packages/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
qemu/hw-cxl-cxl-host-Fix-missing-ERRP_GUARD-in-cxl_fixed_.patch

80 lines
2.6 KiB
Diff
Raw Normal View History

QEMU update to version 8.2.0-2 - block: bugfix: Don't pause vm when NOSPACE EIO happened - block: enable cache mode of empty cdrom - block/mirror: fix file-system went to read-only after block-mirror - scsi-bus: fix incorrect call for blk_error_retry_reset_timeout() - scsi-bus: fix unmatched object_unref() - block: Add sanity check when setting retry parameters - block-backend: Stop retrying when draining - scsi-disk: Add support for retry on errors - scsi-bus: Refactor the code that retries requests - virtio_blk: Add support for retry on errors - block: Add error retry param setting - block-backend: Add timeout support for retry - block-backend: Enable retry action on errors - block-backend: Add device specific retry callback - block-backend: Introduce retry timer - qapi/block-core: Add retry option for error action - scsi: bugfix: fix division by zero - scsi: cdrom: Fix crash after remote cdrom detached - qemu-pr: fixed ioctl failed for multipath disk - scsi-disk: define props in scsi_block_disk to avoid memleaks - bugfix: fix possible memory leak - bugfix: fix some illegal memory access and memory leak - util/log: add CONFIG_DISABLE_QEMU_LOG macro - log: Add some logs on VM runtime path - bugfix: fix eventfds may double free when vm_id reused in ivshmem - hw/display/macfb: Fix missing ERRP_GUARD() in macfb_nubus_realize() - hw/cxl/cxl-host: Fix missing ERRP_GUARD() in cxl_fixed_memory_window_config() - qemu-img create: 'cache' paramter only use for reg file image - qemu-img: add qemu-img direct create - qemu-img block: set zero flags only when discard_zeros of the block supported - Revert "file-posix: Remove unused s->discard_zeroes" - pcie_sriov: Validate NumVFs (CVE-2024-26327) - hw/nvme: Use pcie_sriov_num_vfs() (CVE-2024-26328) - hw/acpi/cpu: Use CPUState typedef - target/i386/sev: Fix missing ERRP_GUARD() for error_prepend() - virtio-gpu: remove needless condition - hw/i2c/smbus_slave: Add object path on error prints - vfio/pci: Ascend710 change to bar2 quirk - vfio/pci: Ascend910 need 4Bytes quirk in bar0 - vfio/pci: Ascend710 need 4Bytes quirk in bar0 - vfio/pci: Ascend310 need 4Bytes quirk in bar4 - chardev/char-socket: Fix TLS io channels sending too much data to the backend - i386/cpuid: Move leaf 7 to correct group - i386/cpuid: Decrease cpuid_i when skipping CPUID leaf 1F - i386/cpu: Mask with XCR0/XSS mask for FEAT_XSAVE_XCR0_HI and FEAT_XSAVE_XSS_HI leafs - i386/cpu: Clear FEAT_XSAVE_XSS_LO/HI leafs when CPUID_EXT_XSAVE is not available - blkio: Respect memory-alignment for bounce buffer allocations - virtio-gpu: Correct virgl_renderer_resource_get_info() error check - hw/usb: Style cleanup - tests/qemu-iotests: resolved the problem that the 108 test cases in the container fail Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com> (cherry picked from commit 404d45bf9147058a475a8031c454a6c8e0acc123)
2024-03-23 09:20:40 +08:00
From 66d91f8cb6c9668744cf0acda4402f75c5e533e0 Mon Sep 17 00:00:00 2001
From: qihao <qihao_yewu@cmss.chinamobile.com>
Date: Tue, 19 Mar 2024 14:36:46 +0800
Subject: [PATCH] hw/cxl/cxl-host: Fix missing ERRP_GUARD() in
cxl_fixed_memory_window_config()
cheery-pick from 2a0e0a35002db7ac64f4e82ea2a4ad2fb6d934b0
As the comment in qapi/error, dereferencing @errp requires
ERRP_GUARD():
* = Why, when and how to use ERRP_GUARD() =
*
* Without ERRP_GUARD(), use of the @errp parameter is restricted:
* - It must not be dereferenced, because it may be null.
...
* ERRP_GUARD() lifts these restrictions.
*
* To use ERRP_GUARD(), add it right at the beginning of the function.
* @errp can then be used without worrying about the argument being
* NULL or &error_fatal.
*
* Using it when it's not needed is safe, but please avoid cluttering
* the source with useless code.
But in cxl_fixed_memory_window_config(), @errp is dereferenced in 2
places without ERRP_GUARD():
fw->enc_int_ways = cxl_interleave_ways_enc(fw->num_targets, errp);
if (*errp) {
return;
}
and
fw->enc_int_gran =
cxl_interleave_granularity_enc(object->interleave_granularity,
errp);
if (*errp) {
return;
}
For the above 2 places, we check "*errp", because neither function
returns a suitable error code. And since machine_set_cfmw() - the caller
of cxl_fixed_memory_window_config() - doesn't get the NULL @errp
parameter as the "set" method of object property,
cxl_fixed_memory_window_config() hasn't triggered the bug that
dereferencing the NULL @errp.
To follow the requirement of @errp, add missing ERRP_GUARD() in
cxl_fixed_memory_window_config().
Suggested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20240223085653.1255438-2-zhao1.liu@linux.intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Signed-off-by: qihao_yewu <qihao_yewu@cmss.chinamobile.com>
---
hw/cxl/cxl-host.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/cxl/cxl-host.c b/hw/cxl/cxl-host.c
index 2aa776c79c..c5f5fcfd64 100644
--- a/hw/cxl/cxl-host.c
+++ b/hw/cxl/cxl-host.c
@@ -26,6 +26,7 @@ static void cxl_fixed_memory_window_config(CXLState *cxl_state,
CXLFixedMemoryWindowOptions *object,
Error **errp)
{
+ ERRP_GUARD();
g_autofree CXLFixedWindow *fw = g_malloc0(sizeof(*fw));
strList *target;
int i;
--
2.27.0
Reference in New Issue Copy Permalink