On Thu, Apr 12, 2012 at 04:50:46PM +0300, Michael S. Tsirkin wrote:
> On Thu, Apr 12, 2012 at 02:29:33PM +0200, Andreas Färber wrote:
> > Am 02.04.2012 06:17, schrieb David Gibson:
> > > On the pseries platform, access to PCI config space is via RTAS calls(
> > > which go to the hypervisor) rather than MMIO. This means we don't use
> > > the same code path as nearly everyone else which goes through pci_host.c
> > > and we're missing some of the parameter checking along the way.
> > >
> > > We do have some parameter checking in the RTAS calls, but it's not enough.
> > > It checks for overruns, but does not check for unaligned accesses,
> > > oversized accesses (which means the guest could trigger an assertion
> > > failure from pci_host_config_{read,write}_common(). Worse it doesn't do
> > > the basic checking for the number of RTAS arguments and results before
> > > accessing them.
> > >
> > > This patch fixes these bugs.
> > >
> > > Cc: Michael S. Tsirkin <m...@redhat.com>
> >
> > mst, are you planning to review these two patches? The code movements
> > and RTAS error handling looks okay to me on brief sight, but I'm no PCI
> > expert and the two of you were having discussions as to where to do such
> > checks.
> >
> > Thanks,
> >
> > Andreas
>
> I saw a long argument so I was waiting for dust to settle :)
Well.. this patch is basically my capitulation on that argument. It's
just the minimal bugfix, minus any cleanup / refactoring of the
checking code as I was doing before.
> Will try to review next week.
--
David Gibson | I'll have my music baroque, and my code
david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson
