All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] hw/net/vmxnet3: Do not abort QEMU if guest specified bad queue numbers
@ 2021-07-21 14:15 Thomas Huth
  2021-07-22  9:34 ` Jason Wang
  0 siblings, 1 reply; 2+ messages in thread
From: Thomas Huth @ 2021-07-21 14:15 UTC (permalink / raw)
  To: qemu-devel, Dmitry Fleytman; +Cc: Jason Wang

QEMU should never terminate unexpectedly just because the guest is
doing something wrong like specifying wrong queue numbers. Let's
simply refuse to set the device active in this case.

Buglink: https://bugs.launchpad.net/qemu/+bug/1890160
Signed-off-by: Thomas Huth <thuth@redhat.com>
---
 hw/net/vmxnet3.c | 34 ++++++++++++++++++++++------------
 1 file changed, 22 insertions(+), 12 deletions(-)

diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
index f6bd8c53b1..41f796a247 100644
--- a/hw/net/vmxnet3.c
+++ b/hw/net/vmxnet3.c
@@ -1381,7 +1381,7 @@ static void vmxnet3_validate_interrupts(VMXNET3State *s)
     }
 }
 
-static void vmxnet3_validate_queues(VMXNET3State *s)
+static bool vmxnet3_validate_queues(VMXNET3State *s)
 {
     /*
     * txq_num and rxq_num are total number of queues
@@ -1390,12 +1390,18 @@ static void vmxnet3_validate_queues(VMXNET3State *s)
     */
 
     if (s->txq_num > VMXNET3_DEVICE_MAX_TX_QUEUES) {
-        hw_error("Bad TX queues number: %d\n", s->txq_num);
+        qemu_log_mask(LOG_GUEST_ERROR, "vmxnet3: Bad TX queues number: %d\n",
+                      s->txq_num);
+        return false;
     }
 
     if (s->rxq_num > VMXNET3_DEVICE_MAX_RX_QUEUES) {
-        hw_error("Bad RX queues number: %d\n", s->rxq_num);
+        qemu_log_mask(LOG_GUEST_ERROR, "vmxnet3: Bad RX queues number: %d\n",
+                      s->rxq_num);
+        return false;
     }
+
+    return true;
 }
 
 static void vmxnet3_activate_device(VMXNET3State *s)
@@ -1419,6 +1425,16 @@ static void vmxnet3_activate_device(VMXNET3State *s)
         return;
     }
 
+    s->txq_num =
+        VMXNET3_READ_DRV_SHARED8(d, s->drv_shmem, devRead.misc.numTxQueues);
+    s->rxq_num =
+        VMXNET3_READ_DRV_SHARED8(d, s->drv_shmem, devRead.misc.numRxQueues);
+
+    VMW_CFPRN("Number of TX/RX queues %u/%u", s->txq_num, s->rxq_num);
+    if (!vmxnet3_validate_queues(s)) {
+        return;
+    }
+
     vmxnet3_adjust_by_guest_type(s);
     vmxnet3_update_features(s);
     vmxnet3_update_pm_state(s);
@@ -1445,14 +1461,6 @@ static void vmxnet3_activate_device(VMXNET3State *s)
         VMXNET3_READ_DRV_SHARED8(d, s->drv_shmem, devRead.intrConf.autoMask);
     VMW_CFPRN("Automatic interrupt masking is %d", (int)s->auto_int_masking);
 
-    s->txq_num =
-        VMXNET3_READ_DRV_SHARED8(d, s->drv_shmem, devRead.misc.numTxQueues);
-    s->rxq_num =
-        VMXNET3_READ_DRV_SHARED8(d, s->drv_shmem, devRead.misc.numRxQueues);
-
-    VMW_CFPRN("Number of TX/RX queues %u/%u", s->txq_num, s->rxq_num);
-    vmxnet3_validate_queues(s);
-
     qdescr_table_pa =
         VMXNET3_READ_DRV_SHARED64(d, s->drv_shmem, devRead.misc.queueDescPA);
     VMW_CFPRN("TX queues descriptors table is at 0x%" PRIx64, qdescr_table_pa);
@@ -2404,7 +2412,9 @@ static int vmxnet3_post_load(void *opaque, int version_id)
         }
     }
 
-    vmxnet3_validate_queues(s);
+    if (!vmxnet3_validate_queues(s)) {
+        return -1;
+    }
     vmxnet3_validate_interrupts(s);
 
     return 0;
-- 
2.27.0



^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [PATCH] hw/net/vmxnet3: Do not abort QEMU if guest specified bad queue numbers
  2021-07-21 14:15 [PATCH] hw/net/vmxnet3: Do not abort QEMU if guest specified bad queue numbers Thomas Huth
@ 2021-07-22  9:34 ` Jason Wang
  0 siblings, 0 replies; 2+ messages in thread
From: Jason Wang @ 2021-07-22  9:34 UTC (permalink / raw)
  To: Thomas Huth, qemu-devel, Dmitry Fleytman


在 2021/7/21 下午10:15, Thomas Huth 写道:
> QEMU should never terminate unexpectedly just because the guest is
> doing something wrong like specifying wrong queue numbers. Let's
> simply refuse to set the device active in this case.
>
> Buglink: https://bugs.launchpad.net/qemu/+bug/1890160
> Signed-off-by: Thomas Huth <thuth@redhat.com>


Applied.

Thanks


> ---
>   hw/net/vmxnet3.c | 34 ++++++++++++++++++++++------------
>   1 file changed, 22 insertions(+), 12 deletions(-)
>
> diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
> index f6bd8c53b1..41f796a247 100644
> --- a/hw/net/vmxnet3.c
> +++ b/hw/net/vmxnet3.c
> @@ -1381,7 +1381,7 @@ static void vmxnet3_validate_interrupts(VMXNET3State *s)
>       }
>   }
>   
> -static void vmxnet3_validate_queues(VMXNET3State *s)
> +static bool vmxnet3_validate_queues(VMXNET3State *s)
>   {
>       /*
>       * txq_num and rxq_num are total number of queues
> @@ -1390,12 +1390,18 @@ static void vmxnet3_validate_queues(VMXNET3State *s)
>       */
>   
>       if (s->txq_num > VMXNET3_DEVICE_MAX_TX_QUEUES) {
> -        hw_error("Bad TX queues number: %d\n", s->txq_num);
> +        qemu_log_mask(LOG_GUEST_ERROR, "vmxnet3: Bad TX queues number: %d\n",
> +                      s->txq_num);
> +        return false;
>       }
>   
>       if (s->rxq_num > VMXNET3_DEVICE_MAX_RX_QUEUES) {
> -        hw_error("Bad RX queues number: %d\n", s->rxq_num);
> +        qemu_log_mask(LOG_GUEST_ERROR, "vmxnet3: Bad RX queues number: %d\n",
> +                      s->rxq_num);
> +        return false;
>       }
> +
> +    return true;
>   }
>   
>   static void vmxnet3_activate_device(VMXNET3State *s)
> @@ -1419,6 +1425,16 @@ static void vmxnet3_activate_device(VMXNET3State *s)
>           return;
>       }
>   
> +    s->txq_num =
> +        VMXNET3_READ_DRV_SHARED8(d, s->drv_shmem, devRead.misc.numTxQueues);
> +    s->rxq_num =
> +        VMXNET3_READ_DRV_SHARED8(d, s->drv_shmem, devRead.misc.numRxQueues);
> +
> +    VMW_CFPRN("Number of TX/RX queues %u/%u", s->txq_num, s->rxq_num);
> +    if (!vmxnet3_validate_queues(s)) {
> +        return;
> +    }
> +
>       vmxnet3_adjust_by_guest_type(s);
>       vmxnet3_update_features(s);
>       vmxnet3_update_pm_state(s);
> @@ -1445,14 +1461,6 @@ static void vmxnet3_activate_device(VMXNET3State *s)
>           VMXNET3_READ_DRV_SHARED8(d, s->drv_shmem, devRead.intrConf.autoMask);
>       VMW_CFPRN("Automatic interrupt masking is %d", (int)s->auto_int_masking);
>   
> -    s->txq_num =
> -        VMXNET3_READ_DRV_SHARED8(d, s->drv_shmem, devRead.misc.numTxQueues);
> -    s->rxq_num =
> -        VMXNET3_READ_DRV_SHARED8(d, s->drv_shmem, devRead.misc.numRxQueues);
> -
> -    VMW_CFPRN("Number of TX/RX queues %u/%u", s->txq_num, s->rxq_num);
> -    vmxnet3_validate_queues(s);
> -
>       qdescr_table_pa =
>           VMXNET3_READ_DRV_SHARED64(d, s->drv_shmem, devRead.misc.queueDescPA);
>       VMW_CFPRN("TX queues descriptors table is at 0x%" PRIx64, qdescr_table_pa);
> @@ -2404,7 +2412,9 @@ static int vmxnet3_post_load(void *opaque, int version_id)
>           }
>       }
>   
> -    vmxnet3_validate_queues(s);
> +    if (!vmxnet3_validate_queues(s)) {
> +        return -1;
> +    }
>       vmxnet3_validate_interrupts(s);
>   
>       return 0;



^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2021-07-22  9:35 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-07-21 14:15 [PATCH] hw/net/vmxnet3: Do not abort QEMU if guest specified bad queue numbers Thomas Huth
2021-07-22  9:34 ` Jason Wang

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.