[2/2] Remove guest triggerable abort()

Message ID	1280330003-1467-3-git-send-email-gleb@redhat.com
State	New
Headers	show Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> From: Gleb Natapov <gleb@redhat.com> To: qemu-devel@nongnu.org Date: Wed, 28 Jul 2010 18:13:23 +0300 Message-Id: <1280330003-1467-3-git-send-email-gleb@redhat.com> In-Reply-To: <1280330003-1467-1-git-send-email-gleb@redhat.com> References: <1280330003-1467-1-git-send-email-gleb@redhat.com> Cc: kvm@vger.kernel.org Subject: [Qemu-devel] [PATCH 2/2] Remove guest triggerable abort() Precedence: list Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org

Message ID

1280330003-1467-3-git-send-email-gleb@redhat.com

State

New

Headers

From: Gleb Natapov <gleb@redhat.com>
To: qemu-devel@nongnu.org
Date: Wed, 28 Jul 2010 18:13:23 +0300
Message-Id: <1280330003-1467-3-git-send-email-gleb@redhat.com>
In-Reply-To: <1280330003-1467-1-git-send-email-gleb@redhat.com>
References: <1280330003-1467-1-git-send-email-gleb@redhat.com>
Cc: kvm@vger.kernel.org
Subject: [Qemu-devel] [PATCH 2/2] Remove guest triggerable abort()
Precedence: list
Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org

Commit Message

Gleb Natapov July 28, 2010, 3:13 p.m. UTC

This abort() condition is easily triggerable by a guest if it configures
pci bar with unaligned address that overlaps main memory.

Signed-off-by: Gleb Natapov <gleb@redhat.com>
---
 kvm-all.c |   16 ++++------------
 1 files changed, 4 insertions(+), 12 deletions(-)

Comments

Marcelo Tosatti July 29, 2010, 9:18 p.m. UTC | #1

On Wed, Jul 28, 2010 at 06:13:23PM +0300, Gleb Natapov wrote:
> This abort() condition is easily triggerable by a guest if it configures
> pci bar with unaligned address that overlaps main memory.
> 
> Signed-off-by: Gleb Natapov <gleb@redhat.com>
> ---
>  kvm-all.c |   16 ++++------------
>  1 files changed, 4 insertions(+), 12 deletions(-)

Applied to uq/master, thanks.

diff --git a/kvm-all.c b/kvm-all.c
index fec6d05..ad46b10 100644
--- a/kvm-all.c
+++ b/kvm-all.c
@@ -437,18 +437,10 @@  static void kvm_set_phys_mem(target_phys_addr_t start_addr,
     KVMSlot *mem, old;
     int err;
 
-    if (start_addr & ~TARGET_PAGE_MASK) {
-        if (flags >= IO_MEM_UNASSIGNED) {
-            if (!kvm_lookup_overlapping_slot(s, start_addr,
-                                             start_addr + size)) {
-                return;
-            }
-            fprintf(stderr, "Unaligned split of a KVM memory slot\n");
-        } else {
-            fprintf(stderr, "Only page-aligned memory slots supported\n");
-        }
-        abort();
-    }
+    /* kvm works in page size chunks, but the function may be called
+       with sub-page size and analigned start address. */
+    size = TARGET_PAGE_ALIGN(size);
+    start_addr = TARGET_PAGE_ALIGN(start_addr);
 
     /* KVM does not support read-only slots */
     phys_offset &= ~IO_MEM_ROM;

[2/2] Remove guest triggerable abort()

Commit Message

Comments

Patch