For some pci device, even its PCI_INTERRUPT_PIN is not 0, it actually
doesn't support INTx mode, so its machine irq read from host sysfs is 0.
In that case, report PCI_INTERRUPT_PIN as 0 to guest and let passthrough
continue.
Cc: Roger Pau Monné
Cc: Jan Beulich
Signed-off-by: Zhao Yan
---
v2:
I see. That wasn't much of a problem, but thank you for the information.
I'll try to keep it in mind when building QEMU in future.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1806114
Title:
On Mon, Dec 03, 2018 at 12:20:30PM +0100, Roger Pau Monné wrote:
> Hello,
>
> Thanks for the patch.
>
> The subject should be more descriptive, "Fix a xen passthrough
> failure" is too generic. How about: "allow passthrough of devices with
> bogus interrupt pin" or something similar.
right,
This allows flexibility to be reused for all kinds of command line
used by other tests.
Reviewed-by: Eric Blake
Reviewed-by: Thomas Huth
Signed-off-by: Jason Wang
---
tests/virtio-net-test.c | 17 +++--
1 file changed, 11 insertions(+), 6 deletions(-)
diff --git
On Mon, Oct 15, 2018 at 06:43:06AM -0400, Michael S. Tsirkin wrote:
> On Mon, Oct 15, 2018 at 08:54:27AM +0200, David Hildenbrand wrote:
> > On 12/10/2018 20:05, Michael S. Tsirkin wrote:
> > > On Fri, Oct 12, 2018 at 02:24:27PM +1100, David Gibson wrote:
> > >> When the balloon is inflated, we
On 12/3/18 10:36 PM, Eric Blake wrote:
On 12/3/18 3:26 AM, Dominik Csapak wrote:
This makes it possible to determine what the exact reason was for
a RESET or a SHUTDOWN. A management layer might need the specific reason
of those events to determine which cleanups or other actions it needs
to
On Mon, Dec 03, 2018 at 09:28:36AM -0700, Alex Williamson wrote:
> Including all machine types that might have a pcie-root-port.
>
> Cc: Peter Maydell
> Cc: Michael S. Tsirkin
> Cc: Marcel Apfelbaum
> Cc: Paolo Bonzini
> Cc: Richard Henderson
> Cc: Eduardo Habkost
> Cc: David Gibson
>
>On Mon, 3 Dec 2018 at 11:04, Peng Hao wrote:
>>
>> The first patches are simple cleanups:
>> - patch 1 move the pvpanic device with the 'ocmmon objects' so we
>> compile
>>it once for the x86/arm/aarch64 archs,
>> - patch 2 simply renames ISA fields/definitions to
On Mon, Dec 03, 2018 at 10:48:51PM +0800, Li Zhijian wrote:
> It provides setup_data struct and header fields
>
> CC: Michael S. Tsirkin
> Signed-off-by: Li Zhijian
Sorry I was unclear when I said "import it from Linux".
The way to import it is to copy the header
from the linux kernel by
Patchew URL:
https://patchew.org/QEMU/20181203170105.2367492-1-stef...@linux.vnet.ibm.com/
Hi,
This series seems to have some coding style problems. See output below for
more information:
Subject: [Qemu-devel] [PATCH v2 0/2] Cleanup and locality range check
Message-id:
On 2018/12/4 上午2:13, Thomas Huth wrote:
On 2018-12-03 11:06, Jason Wang wrote:
We try to detect and drop too large packet (>INT_MAX) in 1592a9947036
("net: ignore packet size greater than INT_MAX") during packet
delivering. Unfortunately, this is not sufficient as we may hit
another integer
On 2018-12-04 04:53, Jason Wang wrote:
> If we want to qtest through hub, it would be much more simpler and
> safer to configure the hub without host network. So silent this
> warnings for qtest.
>
> Signed-off-by: Jason Wang
> ---
> net/hub.c | 3 ++-
> 1 file changed, 2 insertions(+), 1
On 2018/12/4 上午12:46, Eric Blake wrote:
On 12/3/18 4:06 AM, Jason Wang wrote:
This test tries to build a packet whose size is greater than INT_MAX
which tries to trigger integer overflow in qemu_net_queue_append_iov()
which may result OOB.
Can you also add a packet just slightly larger than
On 2018/12/4 上午12:18, Eric Blake wrote:
On 12/3/18 4:06 AM, Jason Wang wrote:
We try to detect and drop too large packet (>INT_MAX) in 1592a9947036
("net: ignore packet size greater than INT_MAX") during packet
delivering. Unfortunately, this is not sufficient as we may hit
another integer
On 2018-12-04 04:53, Jason Wang wrote:
> We try to detect and drop too large packet (>INT_MAX) in 1592a9947036
> ("net: ignore packet size greater than INT_MAX") during packet
> delivering. Unfortunately, this is not sufficient as we may hit
> another integer overflow when trying to queue such
The memfd_create() compilation failure is a bug in older QEMU versions
that was only revealed by a newer glibc version (ie old QEMU built OK
with older glibc but fails with newer glibc). It's fixed in git in
commit 75e5b70e6b5dcc4f221, so backporting that to the older versions
you're trying to
On Mon, Dec 03, 2018 at 05:49:37PM +0100, Cédric Le Goater wrote:
> +}
> +
> +switch (qsize) {
> +case 12:
> +case 16:
> +case 21:
> +case 24:
> +end.w3 = ((uint64_t)qpage) & 0x;
>
On Mon, Dec 03, 2018 at 06:05:12PM +0100, Cédric Le Goater wrote:
> I forgot to reply to this one.
>
> On 11/29/18 1:47 AM, David Gibson wrote:
> > On Wed, Nov 28, 2018 at 11:59:58AM +0100, Cédric Le Goater wrote:
> >> On 11/28/18 12:49 AM, David Gibson wrote:
> >>> On Fri, Nov 16, 2018 at
On 2018/12/4 上午12:18, Peter Maydell wrote:
On Mon, 3 Dec 2018 at 10:06, Jason Wang wrote:
Hi:
This series tries to fix a possible OOB during queueing packets
through qemu_net_queue_append_iov(). This could happen when it tries
to queue a packet whose size is larger than INT_MAX which may
Eric Blake writes:
> On 12/3/18 6:26 AM, Markus Armbruster wrote:
>> Dominik Csapak writes:
>>
>>> This makes it possible to determine what the exact reason was for
>>> a RESET or a SHUTDOWN. A management layer might need the specific reason
>>> of those events to determine which cleanups or
On 2018-12-04 04:53, Jason Wang wrote:
> This test tries to build a packet whose size is greater than INT_MAX
> which tries to trigger integer overflow in qemu_net_queue_append_iov()
> which may result OOB.
>
> Signed-off-by: Jason Wang
> ---
> tests/virtio-net-test.c | 46
Patchew URL:
https://patchew.org/QEMU/1543845937-300-1-git-send-email-th...@redhat.com/
Hi,
This series failed the docker-mingw@fedora build test. Please find the testing
commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.
=== TEST SCRIPT
Test 232 creates image files with read-only permission and
expects an error message when trying to access the image
files with read-only and auto-read-only turned off.
Don't run as root user, since root can open files with read/write
access for read-only files.
Signed-off-by: Farhan Ali
This test tries to build a packet whose size is greater than INT_MAX
which tries to trigger integer overflow in qemu_net_queue_append_iov()
which may result OOB.
Signed-off-by: Jason Wang
---
tests/virtio-net-test.c | 46 +
1 file changed, 46
Patchew URL: https://patchew.org/QEMU/20181203175211.8230-1-mre...@redhat.com/
Hi,
This series seems to have some coding style problems. See output below for
more information:
Subject: [Qemu-devel] [PATCH for-next 0/6] qemu-img: Add salvaging mode to
convert
Message-id:
On 2018-11-26 at 03:46:50 -0500, Pankaj Gupta wrote:
>
> >
> > This option controls whether QEMU mmap(2) the memory backend file with
> > MAP_SYNC flag, which can fully guarantee the guest write persistence
>
> Not sure 'persistence' is the right word here. I think it should be
> something like
On 12/3/18 10:38 PM, Eric Blake wrote:
On 12/3/18 3:26 AM, Dominik Csapak wrote:
It is interesting to know whether the shutdown cause was 'quit' or
'reset', especially when using "--no-reboot". In that case, a management
layer can now determine if the guest wanted a reboot or shutdown, and
can
On 2018-11-29 at 04:11:11 -0500, Pankaj Gupta wrote:
>
> >
> > As more flag parameters besides the existing 'share' are going to be
> > added to qemu_ram_alloc_from_{file,fd}(), let's swith 'share' to a
> > 'flags' parameters in advance, so as to ease the further additions.
> >
> >
Hi Juan,
Kindly ping again. :)
Have a nice day, thanks
Fei
On 11/12/2018 12:43 PM, Fei Li wrote:
Hi Juan,
Kindly ping, as this multifd migration topic needs your suggestions. :)
Have a nice day, thanks
Fei
On 11/03/2018 12:33 AM, Dr. David Alan Gilbert wrote:
* Peter Xu
On Mon, Dec 03, 2018 at 04:52:46PM +0100, Cédric Le Goater wrote:
> On 11/29/18 5:36 PM, Cédric Le Goater wrote:
> > On 11/29/18 5:09 AM, David Gibson wrote:
> >> On Fri, Nov 16, 2018 at 11:57:20AM +0100, Cédric Le Goater wrote:
> >>> This will be used to remove the MMIO regions of the POWER9 XIVE
We try to detect and drop too large packet (>INT_MAX) in 1592a9947036
("net: ignore packet size greater than INT_MAX") during packet
delivering. Unfortunately, this is not sufficient as we may hit
another integer overflow when trying to queue such large packet in
qemu_net_queue_append_iov():
-
Reviewed-by: Thomas Huth
Reviewed-by: Eric Blake
Signed-off-by: Jason Wang
---
tests/virtio-net-test.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/tests/virtio-net-test.c b/tests/virtio-net-test.c
index 587a043e67..bdd6af 100644
--- a/tests/virtio-net-test.c
+++
Hi:
This series tries to fix a possible OOB during queueing packets
through qemu_net_queue_append_iov(). This could happen when it tries
to queue a packet whose size is larger than INT_MAX which may lead
integer overflow. We've fixed similar issue in the past during
qemu_net_queue_deliver_iov()
If we want to qtest through hub, it would be much more simpler and
safer to configure the hub without host network. So silent this
warnings for qtest.
Signed-off-by: Jason Wang
---
net/hub.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/net/hub.c b/net/hub.c
index
hi Andrew,
It's a pci device that does not support legacy intx mode, but it accidently
reports PCI_INTERRUPT_PIN as 1, which should be 0 instead.
So, in dom0, the machine irq is 0, which will cause later
xc_physdev_map_pirq() fail and passthrough failure.
Therefore, we treat this case as
On 12/3/18 10:34 PM, Eric Blake wrote:
On 12/3/18 3:26 AM, Dominik Csapak wrote:
Needed so the patch after next can add ShutdownCause to QMP events
SHUTDOWN and RESET.
Signed-off-by: Dominik Csapak
---
include/sysemu/sysemu.h | 20
qapi/run-state.json | 34
Needed so the patch after next can add ShutdownCause to QMP events
SHUTDOWN and RESET.
Signed-off-by: Dominik Csapak
---
include/sysemu/sysemu.h | 20
qapi/run-state.json | 34 ++
2 files changed, 34 insertions(+), 20 deletions(-)
diff
On 3/12/18 9:59, Gerd Hoffmann wrote:
> Slash is unix directory separator, so they are not allowed in filenames.
> Note this also stops the classic escape via "../".
>
> Fixes: CVE-2018-16867
> Reported-by: Michael Hanselmann
> Signed-off-by: Gerd Hoffmann
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Thomas Huth
Signed-off-by: Jason Wang
---
tests/virtio-net-test.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/tests/virtio-net-test.c b/tests/virtio-net-test.c
index 233b9ab5f7..f12f0afb51 100644
--- a/tests/virtio-net-test.c
+++ b/tests/virtio-net-test.c
@@ -24,7 +24,6 @@
new in v10:
- patches 1-3,6,7: rebase after REQ_WRITE_UNCHANGED
- patch 3: drop supported_zero_flags. My bad, no write_zeroes in quorum.
- patch 4: almost trivial rebase. RB-tags not stripped.
Choose another constant for BDRV_REQ_ALLOCATE
- patch 5: rebase. Instead
The idea is that ALLOCATE requests may overlap with other requests.
Reuse the existing block layer infrastructure for serialising requests.
Use the following approach:
- mark ALLOCATE also SERIALISING, so subsequent requests to the area wait
- ALLOCATE request itself must never wait if another
Signed-off-by: Anton Nefedov
---
block/blkverify.c | 10 --
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/block/blkverify.c b/block/blkverify.c
index 89bf4386e3..bb52596cbb 100644
--- a/block/blkverify.c
+++ b/block/blkverify.c
@@ -141,8 +141,14 @@ static int
On Tue, Dec 04, 2018 at 03:26:47AM +0800, Peng Hao wrote:
> Add configure interface for pvpanic-mmio device in virt machine.
>
> Signed-off-by: Peng Hao
> ---
> hw/arm/virt.c | 23 +++
> include/hw/arm/virt.h | 1 +
> 2 files changed, 24 insertions(+)
>
> diff
Marc-André Lureau writes:
> Hi
> On Mon, Dec 3, 2018 at 12:59 PM Markus Armbruster wrote:
>>
>> Marc-André Lureau writes:
>>
>> > Add a monitor_destroyed global to check if monitor_cleanup() has been
>> > already called. In this case, don't insert the new monitor in the
>> > list, but free it
Dominik Csapak writes:
> Needed so the patch after next can add ShutdownCause to QMP events
> SHUTDOWN and RESET.
>
> Signed-off-by: Dominik Csapak
Reviewed-by: Markus Armbruster
Dominik Csapak writes:
> This series improves the QMP SHUTDOWN and RESET events by adding
> the ShutdownCause as additional parameter and splitting
> the HOST_QMP reason into HOST_QMP_QUIT and HOST_QMP_SYSTEM_RESET
> to be able to detect the difference between them when using '--no-reboot'
>
>
Hi:
This series tries to fix a possible OOB during queueing packets
through qemu_net_queue_append_iov(). This could happen when it tries
to queue a packet whose size is larger than INT_MAX which may lead
integer overflow. We've fixed similar issue in the past during
qemu_net_queue_deliver_iov()
The flag is supposed to indicate that the region of the disk image has
to be sufficiently allocated so it reads as zeroes.
The call with the flag set must return -ENOTSUP if allocation cannot
be done efficiently.
This has to be made sure of by both
- the drivers that support the flag
- and
Current write_zeroes implementation is good enough to satisfy this flag too
Signed-off-by: Anton Nefedov
---
block/file-posix.c | 8 +++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/block/file-posix.c b/block/file-posix.c
index 07bbdab953..b0b7ab0159 100644
---
If COW areas of the newly allocated clusters are zeroes on the backing image,
efficient bdrv_write_zeroes(flags=BDRV_REQ_ALLOCATE) can be used on the whole
cluster instead of writing explicit zero buffers later in perform_cow().
iotest 060:
write to the discarded cluster does not trigger COW
On Tue, Dec 04, 2018 at 03:26:45AM +0800, Peng Hao wrote:
> Add pvpanic device in arm virt machine.
>
> Signed-off-by: Peng Hao
> ---
> default-configs/arm-softmmu.mak | 1 +
> hw/arm/virt.c | 22 ++
> include/hw/arm/virt.h | 1 +
> 3 files
On 11/30/18 5:52 PM, Peter Maydell wrote:
> On Mon, 26 Nov 2018 at 13:27, Eduardo Habkost wrote:
>>
>> On Sun, Nov 25, 2018 at 10:27:04PM +0100, Philippe Mathieu-Daudé wrote:
>>> Hi Eduardo,
>>>
>>> On 23/11/18 19:10, Eduardo Habkost wrote:
If you really want to do this and assign cluster_id
Marc-André Lureau writes:
> On Mon, Dec 3, 2018 at 1:26 PM Markus Armbruster wrote:
>>
>> Marc-André Lureau writes:
>>
>> > When a monitor is connected to a Spice chardev, the monitor cleanup
>> > can dead-lock:
>> >
>> > #0 0x7f43446637fd in __lll_lock_wait () at /lib64/libpthread.so.0
It is interesting to know whether the shutdown cause was 'quit' or
'reset', especially when using "--no-reboot". In that case, a management
layer can now determine if the guest wanted a reboot or shutdown, and
can act accordingly.
Changes the ouput of the reason in the iotests from 'host-qmp' to
This series improves the QMP SHUTDOWN and RESET events by adding
the ShutdownCause as additional parameter and splitting
the HOST_QMP reason into HOST_QMP_QUIT and HOST_QMP_SYSTEM_RESET
to be able to detect the difference between them when using '--no-reboot'
this is an alternative to my previous
Hi
On Mon, Dec 3, 2018 at 12:59 PM Markus Armbruster wrote:
>
> Marc-André Lureau writes:
>
> > Add a monitor_destroyed global to check if monitor_cleanup() has been
> > already called. In this case, don't insert the new monitor in the
> > list, but free it instead.
> >
> > Signed-off-by:
It's going to clutter QEMU logs if 0x0f00 is trapped.
Signed-off-by: Roman Bolshakov
---
target/i386/hvf/x86_decode.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/target/i386/hvf/x86_decode.c b/target/i386/hvf/x86_decode.c
index d125a6ef83..5f513c5563 100644
---
Hi:
This series tries to fix a possible OOB during queueing packets
through qemu_net_queue_append_iov(). This could happen when it tries
to queue a packet whose size is larger than INT_MAX which may lead
integer overflow. We've fixed similar issue in the past during
qemu_net_queue_deliver_iov()
We try to detect and drop too large packet (>INT_MAX) in 1592a9947036
("net: ignore packet size greater than INT_MAX") during packet
delivering. Unfortunately, this is not sufficient as we may hit
another integer overflow when trying to queue such large packet in
qemu_net_queue_append_iov():
-
Richard Henderson writes:
> There is no longer a need for preserving branch offset operands,
> as we no longer re-translate.
>
> Signed-off-by: Richard Henderson
Reviewed-by: Alex Bennée
> ---
> tcg/mips/tcg-target.inc.c | 7 +--
> 1 file changed, 1 insertion(+), 6 deletions(-)
>
>
Richard Henderson writes:
> The reloc_pc{14,24}_val routines retain their asserts.
> Use these directly within the slow paths.
>
> Signed-off-by: Richard Henderson
Reviewed-by: Alex Bennée
> ---
> tcg/ppc/tcg-target.inc.c | 32 +---
> 1 file changed, 21
Add configure interface for pvpanic-mmio device in virt machine.
Signed-off-by: Peng Hao
---
hw/arm/virt.c | 23 +++
include/hw/arm/virt.h | 1 +
2 files changed, 24 insertions(+)
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index a4541fa..fdd3f20 100644
---
Add mmio support info in docs/specs/pvpanic.txt.
Reviewed-by: Andrew Jones
Signed-off-by: Peng Hao
---
docs/specs/pvpanic.txt | 12 +++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/docs/specs/pvpanic.txt b/docs/specs/pvpanic.txt
index c7bbacc..994f080 100644
---
Add pvpanic device in virt acpi table, so when kernel command line
uses acpi=force, kernel can get info from acpi table.
Reviewed-by: Andrew Jones
Signed-off-by: Peng Hao
---
hw/arm/virt-acpi-build.c | 15 +++
1 file changed, 15 insertions(+)
diff --git a/hw/arm/virt-acpi-build.c
Add pvpanic device in arm virt machine.
Signed-off-by: Peng Hao
---
default-configs/arm-softmmu.mak | 1 +
hw/arm/virt.c | 22 ++
include/hw/arm/virt.h | 1 +
3 files changed, 24 insertions(+)
diff --git a/default-configs/arm-softmmu.mak
On Mon, Dec 03, 2018 at 12:18:36PM +0100, Andrew Jones wrote:
> On Tue, Dec 04, 2018 at 03:26:47AM +0800, Peng Hao wrote:
> > Add configure interface for pvpanic-mmio device in virt machine.
> >
> > Signed-off-by: Peng Hao
> > ---
> > hw/arm/virt.c | 23 +++
> >
Hi,
This series failed docker-quick@centos7 build test. Please find the testing
commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.
Subject: [Qemu-devel] [PATCH for-3.1 v2 0/2] usb-mtp: two bugfixes (one
security fix).
Type: series
This makes it possible to determine what the exact reason was for
a RESET or a SHUTDOWN. A management layer might need the specific reason
of those events to determine which cleanups or other actions it needs to do.
This patch also fixes the iotests to include the reason in the output.
On Mon, Dec 3, 2018 at 1:26 PM Markus Armbruster wrote:
>
> Marc-André Lureau writes:
>
> > When a monitor is connected to a Spice chardev, the monitor cleanup
> > can dead-lock:
> >
> > #0 0x7f43446637fd in __lll_lock_wait () at /lib64/libpthread.so.0
> > #1 0x7f434465ccf4 in
On 30.11.18 20:22, Richard Henderson wrote:
> This is a non-privileged instruction that was only implemented
> for system mode. However, the stck instruction is used by glibc,
> so this was causing SIGILL for programs run under debian stretch.
>
> Signed-off-by: Richard Henderson
> ---
>
Richard Henderson writes:
> There is no longer a need for preserving branch offset operands,
> as we no longer re-translate.
>
> Signed-off-by: Richard Henderson
Reviewed-by: Alex Bennée
> ---
> tcg/s390/tcg-target.inc.c | 10 ++
> 1 file changed, 2 insertions(+), 8 deletions(-)
>
Richard Henderson writes:
> There is no longer a need for preserving branch offset operands,
> as we no longer re-translate.
>
> Signed-off-by: Richard Henderson
Reviewed-by: Alex Bennée
> ---
> tcg/sparc/tcg-target.inc.c | 8 ++--
> 1 file changed, 2 insertions(+), 6 deletions(-)
>
>
This will allow passing different kinds of command line string.
Signed-off-by: Jason Wang
---
tests/virtio-net-test.c | 14 --
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/tests/virtio-net-test.c b/tests/virtio-net-test.c
index dcb87a8b6e..233b9ab5f7 100644
---
This allows flexibility to be reused for all kinds of command line
used by other tests.
Signed-off-by: Jason Wang
---
tests/virtio-net-test.c | 17 +++--
1 file changed, 11 insertions(+), 6 deletions(-)
diff --git a/tests/virtio-net-test.c b/tests/virtio-net-test.c
index
v3:
- add missing RES_ prefix to response code.
v2:
- add comment about the (preexisting) issue noted by armbru.
- change error code as suggested by bsd.
- update reporter email address.
Gerd Hoffmann (2):
usb-mtp: fix utf16_to_str
usb-mtp: outlaw slashes in filenames
hw/usb/dev-mtp.c |
On 2018/11/30 下午11:02, Eric Blake wrote:
On 11/28/18 9:12 PM, Jason Wang wrote:
This allows flexibility to be reused for all kinds of command line
used by other tests.
Signed-off-by: Jason Wang
---
tests/virtio-net-test.c | 17 +++--
1 file changed, 11 insertions(+), 6
Richard Henderson writes:
> This does require an extra two checks within the slow paths
> to replace the assert that we're moving.
>
> Signed-off-by: Richard Henderson
> ---
> tcg/aarch64/tcg-target.inc.c | 35 ---
> 1 file changed, 20 insertions(+), 15
Richard Henderson writes:
> This does require an extra two checks within the slow paths
> to replace the assert that we're moving.
>
> Signed-off-by: Richard Henderson
Reviewed-by: Alex Bennée
> ---
> tcg/arm/tcg-target.inc.c | 22 --
> 1 file changed, 16
https://patchew.org/QEMU/20181201123056.432-1-peter.mayd...@linaro.org/
is an RFC patchset which tries to address all the locking issues and
make the main thread run only the Cocoa UI event loop, with no blocking
operations in UI event callbacks. It's RFC because (as noted in the last
two
Make utf16_to_str return an allocated string. Remove the assumtion that
the number of string bytes equals the number of utf16 chars (which is
only true for ascii chars). Instead call wcstombs twice, once to figure
the storage size and once for the actual conversion (as suggested by the
wcstombs
Slash is unix directory separator, so they are not allowed in filenames.
Note this also stops the classic escape via "../".
Fixes: CVE-2018-16867
Reported-by: Michael Hanselmann
Signed-off-by: Gerd Hoffmann
Reviewed-by: Philippe Mathieu-Daudé
---
hw/usb/dev-mtp.c | 6 ++
1 file changed, 6
Signed-off-by: Anton Nefedov
---
block/mirror.c | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/block/mirror.c b/block/mirror.c
index 56d9ef7474..56908c9b19 100644
--- a/block/mirror.c
+++ b/block/mirror.c
@@ -1528,8 +1528,12 @@ static void mirror_start_job(const char
Richard Henderson writes:
> This does require an extra two checks within the slow paths
> to replace the assert that we're moving. Also add two checks
> within existing functions that lacked any kind of assert for
> out of range branch.
>
> Signed-off-by: Richard Henderson
Reviewed-by: Alex
Add pvpanic new type "TYPE_PVPANIC_MMIO"
Reviewed-by: Peter Maydell
Signed-off-by: Peng Hao
---
hw/misc/pvpanic.c | 50 +++
include/hw/misc/pvpanic.h | 1 +
2 files changed, 47 insertions(+), 4 deletions(-)
diff --git a/hw/misc/pvpanic.c
From: Philippe Mathieu-Daudé
The 'pvpanic' ISA device can be use by any machine with an ISA bus.
Reviewed-by: Peter Maydell
Signed-off-by: Philippe Mathieu-Daudé
Signed-off-by: Peng Hao
---
hw/misc/Makefile.objs | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
The first patches are simple cleanups:
- patch 1 move the pvpanic device with the 'ocmmon objects' so we compile
it once for the x86/arm/aarch64 archs,
- patch 2 simply renames ISA fields/definitions to generic ones.
Then instead of add/use the MMIO pvpanic device in
Use the configure interface for pvpanic-mmio.
Signed-off-by: Peng Hao
---
hw/arm/virt-acpi-build.c | 5 -
hw/arm/virt.c| 3 +++
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c
index 4215ca6..4990a0d 100644
---
On Mon, 3 Dec 2018 at 11:21, Luc Michel wrote:
>
> On 11/30/18 5:52 PM, Peter Maydell wrote:
> > Luc: what are the requirements on boards using CPU cluster
> > objects? I assume these are both OK:
> > * does not use cluster objects at all
> >(the gdbstub puts all the CPUs in one process?)
>
Emilio G. Cota writes:
> This gets rid of the muladd errors due to not raising the invalid flag.
>
> - Before:
> Errors found in f64_mulAdd, rounding near_even, tininess before rounding:
> +000.0 +7FF.0 +7FF.F
> => +7FF.F .
This test tries to build a packet whose size is greater than INT_MAX
which tries to trigger integer overflow in qemu_net_queue_append_iov()
which may result OOB.
Reviewed-by: Thomas Huth
Signed-off-by: Jason Wang
---
tests/virtio-net-test.c | 45 +
1
Found only minor issues. v3 should do the trick. Thanks!
This test tries to build a packet whose size is greater than INT_MAX
which tries to trigger integer overflow in qemu_net_queue_append_iov()
which may result OOB.
Signed-off-by: Jason Wang
---
tests/virtio-net-test.c | 44 +
1 file changed, 44
Reviewed-by: Thomas Huth
Signed-off-by: Jason Wang
---
tests/virtio-net-test.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/tests/virtio-net-test.c b/tests/virtio-net-test.c
index 587a043e67..bdd6af 100644
--- a/tests/virtio-net-test.c
+++ b/tests/virtio-net-test.c
@@ -24,7 +24,6 @@
Single opcode instructions in ff group were incorrectly processed
because an overrun of _decode_tbl1[0xff] resulted in access of
_decode_tbl2[0x0]. Thus, decode_sldtgroup was called instead of
decode_ffgroup:
7d71: decode_sldtgroup: 1
Unimplemented handler (7d71) for 108 (ff 0)
While at it
Signed-off-by: Anton Nefedov
---
block/quorum.c | 19 ++-
1 file changed, 18 insertions(+), 1 deletion(-)
diff --git a/block/quorum.c b/block/quorum.c
index 16b3c8067c..d21a6a3b8e 100644
--- a/block/quorum.c
+++ b/block/quorum.c
@@ -857,6 +857,19 @@ static QemuOptsList
COW (even empty/zero) areas require encryption too
Signed-off-by: Anton Nefedov
Reviewed-by: Eric Blake
Reviewed-by: Max Reitz
Reviewed-by: Alberto Garcia
---
tests/qemu-iotests/134 | 9 +
tests/qemu-iotests/134.out | 10 ++
2 files changed, 19 insertions(+)
diff --git
On 30.11.18 20:22, Richard Henderson wrote:
> We will need this from CONFIG_USER_ONLY as well,
> which cannot access include/hw/.
>
> Signed-off-by: Richard Henderson
> ---
> include/hw/s390x/tod.h | 3 ---
> target/s390x/cpu.h | 3 +++
> 2 files changed, 3 insertions(+), 3 deletions(-)
>
Richard Henderson writes:
> There is no longer a need for preserving branch offset operands,
> as we no longer re-translate.
>
> Signed-off-by: Richard Henderson
Reviewed-by: Alex Bennée
> ---
> tcg/ppc/tcg-target.inc.c | 25 +++--
> 1 file changed, 7 insertions(+), 18
From: Philippe Mathieu-Daudé
To ease the MMIO device addition in the next patch, rename:
- ISA_PVPANIC_DEVICE -> PVPANIC_ISA_DEVICE.
- MemoryRegion io -> mr.
Reviewed-by: Peter Maydell
Signed-off-by: Philippe Mathieu-Daudé
Signed-off-by: Peng Hao
---
hw/misc/pvpanic.c | 28
Hello,
Thanks for the patch.
The subject should be more descriptive, "Fix a xen passthrough
failure" is too generic. How about: "allow passthrough of devices with
bogus interrupt pin" or something similar.
On Mon, Dec 03, 2018 at 12:04:38AM -0500, Zhao Yan wrote:
> For some pci device, even its
1 - 100 of 377 matches
Mail list logo