bwlp/qemu.git/hw/rdma, branch spice_video_codecsExperimental fork of QEMU with video encoding patcheshttps://git.openslx.org/bwlp/qemu.git/atom/hw/rdma?h=spice_video_codecs2022-11-07T19:08:17+00:00msix: Assert that specified vector is in range2022-11-07T19:08:17+00:00Akihiko Odaki2022-08-29T08:35:24+00:00urn:sha1:15377f6e79cc6aa08dbafe82607e0bda13ca44b5
There were several different ways to deal with the situation where the
vector specified for a msix function is out of bound:
- early return a function and keep progresssing
- propagate the error to the caller
- mark msix unusable
- assert it is in bound
- just ignore
An out-of-bound vector should not be specified if the device
implementation is correct so let msix functions always assert that the
specified vector is in range.
An exceptional case is virtio-pci, which allows the guest to configure
vectors. For virtio-pci, it is more appropriate to introduce its own
checks because it is sometimes too late to check the vector range in
msix functions.
Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com>
Message-Id: <20220829083524.143640-1-akihiko.odaki@daynix.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
Signed-off-by: Akihiko Odaki <<a href="mailto:akihiko.odaki@daynix.com" target="_blank">akihiko.odaki@daynix.com</a>><br>
hw/pvrdma: Some cosmetic fixes2022-04-26T10:25:14+00:00Yuval Shaia2022-04-03T09:58:37+00:00urn:sha1:46c1ea01312b13b8aa4da286c9d868fe9b702758
Signed-off-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
Reviewed-by: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Message-Id: <20220403095837.2378-1-yuval.shaia.ml@gmail.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Replace qemu_real_host_page variables with inlined functions2022-04-06T08:50:38+00:00Marc-André Lureau2022-03-23T15:57:22+00:00urn:sha1:8e3b0cbb7212a1e5707ed2d4c26b4e3d2483768d
Replace the global variables with inlined helper functions. getpagesize() is very
likely annotated with a "const" function attribute (at least with glibc), and thus
optimization should apply even better.
This avoids the need for a constructor initialization too.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20220323155743.1585078-12-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Use g_new() & friends where that makes obvious sense2022-03-21T14:44:44+00:00Markus Armbruster2022-03-15T14:41:56+00:00urn:sha1:b21e2380376c470900fcadf47507f4d5ade75e85
g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer,
for two reasons. One, it catches multiplication overflowing size_t.
Two, it returns T * rather than void *, which lets the compiler catch
more type errors.
This commit only touches allocations with size arguments of the form
sizeof(T).
Patch created mechanically with:
$ spatch --in-place --sp-file scripts/coccinelle/use-g_new-etc.cocci \
--macro-file scripts/cocci-macro-file.h FILES...
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20220315144156.1595462-4-armbru@redhat.com>
Reviewed-by: Pavel Dovgalyuk <Pavel.Dovgalyuk@ispras.ru>
hw/dma: Use dma_addr_t type definition when relevant2022-01-18T11:56:29+00:00Philippe Mathieu-Daudé2021-12-31T10:33:29+00:00urn:sha1:bfa30f3903e0542611196b21f5832a4be5775a21
Update the obvious places where dma_addr_t should be used
(instead of uint64_t, hwaddr, size_t, int32_t types).
This allows to have &dma_addr_t type portable on 32/64-bit
hosts.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220111184309.28637-11-f4bug@amsat.org>
hw/dma: Fix format string issues using dma_addr_t2022-01-18T11:56:29+00:00Philippe Mathieu-Daudé2022-01-04T08:42:21+00:00urn:sha1:60791a2c27e1b8f82ff035a474b2f96f0fafa66c
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220111184309.28637-10-f4bug@amsat.org>
hw/rdma/rdma_utils: Rename rdma_pci_dma_map 'len' argument2022-01-18T11:56:07+00:00Philippe Mathieu-Daudé2021-12-31T10:19:08+00:00urn:sha1:ce0a7982855afd873600a4180161adbfaef24cc1
Various APIs use 'pval' naming for 'pointer to val'.
rdma_pci_dma_map() uses 'plen' for 'PCI length', but since
'PCI' is already explicit in the function name, simplify
and rename the argument 'len'. No logical change.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
Tested-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
Message-Id: <20220111184309.28637-7-f4bug@amsat.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
qapi: introduce x-query-rdma QMP command2021-11-02T15:55:14+00:00Daniel P. Berrangé2021-09-08T09:35:43+00:00urn:sha1:8dbbca5c056842d53498f643a15cac8593d51424
This is a counterpart to the HMP "info rdma" command. It is being
added with an "x-" prefix because this QMP command is intended as an
adhoc debugging tool and will thus not be modelled in QAPI as fully
structured data, nor will it have long term guaranteed stability.
The existing HMP command is rewritten to call the QMP command.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
pvrdma: Fix the ring init error flow (CVE-2021-3608)2021-07-04T19:47:51+00:00Marcel Apfelbaum2021-06-30T11:52:46+00:00urn:sha1:66ae37d8cc313f89272e711174a846a229bcdbd3
Do not unmap uninitialized dma addresses.
Fixes: CVE-2021-3608
Reviewed-by: VictorV (Kunlun Lab) <vv474172261@gmail.com>
Tested-by: VictorV (Kunlun Lab) <vv474172261@gmail.com>
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Message-Id: <20210630115246.2178219-1-marcel@redhat.com>
Tested-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
Reviewed-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
pvrdma: Ensure correct input on ring init (CVE-2021-3607)2021-07-04T19:47:51+00:00Marcel Apfelbaum2021-06-30T11:46:34+00:00urn:sha1:32e5703cfea07c91e6e84bcb0313f633bb146534
Check the guest passed a non zero page count
for pvrdma device ring buffers.
Fixes: CVE-2021-3607
Reported-by: VictorV (Kunlun Lab) <vv474172261@gmail.com>
Reviewed-by: VictorV (Kunlun Lab) <vv474172261@gmail.com>
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Message-Id: <20210630114634.2168872-1-marcel@redhat.com>
Reviewed-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
Tested-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
Signed-off-by: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>