m_fw_cfg.h
create mode 100644 pc-bios/optionrom/pvh.S
create mode 100644 pc-bios/optionrom/pvh_main.c
I had a few very minor comments on patch3, but with that, for the series:
Reviewed-by: Liam Merwick
From: Stefano Garzarella
When initrd is specified, load and expose it to the guest firmware
through fw_cfg. The firmware will fill the hvm_start_info for the
kernel.
Signed-off-by: Stefano Garzarella
Based-on: <1545422632-2-5-git-send-email-liam.merw...@oracle.com>
Signed-off-by
to discover the
boot entry address for the x86/HVM direct boot ABI.
Signed-off-by: Liam Merwick
---
hw/alpha/dp264.c | 4 ++--
hw/arm/armv7m.c| 3 ++-
hw/arm/boot.c | 2 +-
hw/core/generic-loader.c | 2 +-
hw/core/loader.c
-by: George Kennedy
Signed-off-by: Liam Merwick
---
hw/i386/pc.c | 135 ++
include/elf.h | 10 +
2 files changed, 145 insertions(+)
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 73d688f84239..6d549950a044 100644
--- a/hw/i386/pc.c
From: Liam Merwick
The x86/HVM direct boot ABI permits Qemu to be able to boot directly
into the uncompressed Linux kernel binary with minimal firmware involvement.
https://xenbits.xen.org/docs/unstable/misc/pvh.html
This commit adds the header file that defines the start_info struct
ux_startup_64: 94.531349 (+57.851987)
linux_start_kernel: 94.900913 (+0.369564)
linux_start_user: 401.060971 (+306.160058)
QEMU + bzImage:
qemu_init_end: 30.424430
linux_startup_64: 893.770334 (+863.345904)
linux_start_kernel: 894.17049 (+0.400156)
linux_start_user: 1208.679768 (+314.509278)
' parameter
added in the previous commit.
Signed-off-by: Liam Merwick
---
include/hw/elf_ops.h | 75
1 file changed, 75 insertions(+)
diff --git a/include/hw/elf_ops.h b/include/hw/elf_ops.h
index 3438d6f69e8d..690f9238c8cc 100644
--- a/include
Hi Stefano,
On 10/01/2019 15:12, Stefano Garzarella wrote:
On Wed, Jan 09, 2019 at 01:18:12PM -0800, Maran Wilson wrote:
On 1/9/2019 11:53 AM, Boris Ostrovsky wrote:
On 1/9/19 6:53 AM, Stefano Garzarella wrote:
Hi Liam,
On Tue, Jan 8, 2019 at 3:47 PM Liam Merwick wrote:
QEMU sets
On 02/01/2019 13:12, Stefan Hajnoczi wrote:
On Fri, Dec 21, 2018 at 08:03:50PM +, Liam Merwick wrote:
+while (note_type != elf_note_type) {
+nhdr_namesz = nhdr->n_namesz;
+nhdr_descsz = nhdr->n_descsz;
+
+elf_note_entry_offset = nhd
On 02/01/2019 13:18, Stefan Hajnoczi wrote:
On Fri, Dec 21, 2018 at 08:03:52PM +, Liam Merwick wrote:
@@ -1336,7 +1470,7 @@ void pc_memory_init(PCMachineState *pcms,
int linux_boot, i;
MemoryRegion *ram, *option_rom_mr;
MemoryRegion *ram_below_4g, *ram_above_4g
On 02/01/2019 13:06, Stefan Hajnoczi wrote:
On Fri, Dec 21, 2018 at 08:03:49PM +, Liam Merwick wrote:
diff --git a/include/hw/elf_ops.h b/include/hw/elf_ops.h
index 74679ff8da3a..37d20a3800c1 100644
--- a/include/hw/elf_ops.h
+++ b/include/hw/elf_ops.h
@@ -266,6 +266,7 @@ fail
implications for the kernel side.
Regards,
Liam
On Fri, Dec 21, 2018 at 9:07 PM Liam Merwick wrote:
For certain applications it is desirable to rapidly boot a KVM virtual
machine. In cases where legacy hardware and software support within the
guest is not needed, QEMU should be able to boot
Introduce a routine which, given a pointer to a range of ELF Notes,
searches through them looking for a note matching the type specified
and returns a pointer to the matching ELF note.
Signed-off-by: Liam Merwick
---
include/hw/elf_ops.h | 50
Thanks Stefan for the review - comments inline.
On 11/12/2018 14:17, Stefan Hajnoczi wrote:
On Wed, Dec 05, 2018 at 10:37:25PM +, Liam Merwick wrote:
From: Liam Merwick
Add support to read the PVH Entry address from an ELF note in the
uncompressed kernel binary (as defined by the x86/HVM
-by: George Kennedy
Signed-off-by: Liam Merwick
---
hw/i386/pc.c | 136 +-
include/elf.h | 10 +
2 files changed, 145 insertions(+), 1 deletion(-)
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 115bc2825ce4..6d44a14da44d 100644
--- a/hw
+57.851987)
linux_start_kernel: 94.900913 (+0.369564)
linux_start_user: 401.060971 (+306.160058)
QEMU + bzImage:
qemu_init_end: 30.424430
linux_startup_64: 893.770334 (+863.345904)
linux_start_kernel: 894.17049 (+0.400156)
linux_start_user: 1208.679768 (+314.509278)
Liam Merwick (4):
elf: Ad
to discover the
boot entry address for the x86/HVM direct boot ABI.
Signed-off-by: Liam Merwick
---
hw/alpha/dp264.c | 4 ++--
hw/arm/armv7m.c| 3 ++-
hw/arm/boot.c | 2 +-
hw/core/generic-loader.c | 2 +-
hw/core/loader.c
On 11/12/2018 14:57, Liam Merwick wrote:
On 11/12/2018 14:01, Stefan Hajnoczi wrote:
On Wed, Dec 05, 2018 at 10:37:24PM +, Liam Merwick wrote:
From: Liam Merwick
The x86/HVM direct boot ABI permits Qemu to be able to boot directly
into the uncompressed Linux kernel binary without
From: Liam Merwick
The x86/HVM direct boot ABI permits Qemu to be able to boot directly
into the uncompressed Linux kernel binary with minimal firmware involvement.
https://xenbits.xen.org/docs/unstable/misc/pvh.html
This commit adds the header file that defines the start_info struct
On 11/12/2018 14:01, Stefan Hajnoczi wrote:
On Wed, Dec 05, 2018 at 10:37:24PM +, Liam Merwick wrote:
From: Liam Merwick
The x86/HVM direct boot ABI permits Qemu to be able to boot directly
into the uncompressed Linux kernel binary without the need to run firmware.
https
On 06/12/2018 20:13, Paolo Bonzini wrote:
On 05/12/18 23:31, Liam Merwick wrote:
For certain applications it is desirable to rapidly boot a KVM virtual
machine. In cases where legacy hardware and software support within the
guest is not needed, QEMU should be able to boot directly
349 (+57.851987)
linux_start_kernel: 94.900913 (+0.369564)
linux_start_user: 401.060971 (+306.160058)
QEMU + bzImage:
qemu_init_end: 30.424430
linux_startup_64: 893.770334 (+863.345904)
linux_start_kernel: 894.17049 (+0.400156)
linux_start_user: 1208.679768 (+314.509278)
Liam Merwick (3):
-by: Liam Merwick
---
hw/i386/pc.c | 72
1 file changed, 72 insertions(+)
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 056aa46d99b9..d3012cbd8597 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -54,6 +54,7 @@
#include "sysemu/qt
From: Liam Merwick
The x86/HVM direct boot ABI permits Qemu to be able to boot directly
into the uncompressed Linux kernel binary without the need to run firmware.
https://xenbits.xen.org/docs/unstable/misc/pvh.html
This commit adds the header file that defines the start_info struct
From: Liam Merwick
Add support to read the PVH Entry address from an ELF note in the
uncompressed kernel binary (as defined by the x86/HVM direct boot ABI).
This 32-bit entry point will be used by QEMU to load the kernel in the
guest and jump into the kernel entry point.
For now, a call
to populate the start_info struct needed by
the direct boot ABI and configure the guest e820 tables before
jumping to the loaded kernel entry.
Signed-off-by: George Kennedy
Signed-off-by: Liam Merwick
---
fw_cfg.c| 72 -
linuxboot.c | 2
eventually handle the corresponding VM exit.
If for example, QEMU is started with the following argument:
-device isa-debug-exit,iobase=0xf4
then any IO write to 0xf4 will terminate the QEMU process and the
corresponding VM.
Signed-off-by: Liam Merwick
---
benchmark.h | 3 ++-
fw_cfg.c| 7
-off-by: Maran Wilson
Signed-off-by: Liam Merwick
---
include/start_info.h | 146 +++
1 file changed, 146 insertions(+)
create mode 100644 include/start_info.h
diff --git a/include/start_info.h b/include/start_info.h
new file mode 100644
index
nel: 94.900913 (+0.369564)
linux_start_user: 401.060971 (+306.160058)
QEMU + bzImage:
qemu_init_end: 30.424430
linux_startup_64: 893.770334 (+863.345904)
linux_start_kernel: 894.17049 (+0.400156)
linux_start_user: 1208.679768 (+314.509278)
Liam Merwick (3):
pvh: Add x86/HVM direct boot
On 14/11/2018 12:55, Kevin Wolf wrote:
Don't leak 'cluster' in the mapping == NULL case. Found by Coverity
(CID 1055918).
Fixes: 8d9401c2791ee2d2805b741b1ee3006041edcd3e
Signed-off-by: Kevin Wolf
Reviewed-by: Liam Merwick
Thanks.
---
block/vvfat.c | 6 +++---
1 file changed, 3
tion below, otherwise
Reviewed-by: Liam Merwick
Tested-by: Liam Merwick
---
include/hw/bt.h | 3 -
hw/bt/hid.c | 554
vl.c| 34 +---
hw/bt/Makefile.objs | 3 +-
qemu-doc.texi | 6 +-
qemu-options.hx
On 13/11/2018 07:03, Gerd Hoffmann wrote:
Useful when debugging pxeboot, to see what the guest tries to do.
Signed-off-by: Gerd Hoffmann
Reviewed-by: Liam Merwick
---
Makefile.objs | 1 +
slirp/tftp.c | 3 +++
slirp/trace-events | 5 +
3 files changed, 9 insertions
On 09/11/2018 14:14, Gerd Hoffmann wrote:
Broken (segfaultson first keypress) and appearently unused.
s/segfaultson/segfaults on/
s/appearently/apparently/
Signed-off-by: Gerd Hoffmann
one question at the end, otherwise
Reviewed-by: Liam Merwick
---
include/hw/bt.h | 3
tch2)
patch2: Switched to using ?: in return (v4 patch3)
patch3: Added Max's R-b (v4 patch4)
patch4: couple of changes based on feedback from Max (v4 patch5)
patch5: no change (v4 patch7)
Liam Merwick (5):
job: Fix off-by-one assert checks for JobSTT and JobVerbTable
block: Null pointer
' pointer in img_commit() assert it is not NULL.
Signed-off-by: Liam Merwick
Reviewed-by: Max Reitz
---
qemu-img.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/qemu-img.c b/qemu-img.c
index b12f4cd19b0a..457aa152296b 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -1029,6 +1029,7 @@ static
The calls to find_mapping_for_cluster() may return NULL but it
isn't always checked for before dereferencing the value returned.
Additionally, add some asserts to cover cases where NULL can't
be returned but which might not be obvious at first glance.
Signed-off-by: Liam Merwick
---
block
.
Fixes: 0e4e4318eaa5 ('qcow2: add overlap check for bitmap directory')
Cc: Vladimir Sementsov-Ogievskiy
Signed-off-by: Liam Merwick
Reviewed-by: Eric Blake
Reviewed-by: Max Reitz
---
block/qcow2-refcount.c | 18 ++
1 file changed, 10 insertions(+), 8 deletions(-)
diff --git
string if no
object path can be found (similar to the case when blk->dev is NULL
and an empty string is returned).
Signed-off-by: Liam Merwick
---
block/block-backend.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/block/block-backend.c b/block/block-backend.c
in
overrun is not flagged
either.
This is not a run-time issue as there are no callers actually
passing in the max value.
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark Kanda
Reviewed-by: Eric Blake
Reviewed-by: John Snow
---
job.c | 4 ++--
1 file changed, 2 insertions
On 05/11/18 00:19, Max Reitz wrote:
On 19.10.18 22:39, Liam Merwick wrote:
The calls to find_mapping_for_cluster() may return NULL but it
isn't always checked for before dereferencing the value returned.
Additionally, add some asserts to cover cases where NULL can't
be returned but which
On 05/11/18 00:07, Max Reitz wrote:
On 19.10.18 22:39, Liam Merwick wrote:
A NULL 'list' passed into function dump_qlist() isn't correctly
validated and can be passed to qlist_first() where it is dereferenced.
Given that dump_qlist() is static, and callers already do the right
thing, just
On 04/11/18 23:57, Max Reitz wrote:
On 19.10.18 22:39, Liam Merwick wrote:
The dev_id returned by the call to blk_get_attached_dev_id() in
blk_root_get_parent_desc() can be NULL (an internal call to
object_get_canonical_path may have returned NULL).
Instead of just checking this case before
The calls to find_mapping_for_cluster() may return NULL but it
isn't always checked for before dereferencing the value returned.
Additionally, add some asserts to cover cases where NULL can't
be returned but which might not be obvious at first glance.
Signed-off-by: Liam Merwick
---
block
In kvm_arch_init_vcpu() a call to cpuid_find_entry() can return
NULL so the pointer returned should be checked before dereferencing it.
Signed-off-by: Liam Merwick
---
target/i386/kvm.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/target/i386/kvm.c b/target/i386/kvm.c
behaviour, when no option is specified, is to maintain the
current behaviour and enable AVX2 if the compiler supports it.
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark Kanda
---
configure | 11 +--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/c
.
Fixes: 0e4e4318eaa5 ('qcow2: add overlap check for bitmap directory')
Cc: Vladimir Sementsov-Ogievskiy
Signed-off-by: Liam Merwick
Reviewed-by: Eric Blake
Reviewed-by: Max Reitz
---
block/qcow2-refcount.c | 18 ++
1 file changed, 10 insertions(+), 8 deletions(-)
diff --git
' pointer in img_commit() assert it is not NULL.
Signed-off-by: Liam Merwick
---
qemu-img.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/qemu-img.c b/qemu-img.c
index b12f4cd19b0a..457aa152296b 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -1029,6 +1029,7 @@ static int img_commit(int argc
of suppressing a warning from a static analysis tool
and removing this noise will help us better find real issues).
Signed-off-by: Liam Merwick
Reviewed-by: Eric Blake
---
block/qapi.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/block/qapi.c b/block/qapi.c
index c66f949db839..e81be604217c 100644
overrun is not flagged
either.
This is not a run-time issue as there are no callers actually
passing in the max value.
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark Kanda
Reviewed-by: Eric Blake
Reviewed-by: John Snow
---
job.c | 4 ++--
1 file changed, 2 insertions
string if no
object path can be found (similar to the case when blk->dev is NULL
and an empty string is returned).
Signed-off-by: Liam Merwick
---
block/block-backend.c | 6 +-
dtc | 2 +-
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/block/block-backend.
new_spawn()'
patch from v3 - it was correct but of no benefit to staic analysis checking
Liam Merwick (8):
configure: Provide option to explicitly disable AVX2
job: Fix off-by-one assert checks for JobSTT and JobVerbTable
block: Null pointer dereference in blk_root_get_parent_desc()
qemu-im
On 12/10/18 16:22, Max Reitz wrote:
On 31.08.18 20:16, Liam Merwick wrote:
A NULL 'list' passed into function dump_qlist() isn't correctly
validated and can be passed to qlist_first() where it is dereferenced.
Given that dump_qlist() is static, and callers already do the right
thing, just
On 12/10/18 15:51, Max Reitz wrote:
On 31.08.18 20:16, Liam Merwick wrote:
The function block_job_get() may return NULL so before dereferencing
the 'job' pointer in img_commit() it should be checked.
It may not because the job yields before executing anything (if it
started successfully
On 12/10/18 16:14, Max Reitz wrote:
On 31.08.18 20:16, Liam Merwick wrote:
The calls to bdrv_new_open_driver(), find_mapping_for_cluster(),
and array_get_next() may return NULL but it isn't always checked for
before dereferencing the value returned.
Signed-off-by: Liam Merwick
Reviewed
On 12/10/18 15:48, Max Reitz wrote:
Hi,
On 31.08.18 20:16, Liam Merwick wrote:
The dev_id returned by the call to blk_get_attached_dev_id() in
blk_root_get_parent_desc() can be NULL (an internal call to
object_get_canonical_path may have returned NULL) so it should
be checked before
).
Suppress these using the _Pragma() operator.
To put in the pragmas we need to convert the macros from
expressions to statements, but all the callsites effectively
treat them as statements already so this is OK.
Signed-off-by: Peter Maydell
Reviewed-by: Liam Merwick
---
linux-user/qemu.h | 57
A NULL 'list' passed into function dump_qlist() isn't correctly
validated and can be passed to qlist_first() where it is dereferenced.
Given that dump_qlist() is static, and callers already do the right
thing, just add an assert to catch future potential bugs.
Signed-off-by: Liam Merwick
.
Fixes: 0e4e4318eaa5 ('qcow2: add overlap check for bitmap directory')
Cc: Vladimir Sementsov-Ogievskiy
Signed-off-by: Liam Merwick
Reviewed-by: Eric Blake
---
block/qcow2-refcount.c | 18 ++
1 file changed, 10 insertions(+), 8 deletions(-)
diff --git a/block/qcow2-refcount.c b
The calls to bdrv_new_open_driver(), find_mapping_for_cluster(),
and array_get_next() may return NULL but it isn't always checked for
before dereferencing the value returned.
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark Kanda
---
block/vvfat.c | 56
issues.
Signed-off-by: Liam Merwick
Reviewed-by: Eric Blake
---
io/channel-command.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/io/channel-command.c b/io/channel-command.c
index 3e7eb17eff54..82acd3234915 100644
--- a/io/channel-command.c
+++ b/io/channel-command.c
The function block_job_get() may return NULL so before dereferencing
the 'job' pointer in img_commit() it should be checked.
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark Kanda
---
qemu-img.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/qemu-img.c b/qemu
behaviour, when no option is specified, is to maintain the
current behaviour and enable AVX2 if the compiler supports it.
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark Kanda
---
configure | 11 +--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/c
e from commit message
patch8: removed unnecessary comment and updated QEMU_BUILD_BUG_ON to use
ARRAY_SIZE
Added Eric's R-b to patches 6,7,8
Liam Merwick (8):
configure: Provide option to explicitly disable AVX2
job: Fix off-by-one assert checks for JobSTT and JobVerbTable
block: Null p
overrun is not flagged
either.
This is not a run-time issue as there are no callers actually
passing in the max value.
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark Kanda
Reviewed-by: Eric Blake
---
job.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff
The dev_id returned by the call to blk_get_attached_dev_id() in
blk_root_get_parent_desc() can be NULL (an internal call to
object_get_canonical_path may have returned NULL) so it should
be checked before dereferencing.
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark
On 31/08/18 17:53, Eric Blake wrote:
On 08/31/2018 11:36 AM, Liam Merwick wrote:
The commit for 0e4e4318eaa5 increments QCOW2_OL_MAX_BITNR but does not
add an array entry for QCOW2_OL_BITMAP_DIRECTORY_BITNR to
metadata_ol_names[].
As a result, an array dereference of metadata_ol_names[8
The calls to bdrv_new_open_driver(), find_mapping_for_cluster(),
and array_get_next() may return NULL but it isn't always checked for
before dereferencing the value returned.
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark Kanda
---
block/vvfat.c | 56
.
Fixes: 0e4e4318eaa5 ('qcow2: add overlap check for bitmap directory')
Cc: Vladimir Sementsov-Ogievskiy
Signed-off-by: Liam Merwick
---
block/qcow2-refcount.c | 26 ++
1 file changed, 18 insertions(+), 8 deletions(-)
diff --git a/block/qcow2-refcount.c b/block/qcow2
The function block_job_get() may return NULL so before dereferencing
the 'job' pointer in img_commit() it should be checked.
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark Kanda
---
qemu-img.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/qemu-img.c b/qemu
behaviour, when no option is specified, is to maintain the
current behaviour and enable AVX2 if the compiler supports it.
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark Kanda
---
configure | 11 +--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/c
A NULL 'list' passed into function dump_qlist() isn't correctly
validated and can be passed to qlist_first() where it is dereferenced.
Given that dump_qlist() is static, and callers already do the right
thing, just add an assert to catch future potential bugs.
Signed-off-by: Liam Merwick
ch2: reworded commit message to clarify issue
patch6: Reverted common qlist routines and added assert to qlist_dump instead
patch7: Fixed incorrect logic
patch8: Added QEMU_BUILD_BUG_ON to catch future іnstance at compile-time
Liam Merwick (8):
configure: Provide option to explicitly disable AVX2
issues.
Signed-off-by: Liam Merwick
---
io/channel-command.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/io/channel-command.c b/io/channel-command.c
index 3e7eb17eff54..82acd3234915 100644
--- a/io/channel-command.c
+++ b/io/channel-command.c
@@ -61,8 +61,7
overrun is not flagged
either.
This is not a run-time issue as there are no callers actually
passing in the max value.
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark Kanda
Reviewed-by: Eric Blake
---
job.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff
The dev_id returned by the call to blk_get_attached_dev_id() in
blk_root_get_parent_desc() can be NULL (an internal call to
object_get_canonical_path may have returned NULL) so it should
be checked before dereferencing.
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark
On 31/08/18 16:50, Eric Blake wrote:
On 08/31/2018 10:36 AM, Liam Merwick wrote:
On 30/08/2018 17:18, Eric Blake wrote:
On 08/30/2018 10:47 AM, Liam Merwick wrote:
Incorrect checking of flags could result in uninitialized
file descriptor being used.
Looking at it again, the very minor
On 30/08/2018 17:18, Eric Blake wrote:
On 08/30/2018 10:47 AM, Liam Merwick wrote:
Incorrect checking of flags could result in uninitialized
file descriptor being used.
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark Kanda
---
io/channel-command.c | 4 ++--
1 file
On 30/08/18 19:43, Eric Blake wrote:
On 08/30/2018 10:47 AM, Liam Merwick wrote:
The commit for 0e4e4318eaa5 increments QCOW2_OL_MAX_BITNR but does not
add an array entry for QCOW2_OL_BITMAP_DIRECTORY_BITNR to
metadata_ol_names[].
As a result, an array dereference of metadata_ol_names[8
On 30/08/18 19:41, Eric Blake wrote:
On 08/30/2018 10:47 AM, Liam Merwick wrote:
A NULL 'list' passed into function dump_qlist() isn't correctly
validated and can be passed to qlist_first() where it is dereferenced.
But dump_qlist() is static, and it is easy to prove that it will never
On 30/08/18 19:34, Eric Blake wrote:
On 08/30/2018 10:47 AM, Liam Merwick wrote:
In the array dereference of JobVerbTable[verb] in job_apply_verb()
the check of the index, verb, allows an overrun because an index
equal to the array size is permitted.
Similarly, in the array dereference
behaviour, when no option is specified, is to maintain the
current behaviour and enable AVX2 if the compiler supports it.
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark Kanda
---
configure | 11 +--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/c
The function block_job_get() may return NULL so before dereferencing
the 'job' pointer in img_commit() it should be checked.
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark Kanda
---
qemu-img.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/qemu-img.c b/qemu
The calls to bdrv_new_open_driver(), find_mapping_for_cluster(),
and array_get_next() may return NULL but it isn't always checked for
before dereferencing the value returned.
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark Kanda
---
block/vvfat.c | 56
is possible.
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark Kanda
---
job.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/job.c b/job.c
index e36ebaafd81c..40320566f43b 100644
--- a/job.c
+++ b/job.c
@@ -166,7 +166,7 @@ bool job_is_internal(Job *job
The dev_id returned by the call to blk_get_attached_dev_id() in
blk_root_get_parent_desc() can be NULL (an internal call to
object_get_canonical_path may have returned NULL) so it should
be checked before dereferencing.
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark
check to to qlist_first() and qlist_next() and all
the callers to those functions handle that cleanly.
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark Kanda
---
include/qapi/qmp/qlist.h | 6 ++
1 file changed, 6 insertions(+)
diff --git a/include/qapi/qmp
to configure to
select if AVX2 is used or not (keeping the existing behaviour by default).
My motivation was avoiding an issue with the static analysis tool but NetSpectre
was announced as I was working on this and I felt it may have more general uses.
Liam Merwick (8):
configure: Provide option
Incorrect checking of flags could result in uninitialized
file descriptor being used.
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark Kanda
---
io/channel-command.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/io/channel-command.c b/io
.
Fixes: 0e4e4318eaa5 ('qcow2: add overlap check for bitmap directory')
Cc: Vladimir Sementsov-Ogievskiy
Signed-off-by: Liam Merwick
Reviewed-by: Darren Kenny
Reviewed-by: Mark Kanda
---
block/qcow2-refcount.c | 17 +
1 file changed, 9 insertions(+), 8 deletions(-)
diff --git
101 - 189 of 189 matches
Mail list logo