e186ce1f73e5f40d07d77e2cc9410
https://github.com/qemu/qemu/commit/ef965377325e186ce1f73e5f40d07d77e2cc9410
Author: Hyman Huang(黄勇) <yong.huang@smartx.com>
Date: 2023-08-02 (Wed, 02 Aug 2023)
Changed paths:
M qapi/migration.json
Log Message:
-----------
qapi: Craft the dirty-limit capability comment
Signed-off-by: Hyman Huang(黄勇) <yong.huang@smartx.com>
Message-ID: <169073570563.19893.2928364761104733482-2@git.sr.ht>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Commit: 2b3edd95186dc505f21d823119cdd0dfb23b3ee0
https://github.com/qemu/qemu/commit/2b3edd95186dc505f21d823119cdd0dfb23b3ee0
Author: Hyman Huang(黄勇) <yong.huang@smartx.com>
Date: 2023-08-02 (Wed, 02 Aug 2023)
Changed paths:
M MAINTAINERS
Log Message:
-----------
MAINTAINERS: Add section "Migration dirty limit and dirty page rate"
I've built interests in dirty limit and dirty page rate
features and also have been working on projects related
to this subsystem.
Add a section to the MAINTAINERS file for migration
dirty limit and dirty page rate.
Add myself as a maintainer for this subsystem so that I
can help to improve the dirty limit algorithm and review
the patches about dirty page rate.
Signed-off-by: Hyman Huang(黄勇) <yong.huang@smartx.com>
Acked-by: Peter Xu <peterx@redhat.com>
Message-ID: <169073570563.19893.2928364761104733482-3@git.sr.ht>
Acked-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Commit: 081619e677f148ad91897a37f94894959729bbd4
https://github.com/qemu/qemu/commit/081619e677f148ad91897a37f94894959729bbd4
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2023-08-02 (Wed, 02 Aug 2023)
Changed paths:
M docs/about/deprecated.rst
M docs/devel/qom.rst
M docs/system/devices/nvme.rst
M hw/core/loader.c
M hw/i386/kvm/xen_evtchn.c
M include/exec/memory.h
M target/i386/kvm/xen-emu.c
M target/m68k/m68k-semi.c
M target/nios2/nios2-semi.c
M tests/migration/s390x/Makefile
M ui/dbus-listener.c
M ui/vnc-enc-tight.c
Log Message:
-----------
Merge tag 'misc-fixes-20230801' of https://github.com/philmd/qemu into staging
Misc patches queue
xen: Fix issues reported by fuzzer / Coverity
misc: Fix some typos in documentation and comments
ui/dbus: Build fixes for Clang/win32/!opengl
linux-user: Semihosting fixes on m68k/nios2
tests/migration: Disable stack protector when linking without stdlib
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmTJfrQACgkQ4+MsLN6t
# wN4Nqw/+NjoW2jdy9LNAgx7IeH2w+HfvvULpBOTDRRNahuXbGpzl6L57cS92r5a8
# UFJGfxbL2nlxrJbUdAWGONIweCvUb9jnpbT2id1dBp4wp+8aKFvPj1Al34OENNVS
# 1lQT0G6mKx9itcXP9lVSBPhEbWIB9ZMaDG0R872bA6Ec3G7PWny+AOhMvJecieol
# 2Qyv84ioA3N0xkYUB64KBVDmJOG0Tx+LYZfsXUybLKwfvBDLeVkHuHKtb94kh0G9
# MUsM/p9sHvfrC1bO+DQ9P1bzRI9zw2I2f4xMIs4QCMGPbJUrhv7edOc2PSO5XQoG
# izcV9NSL0tl6LbXZvkE7sJw0tDuR6R9sQ9KJWoltJCGRGOWlC5CeSTUfLbH9HkFc
# CXapKWth6cmOboGZNTlidn41oH7xE/kW6Em1XAD0M0eLUCUMzVjaSs1sIwKnbF7i
# sz7HcgAAuAVhmR0n4zOkphJkek72J7atLNpqU0AdYH46LR92zSdh6YoD5YDBPwY8
# hoy7VFauSkF8+5Wi7CTTjtq+edkuFRcuNMCR0Fd2iolE8KKYvxHnwEGH/5T4s2m7
# 8f40AEyQRk0nFn44tqeyb14O8c2lZL3jmDEh+LYT/PPp/rCc/X7Ugplpau+bNZsx
# OOZd0AxujbrK+Xn80Agc+3/vn4/2eAvz7OdGc/SmKuYLyseBQfo=
# =5ZLa
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 01 Aug 2023 02:52:52 PM PDT
# gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>"
[full]
* tag 'misc-fixes-20230801' of https://github.com/philmd/qemu:
target/m68k: Fix semihost lseek offset computation
target/nios2: Fix semihost lseek offset computation
target/nios2: Pass semihosting arg to exit
tests/migration: Add -fno-stack-protector
misc: Fix some typos in documentation and comments
ui/dbus: fix clang compilation issue
ui/dbus: fix win32 compilation when !opengl
hw/xen: prevent guest from binding loopback event channel to itself
i386/xen: consistent locking around Xen singleshot timers
hw/xen: fix off-by-one in xen_evtchn_set_gsi()
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: fb695ae3fdfe34ce7bf2eaa4595d48ca809c8841
https://github.com/qemu/qemu/commit/fb695ae3fdfe34ce7bf2eaa4595d48ca809c8841
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2023-08-02 (Wed, 02 Aug 2023)
Changed paths:
M MAINTAINERS
M qapi/migration.json
Log Message:
-----------
Merge tag 'pull-qapi-2023-08-02' of https://repo.or.cz/qemu/armbru into
staging
QAPI patches patches for 2023-08-02
# -----BEGIN PGP SIGNATURE-----
#
# iQJGBAABCAAwFiEENUvIs9frKmtoZ05fOHC0AOuRhlMFAmTKB9wSHGFybWJydUBy
# ZWRoYXQuY29tAAoJEDhwtADrkYZT5w4P/ReWCzwnNWDHAlInd91gQxmH5AB5VRMK
# jnLLLxzMx3KIk2cjoHG7nvVBpHKaEzhwZoyjQvILnSoHVeHUteHNvfJAS/LG0bYw
# ujpSem7C1LXT/+WPf/j2eIdfZ243Z1/WkJW4ZXWuUyZYea0Uc6M+eXgnw1VfZOPn
# UmTXrJzV35KY2mB4EMdBON2P/0VnqoXH17Ke13JxI10NDgFzzhlltM5J4CBKFqPM
# XcrpeuQdfk3NR1XxDIUIVNcYkbg1EMVrnZs1m8M8hcgnUKAxoPyYFdq2m+bVITmL
# C4uxdqg6UUvtHzwdp/CbeXPBKuuZnR4TcFIW+4uJHoCJxhLjKhACbowz8fCHh8dg
# 5999ZsmgCfK4P4KxcOYQpGG5qLm4G8L+cxx/b5Tu/UlguCwc6/CRs6njpzA0trDy
# 4Qz+F7hSGQqSX5hZT6h94l88fZ+tfrSnXGRxhpwF2pFOzTZsIvE8X43KIXo1jMWf
# M4mwb7TtMmBgF4Q6rfg1GxcYkJ7weFlro7nsWUOxPZXINJO17pDx8OI9bLkBV99x
# UQ1pfGhhTncVGai/eNOtr+REXpW0mse5DAX8UlxiBJyerQhjbqq4cKHrbMvoRE1D
# YJRt7h8t2mKwmdXpGRkVtLEvTKivhJ9x4/ZRmoKzWDlTucNN/gW5rUahbJ68d3Qf
# tsq+a97nbfp4
# =/Xq1
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 02 Aug 2023 12:38:04 AM PDT
# gpg: using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg: issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [undefined]
# gpg: aka "Markus Armbruster <armbru@pond.sub.org>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653
* tag 'pull-qapi-2023-08-02' of https://repo.or.cz/qemu/armbru:
MAINTAINERS: Add section "Migration dirty limit and dirty page rate"
qapi: Craft the dirty-limit capability comment
qapi: Reformat the dirty-limit migration doc comments
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Compare: https://github.com/qemu/qemu/compare/a51c07053878...fb695ae3fdfe