Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/909797/?format=api
{ "id": 909797, "url": "http://patchwork.ozlabs.org/api/patches/909797/?format=api", "web_url": "http://patchwork.ozlabs.org/project/qemu-devel/patch/20180507150310.2FEA0381924@moya.office.hostfission.com/", "project": { "id": 14, "url": "http://patchwork.ozlabs.org/api/projects/14/?format=api", "name": "QEMU Development", "link_name": "qemu-devel", "list_id": "qemu-devel.nongnu.org", "list_email": "qemu-devel@nongnu.org", "web_url": "", "scm_url": "", "webscm_url": "", "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20180507150310.2FEA0381924@moya.office.hostfission.com>", "list_archive_url": null, "date": "2018-05-07T13:13:12", "name": "[PATCHv3,2/2] ps2: Fix mouse stream corruption due to lost data", "commit_ref": null, "pull_url": null, "state": "new", "archived": false, "hash": "11098a8bbb86fe95207c2b8496ddad799a4ab371", "submitter": { "id": 71296, "url": "http://patchwork.ozlabs.org/api/people/71296/?format=api", "name": "Cameron Esfahani via", "email": "qemu-devel@nongnu.org" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/qemu-devel/patch/20180507150310.2FEA0381924@moya.office.hostfission.com/mbox/", "series": [ { "id": 42970, "url": "http://patchwork.ozlabs.org/api/series/42970/?format=api", "web_url": "http://patchwork.ozlabs.org/project/qemu-devel/list/?series=42970", "date": "2018-05-07T13:13:12", "name": null, "version": 1, "mbox": "http://patchwork.ozlabs.org/series/42970/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/909797/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/909797/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>", "X-Original-To": "incoming@patchwork.ozlabs.org", "Delivered-To": "patchwork-incoming@bilbo.ozlabs.org", "Authentication-Results": [ "ozlabs.org;\n\tspf=pass (mailfrom) smtp.mailfrom=nongnu.org\n\t(client-ip=2001:4830:134:3::11; helo=lists.gnu.org;\n\tenvelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org;\n\treceiver=<UNKNOWN>)", "ozlabs.org;\n\tdmarc=none (p=none dis=none) header.from=nongnu.org", "ozlabs.org;\n\tdkim=fail reason=\"signature verification failed\" (1024-bit key;\n\tunprotected) header.d=hostfission.com header.i=@hostfission.com\n\theader.b=\"pioEe8tH\"; dkim-atps=neutral" ], "Received": [ "from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11])\n\t(using TLSv1 with cipher AES256-SHA (256/256 bits))\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 40fm9C4tJPz9s34\n\tfor <incoming@patchwork.ozlabs.org>;\n\tTue, 8 May 2018 01:03:58 +1000 (AEST)", "from localhost ([::1]:46679 helo=lists.gnu.org)\n\tby lists.gnu.org with esmtp (Exim 4.71) (envelope-from\n\t<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>)\n\tid 1fFhgA-0006wR-83\n\tfor incoming@patchwork.ozlabs.org; Mon, 07 May 2018 11:03:54 -0400", "from eggs.gnu.org ([2001:4830:134:3::10]:34935)\n\tby lists.gnu.org with esmtp (Exim 4.71)\n\t(envelope-from <geoff@hostfission.com>) id 1fFhfV-0006w4-0Y\n\tfor qemu-devel@nongnu.org; Mon, 07 May 2018 11:03:14 -0400", "from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)\n\t(envelope-from <geoff@hostfission.com>) id 1fFhfT-0008W5-NF\n\tfor qemu-devel@nongnu.org; Mon, 07 May 2018 11:03:13 -0400", "from mail1.hostfission.com ([139.99.139.48]:51174)\n\tby eggs.gnu.org with esmtp (Exim 4.71)\n\t(envelope-from <geoff@hostfission.com>) id 1fFhfT-0008UT-5c\n\tfor qemu-devel@nongnu.org; Mon, 07 May 2018 11:03:11 -0400", "from moya.office.hostfission.com (office.hostfission.com\n\t[158.140.217.90])\n\tby mail1.hostfission.com (Postfix) with ESMTP id 3ECCE41ED8;\n\tTue, 8 May 2018 01:03:10 +1000 (AEST)", "by moya.office.hostfission.com (Postfix, from userid 0)\n\tid 2FEA0381924; Tue, 8 May 2018 01:03:10 +1000 (AEST)" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/simple; d=hostfission.com;\n\ts=mail; t=1525705390;\n\tbh=5z9zW7BK+MXVR8OSw+h1yUP/4/KgtCpSiZ0O6lYxn3g=;\n\th=From:Date:Subject:To:From;\n\tb=pioEe8tHMsY1G0eurPxGB4+IpcHNYlvZRkDhMS+YqGxaq4DaOfcEZb+gFnypOmzuF\n\t28Eh5xS5P7mMMQs1/+/C2KindH9tberbyASm4qZEtH3HK7orh+Jytl0aZI+Xxm4ErG\n\tK6Sgbr1xMe+o1IV8ZBSMEVZ7MV17dUYRdZogsgbY=", "Date": "Mon, 7 May 2018 23:13:12 +1000", "To": "qemu-devel@nongnu.org,\n Gerd Hoffmann <kraxel@redhat.com>", "Message-Id": "<20180507150310.2FEA0381924@moya.office.hostfission.com>", "X-detected-operating-system": "by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]\n\t[fuzzy]", "X-Received-From": "139.99.139.48", "Subject": "[Qemu-devel] [PATCHv3 2/2] ps2: Fix mouse stream corruption due to\n\tlost data", "X-BeenThere": "qemu-devel@nongnu.org", "X-Mailman-Version": "2.1.21", "Precedence": "list", "List-Id": "<qemu-devel.nongnu.org>", "List-Unsubscribe": "<https://lists.nongnu.org/mailman/options/qemu-devel>,\n\t<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>", "List-Archive": "<http://lists.nongnu.org/archive/html/qemu-devel/>", "List-Post": "<mailto:qemu-devel@nongnu.org>", "List-Help": "<mailto:qemu-devel-request@nongnu.org?subject=help>", "List-Subscribe": "<https://lists.nongnu.org/mailman/listinfo/qemu-devel>,\n\t<mailto:qemu-devel-request@nongnu.org?subject=subscribe>", "From": "Geoffrey McRae via Qemu-devel <qemu-devel@nongnu.org>", "Reply-To": "Geoffrey McRae <geoff@hostfission.com>", "Errors-To": "qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org", "Sender": "\"Qemu-devel\"\n\t<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>" }, "content": "This fixes an issue by adding bounds checking to multi-byte packets\nwhere the PS/2 mouse data stream may become corrupted due to data being\ndiscarded when the PS/2 ringbuffer is full.\n\nInterrupts for Multi-byte responses are postponed until the final byte\nhas been queued.\n\nThese changes fix a bug where windows guests drop the mouse device\nentirely requring the guest to be restarted.\n\nSigned-off-by: Geoffrey McRae <geoff@hostfission.com>\n---\n hw/input/ps2.c | 124 +++++++++++++++++++++++++++++++++++++------------\n include/hw/input/ps2.h | 5 ++\n 2 files changed, 100 insertions(+), 29 deletions(-)", "diff": "diff --git a/hw/input/ps2.c b/hw/input/ps2.c\nindex 4abc8cecdd..8244020c1f 100644\n--- a/hw/input/ps2.c\n+++ b/hw/input/ps2.c\n@@ -188,16 +188,64 @@ static void ps2_reset_queue(PS2State *s)\n q->count = 0;\n }\n \n-void ps2_queue(PS2State *s, int b)\n+void ps2_queue_noirq(PS2State *s, int b)\n {\n PS2Queue *q = &s->queue;\n \n- if (q->count >= PS2_QUEUE_SIZE - 1)\n+ if (q->count == PS2_QUEUE_SIZE) {\n return;\n+ }\n+\n q->data[q->wptr] = b;\n if (++q->wptr == PS2_QUEUE_SIZE)\n q->wptr = 0;\n q->count++;\n+}\n+\n+void ps2_raise_irq(PS2State *s)\n+{\n+ s->update_irq(s->update_arg, 1);\n+}\n+\n+void ps2_queue(PS2State *s, int b)\n+{\n+ ps2_queue_noirq(s, b);\n+ s->update_irq(s->update_arg, 1);\n+}\n+\n+void ps2_queue_2(PS2State *s, int b1, int b2)\n+{\n+ if (PS2_QUEUE_SIZE - s->queue.count < 2) {\n+ return;\n+ }\n+\n+ ps2_queue_noirq(s, b1);\n+ ps2_queue_noirq(s, b2);\n+ s->update_irq(s->update_arg, 1);\n+}\n+\n+void ps2_queue_3(PS2State *s, int b1, int b2, int b3)\n+{\n+ if (PS2_QUEUE_SIZE - s->queue.count < 3) {\n+ return;\n+ }\n+\n+ ps2_queue_noirq(s, b1);\n+ ps2_queue_noirq(s, b2);\n+ ps2_queue_noirq(s, b3);\n+ s->update_irq(s->update_arg, 1);\n+}\n+\n+void ps2_queue_4(PS2State *s, int b1, int b2, int b3, int b4)\n+{\n+ if (PS2_QUEUE_SIZE - s->queue.count < 4) {\n+ return;\n+ }\n+\n+ ps2_queue_noirq(s, b1);\n+ ps2_queue_noirq(s, b2);\n+ ps2_queue_noirq(s, b3);\n+ ps2_queue_noirq(s, b4);\n s->update_irq(s->update_arg, 1);\n }\n \n@@ -501,13 +549,17 @@ void ps2_write_keyboard(void *opaque, int val)\n ps2_queue(&s->common, KBD_REPLY_RESEND);\n break;\n case KBD_CMD_GET_ID:\n- ps2_queue(&s->common, KBD_REPLY_ACK);\n /* We emulate a MF2 AT keyboard here */\n- ps2_queue(&s->common, KBD_REPLY_ID);\n if (s->translate)\n- ps2_queue(&s->common, 0x41);\n+ ps2_queue_3(&s->common,\n+ KBD_REPLY_ACK,\n+ KBD_REPLY_ID,\n+ 0x41);\n else\n- ps2_queue(&s->common, 0x83);\n+ ps2_queue_3(&s->common,\n+ KBD_REPLY_ACK,\n+ KBD_REPLY_ID,\n+ 0x83);\n break;\n case KBD_CMD_ECHO:\n ps2_queue(&s->common, KBD_CMD_ECHO);\n@@ -534,8 +586,9 @@ void ps2_write_keyboard(void *opaque, int val)\n break;\n case KBD_CMD_RESET:\n ps2_reset_keyboard(s);\n- ps2_queue(&s->common, KBD_REPLY_ACK);\n- ps2_queue(&s->common, KBD_REPLY_POR);\n+ ps2_queue_2(&s->common,\n+ KBD_REPLY_ACK,\n+ KBD_REPLY_POR);\n break;\n default:\n ps2_queue(&s->common, KBD_REPLY_RESEND);\n@@ -544,8 +597,11 @@ void ps2_write_keyboard(void *opaque, int val)\n break;\n case KBD_CMD_SCANCODE:\n if (val == 0) {\n- ps2_queue(&s->common, KBD_REPLY_ACK);\n- ps2_put_keycode(s, s->scancode_set);\n+ if (s->common.queue.count <= PS2_QUEUE_SIZE - 2)\n+ {\n+ ps2_queue(&s->common, KBD_REPLY_ACK);\n+ ps2_put_keycode(s, s->scancode_set);\n+ }\n } else if (val >= 1 && val <= 3) {\n s->scancode_set = val;\n ps2_queue(&s->common, KBD_REPLY_ACK);\n@@ -577,11 +633,15 @@ void ps2_keyboard_set_translation(void *opaque, int mode)\n s->translate = mode;\n }\n \n-static void ps2_mouse_send_packet(PS2MouseState *s)\n+static int ps2_mouse_send_packet(PS2MouseState *s)\n {\n unsigned int b;\n int dx1, dy1, dz1;\n \n+ const int needed = 3 + (s->mouse_type - 2);\n+ if (PS2_QUEUE_SIZE - s->common.queue.count < needed)\n+ return 0;\n+\n dx1 = s->mouse_dx;\n dy1 = s->mouse_dy;\n dz1 = s->mouse_dz;\n@@ -595,9 +655,9 @@ static void ps2_mouse_send_packet(PS2MouseState *s)\n else if (dy1 < -127)\n dy1 = -127;\n b = 0x08 | ((dx1 < 0) << 4) | ((dy1 < 0) << 5) | (s->mouse_buttons & 0x07);\n- ps2_queue(&s->common, b);\n- ps2_queue(&s->common, dx1 & 0xff);\n- ps2_queue(&s->common, dy1 & 0xff);\n+ ps2_queue_noirq(&s->common, b);\n+ ps2_queue_noirq(&s->common, dx1 & 0xff);\n+ ps2_queue_noirq(&s->common, dy1 & 0xff);\n /* extra byte for IMPS/2 or IMEX */\n switch(s->mouse_type) {\n default:\n@@ -607,7 +667,7 @@ static void ps2_mouse_send_packet(PS2MouseState *s)\n dz1 = 127;\n else if (dz1 < -127)\n dz1 = -127;\n- ps2_queue(&s->common, dz1 & 0xff);\n+ ps2_queue_noirq(&s->common, dz1 & 0xff);\n break;\n case 4:\n if (dz1 > 7)\n@@ -615,15 +675,19 @@ static void ps2_mouse_send_packet(PS2MouseState *s)\n else if (dz1 < -7)\n dz1 = -7;\n b = (dz1 & 0x0f) | ((s->mouse_buttons & 0x18) << 1);\n- ps2_queue(&s->common, b);\n+ ps2_queue_noirq(&s->common, b);\n break;\n }\n \n+ ps2_raise_irq(&s->common);\n+\n trace_ps2_mouse_send_packet(s, dx1, dy1, dz1, b);\n /* update deltas */\n s->mouse_dx -= dx1;\n s->mouse_dy -= dy1;\n s->mouse_dz -= dz1;\n+\n+ return 1;\n }\n \n static void ps2_mouse_event(DeviceState *dev, QemuConsole *src,\n@@ -687,10 +751,9 @@ static void ps2_mouse_sync(DeviceState *dev)\n qemu_system_wakeup_request(QEMU_WAKEUP_REASON_OTHER);\n }\n if (!(s->mouse_status & MOUSE_STATUS_REMOTE)) {\n- while (s->common.queue.count < PS2_QUEUE_SIZE - 4) {\n- /* if not remote, send event. Multiple events are sent if\n- too big deltas */\n- ps2_mouse_send_packet(s);\n+ /* if not remote, send event. Multiple events are sent if\n+ too big deltas */\n+ while(ps2_mouse_send_packet(s)) {\n if (s->mouse_dx == 0 && s->mouse_dy == 0 && s->mouse_dz == 0)\n break;\n }\n@@ -749,8 +812,9 @@ void ps2_write_mouse(void *opaque, int val)\n ps2_queue(&s->common, AUX_ACK);\n break;\n case AUX_GET_TYPE:\n- ps2_queue(&s->common, AUX_ACK);\n- ps2_queue(&s->common, s->mouse_type);\n+ ps2_queue_2(&s->common,\n+ AUX_ACK,\n+ s->mouse_type);\n break;\n case AUX_SET_RES:\n case AUX_SET_SAMPLE:\n@@ -758,10 +822,11 @@ void ps2_write_mouse(void *opaque, int val)\n ps2_queue(&s->common, AUX_ACK);\n break;\n case AUX_GET_SCALE:\n- ps2_queue(&s->common, AUX_ACK);\n- ps2_queue(&s->common, s->mouse_status);\n- ps2_queue(&s->common, s->mouse_resolution);\n- ps2_queue(&s->common, s->mouse_sample_rate);\n+ ps2_queue_4(&s->common,\n+ AUX_ACK,\n+ s->mouse_status,\n+ s->mouse_resolution,\n+ s->mouse_sample_rate);\n break;\n case AUX_POLL:\n ps2_queue(&s->common, AUX_ACK);\n@@ -787,9 +852,10 @@ void ps2_write_mouse(void *opaque, int val)\n s->mouse_status = 0;\n s->mouse_type = 0;\n ps2_reset_queue(&s->common);\n- ps2_queue(&s->common, AUX_ACK);\n- ps2_queue(&s->common, 0xaa);\n- ps2_queue(&s->common, s->mouse_type);\n+ ps2_queue_3(&s->common,\n+ AUX_ACK,\n+ 0xaa,\n+ s->mouse_type);\n break;\n default:\n break;\ndiff --git a/include/hw/input/ps2.h b/include/hw/input/ps2.h\nindex 94709b8502..213aa16aa3 100644\n--- a/include/hw/input/ps2.h\n+++ b/include/hw/input/ps2.h\n@@ -37,7 +37,12 @@ void *ps2_mouse_init(void (*update_irq)(void *, int), void *update_arg);\n void ps2_write_mouse(void *, int val);\n void ps2_write_keyboard(void *, int val);\n uint32_t ps2_read_data(PS2State *s);\n+void ps2_queue_noirq(PS2State *s, int b);\n+void ps2_raise_irq(PS2State *s);\n void ps2_queue(PS2State *s, int b);\n+void ps2_queue_2(PS2State *s, int b1, int b2);\n+void ps2_queue_3(PS2State *s, int b1, int b2, int b3);\n+void ps2_queue_4(PS2State *s, int b1, int b2, int b3, int b4);\n void ps2_keyboard_set_translation(void *opaque, int mode);\n void ps2_mouse_fake_event(void *opaque);\n \n", "prefixes": [ "PATCHv3", "2/2" ] }