| Message ID | 1440561851-17553-1-git-send-email-bharata@linux.vnet.ibm.com |
|---|---|
| State | New |
| Headers | show |
Quoting Bharata B Rao (2015-08-25 23:04:11) > If drmgr is used in the guest to hotplug a device before a device_add > has been issued via the QEMU monitor, QEMU segfaults in configure_connector > call. This occurs due to accessing of NULL FDT which otherwise would have > been created and associated with the DRC during device_add command. > > Check for NULL FDT and return failure from configure_connector call. > > Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com> > Cc: Michael Roth <mdroth@linux.vnet.ibm.com> Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com> > --- > Not fully sure if RTAS_OUT_HW_ERROR is the right error code here. Should > we be using RTAS_OUT_NOT_SUPPORTED instead ? > > hw/ppc/spapr_rtas.c | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/hw/ppc/spapr_rtas.c b/hw/ppc/spapr_rtas.c > index e99e25f..3be8eec 100644 > --- a/hw/ppc/spapr_rtas.c > +++ b/hw/ppc/spapr_rtas.c > @@ -522,6 +522,12 @@ static void rtas_ibm_configure_connector(PowerPCCPU *cpu, > > drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc); > fdt = drck->get_fdt(drc, NULL); > + if (!fdt) { > + DPRINTF("rtas_ibm_configure_connector: Missing FDT for DRC index: %xh\n", > + drc_index); > + rc = RTAS_OUT_HW_ERROR; > + goto out; > + } > > ccs = spapr_ccs_find(spapr, drc_index); > if (!ccs) { > -- > 2.1.0 >
On Wed, Aug 26, 2015 at 09:17:09AM -0500, Michael Roth wrote: > Quoting Bharata B Rao (2015-08-25 23:04:11) > > If drmgr is used in the guest to hotplug a device before a device_add > > has been issued via the QEMU monitor, QEMU segfaults in configure_connector > > call. This occurs due to accessing of NULL FDT which otherwise would have > > been created and associated with the DRC during device_add command. > > > > Check for NULL FDT and return failure from configure_connector call. > > > > Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com> > > Cc: Michael Roth <mdroth@linux.vnet.ibm.com> > > Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com> > > > --- > > Not fully sure if RTAS_OUT_HW_ERROR is the right error code here. Should > > we be using RTAS_OUT_NOT_SUPPORTED instead ? Based on my reading of PAPR+ 2.7, it appears that we should return -9003 error code here. I am planning to add #define SPAPR_DR_CC_RESPONSE_NOT_CONFIGURABLE -9003 and use it when fdt is NULL in ibm,configure-connector call. Is that fine ? Regards, Bharata.
Quoting Bharata B Rao (2015-08-27 00:28:57) > On Wed, Aug 26, 2015 at 09:17:09AM -0500, Michael Roth wrote: > > Quoting Bharata B Rao (2015-08-25 23:04:11) > > > If drmgr is used in the guest to hotplug a device before a device_add > > > has been issued via the QEMU monitor, QEMU segfaults in configure_connector > > > call. This occurs due to accessing of NULL FDT which otherwise would have > > > been created and associated with the DRC during device_add command. > > > > > > Check for NULL FDT and return failure from configure_connector call. > > > > > > Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com> > > > Cc: Michael Roth <mdroth@linux.vnet.ibm.com> > > > > Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com> > > > > > --- > > > Not fully sure if RTAS_OUT_HW_ERROR is the right error code here. Should > > > we be using RTAS_OUT_NOT_SUPPORTED instead ? > > Based on my reading of PAPR+ 2.7, it appears that we should return -9003 > error code here. > > I am planning to add > > #define SPAPR_DR_CC_RESPONSE_NOT_CONFIGURABLE -9003 > > and use it when fdt is NULL in ibm,configure-connector call. Is that fine ? Yes, that error seems in line with this situation, and proposed constant seems fine to me (assuming you add to the existing sPAPRDRCCResponse enum) > > Regards, > Bharata. >
diff --git a/hw/ppc/spapr_rtas.c b/hw/ppc/spapr_rtas.c index e99e25f..3be8eec 100644 --- a/hw/ppc/spapr_rtas.c +++ b/hw/ppc/spapr_rtas.c @@ -522,6 +522,12 @@ static void rtas_ibm_configure_connector(PowerPCCPU *cpu, drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc); fdt = drck->get_fdt(drc, NULL); + if (!fdt) { + DPRINTF("rtas_ibm_configure_connector: Missing FDT for DRC index: %xh\n", + drc_index); + rc = RTAS_OUT_HW_ERROR; + goto out; + } ccs = spapr_ccs_find(spapr, drc_index); if (!ccs) {
If drmgr is used in the guest to hotplug a device before a device_add has been issued via the QEMU monitor, QEMU segfaults in configure_connector call. This occurs due to accessing of NULL FDT which otherwise would have been created and associated with the DRC during device_add command. Check for NULL FDT and return failure from configure_connector call. Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com> Cc: Michael Roth <mdroth@linux.vnet.ibm.com> --- Not fully sure if RTAS_OUT_HW_ERROR is the right error code here. Should we be using RTAS_OUT_NOT_SUPPORTED instead ? hw/ppc/spapr_rtas.c | 6 ++++++ 1 file changed, 6 insertions(+)