+-- On Fri, 29 Jan 2016, P J P wrote --+
| Okay, I'll send a revised patch.
I've sent it. Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
+-- On Thu, 28 Jan 2016, Peter Maydell wrote --+
| ahci code should never be passing it to address_space_unmap()
| (or indeed doing anything with it at all).
Okay.
| Instead it needs to handle it as an error case. But it looks like
| ahci_cond_start_engines() already does that:
|
| if
On 28 January 2016 at 18:09, P J P wrote:
> Yes, this is exactly same case, except that 'bounce.buffer' is NULL; It does
> not point to a valid address.
>
> 1. For first address_space_map() everything goes well and 'bounce.buffer' is
>allocated.
OK
> 2. For second address_space_map(), it r
Hello Peter,
+-- On Thu, 28 Jan 2016, Peter Maydell wrote --+
| This doesn't look right to me. The bounce buffer gets used
| if address_space_map() is called on something which isn't
| simple guest RAM. In this case address_space_map() will
| set bounce.in_use to true and return bounce.buffer a
On 28 January 2016 at 15:15, P J P wrote:
> From: Prasad J Pandit
>
> When IDE AHCI emulation uses Frame Information Structures(FIS)
> engine for data transfer, the mapped FIS buffer address is stored
> in a static 'bounce.buffer'. This is freed when FIS entry is
> unmapped. If multiple FIS entri
