Commit 93ea4843 authored by Peter Maydell's avatar Peter Maydell
Browse files

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging 



virtio,pci: bugfixes

Minor bugfixes all over the places, including one CVE.

Additionally, a fix for an ancient bug in migration -
one has to wonder how come no one noticed.

The fix is also non-trivial since we dare not break all
existing machine types with pci - we have a work around
in the works, for now we just skip the work-around for
old machine types.

Great job by Hogan Wang noticing, debugging and fixing it,
and thanks to Dr. David Alan Gilbert for reviewing the patches.

Signed-off-by: default avatarMichael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Mon 27 Jul 2020 16:34:58 BST
# gpg:                using RSA key 5D09FD0871C8F85B94CA8A0D281F0DB8D28D5469
# gpg:                issuer "mst@redhat.com"
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full]
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>" [full]
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream:
  virtio-pci: fix virtio_pci_queue_enabled()
  MAINTAINERS: Cover the firmware JSON schema
  vhost-vdpa :Fix Coverity CID 1430270 / CID 1420267
  libvhost-user: Report descriptor index on panic
  Fix vhost-user buffer over-read on ram hot-unplug
  hw/pci-host: save/restore pci host config register
  virtio-mem-pci: force virtio version 1

Signed-off-by: default avatarPeter Maydell <peter.maydell@linaro.org>
parents 9303ecb6 0c9753eb

MAINTAINERS

+8 −0
Original line number Diff line number Diff line
@@ -2667,6 +2667,14 @@ F: include/hw/i2c/smbus_master.h 
F: include/hw/i2c/smbus_slave.h

F: include/hw/i2c/smbus_eeprom.h



Firmware schema specifications

M: Laszlo Ersek <lersek@redhat.com>

M: Philippe Mathieu-Daudé <philmd@redhat.com>

R: Daniel P. Berrange <berrange@redhat.com>

R: Kashyap Chamarthy <kchamart@redhat.com>

S: Maintained

F: docs/interop/firmware.json



EDK2 Firmware

M: Laszlo Ersek <lersek@redhat.com>

M: Philippe Mathieu-Daudé <philmd@redhat.com>

contrib/libvhost-user/libvhost-user.c

+2 −2
Original line number Diff line number Diff line
@@ -2074,7 +2074,7 @@ virtqueue_get_head(VuDev *dev, VuVirtq *vq, 


    /* If their number is silly, that's a fatal mistake. */

    if (*head >= vq->vring.num) {

        vu_panic(dev, "Guest says index %u is available", head);

        vu_panic(dev, "Guest says index %u is available", *head);

        return false;

    }
@@ -2133,7 +2133,7 @@ virtqueue_read_next_desc(VuDev *dev, struct vring_desc *desc, 
    smp_wmb();



    if (*next >= max) {

        vu_panic(dev, "Desc next is %u", next);

        vu_panic(dev, "Desc next is %u", *next);

        return VIRTQUEUE_READ_DESC_ERROR;

    }

hw/core/machine.c

+1 −0
Original line number Diff line number Diff line
@@ -29,6 +29,7 @@ 
#include "migration/vmstate.h"



GlobalProperty hw_compat_5_0[] = {

    { "pci-host-bridge", "x-config-reg-migration-enabled", "off" },

    { "virtio-balloon-device", "page-poison", "false" },

    { "vmport", "x-read-set-eax", "off" },

    { "vmport", "x-signal-unsupported-cmd", "off" },

hw/i386/pc.c

+2 −1
Original line number Diff line number Diff line
@@ -97,7 +97,8 @@ 
#include "fw_cfg.h"

#include "trace.h"



GlobalProperty pc_compat_5_0[] = {};

GlobalProperty pc_compat_5_0[] = {

};

const size_t pc_compat_5_0_len = G_N_ELEMENTS(pc_compat_5_0);



GlobalProperty pc_compat_4_2[] = {

hw/pci/pci_host.c

+33 −0
Original line number Diff line number Diff line
@@ -22,8 +22,10 @@ 
#include "hw/pci/pci.h"

#include "hw/pci/pci_bridge.h"

#include "hw/pci/pci_host.h"

#include "hw/qdev-properties.h"

#include "qemu/module.h"

#include "hw/pci/pci_bus.h"

#include "migration/vmstate.h"

#include "trace.h"



/* debug PCI */
@@ -200,12 +202,43 @@ const MemoryRegionOps pci_host_data_be_ops = { 
    .endianness = DEVICE_BIG_ENDIAN,

};



static bool pci_host_needed(void *opaque)

{

    PCIHostState *s = opaque;

    return s->mig_enabled;

}



const VMStateDescription vmstate_pcihost = {

    .name = "PCIHost",

    .needed = pci_host_needed,

    .version_id = 1,

    .minimum_version_id = 1,

    .fields = (VMStateField[]) {

        VMSTATE_UINT32(config_reg, PCIHostState),

        VMSTATE_END_OF_LIST()

    }

};



static Property pci_host_properties_common[] = {

    DEFINE_PROP_BOOL("x-config-reg-migration-enabled", PCIHostState,

                     mig_enabled, true),

    DEFINE_PROP_END_OF_LIST(),

};



static void pci_host_class_init(ObjectClass *klass, void *data)

{

    DeviceClass *dc = DEVICE_CLASS(klass);

    device_class_set_props(dc, pci_host_properties_common);

    dc->vmsd = &vmstate_pcihost;

}



static const TypeInfo pci_host_type_info = {

    .name = TYPE_PCI_HOST_BRIDGE,

    .parent = TYPE_SYS_BUS_DEVICE,

    .abstract = true,

    .class_size = sizeof(PCIHostBridgeClass),

    .instance_size = sizeof(PCIHostState),

    .class_init = pci_host_class_init,

};



static void pci_host_register_types(void)