On 05.12.18 18:25, Christian Borntraeger wrote:
>
>
> On 05.12.2018 17:45, Cornelia Huck wrote:
>> On Wed, 5 Dec 2018 17:38:22 +0100
>> David Hildenbrand wrote:
>>
>>> On 05.12.18 15:51, Cornelia Huck wrote:
vfio-ap devices do not pin any pages in the host. Therefore, they
are belived
From: Prasad J Pandit
While performing block transfer write in smb_ioport_writeb(),
'smb_index' is incremented and used to index smb_data[] array.
Check 'smb_index' value to avoid OOB access.
Reported-by: Michael Hanselmann
Signed-off-by: Prasad J Pandit
---
hw/i2c/pm_smbus.c | 3 +++
1 file
在 2018/12/6 16:48, P J P 写道:
> From: Prasad J Pandit
>
> While performing block transfer write in smb_ioport_writeb(),
> 'smb_index' is incremented and used to index smb_data[] array.
> Check 'smb_index' value to avoid OOB access.
>
> Reported-by: Michael Hanselmann
> Signed-off-by: Prasad J Pan
Marc-André Lureau writes:
> Hi
> On Thu, Dec 6, 2018 at 10:08 AM Markus Armbruster wrote:
>>
>> One more question...
>>
>> Marc-André Lureau writes:
>>
>> > Not all backends are able to switch gcontext. Those backends cannot
>> > drive a OOB monitor (the monitor would then be blocking on main
>
On Fri, 16 Nov 2018 at 19:29, Peter Maydell wrote:
>
> On 16 November 2018 at 10:46, Hongbo Zhang wrote:
> > On Fri, 16 Nov 2018 at 00:05, Peter Maydell
> > wrote:
> >> If after you've done that this patch is still more than
> >> about 500 lines long, I would recommend that you split it
> >> up
Hi, it's very interesting patchset.
I also research reconnecting issue for vhost-user-blk and SPDK.
Did you support a case when vhost backend is not started but QEMU does?
Regards,
Yury
06.12.2018, 09:37, "elohi...@gmail.com" :
> From: Xie Yongji
>
> This patchset is aimed at supporting qemu to
I did some tests and noticed the second and third patch to incur some
performance loss (on a scenario using virtio device)
I will therefore resubmit just the first patch alone.
On 11/16/18 8:02 PM, remy.n...@blade-group.com wrote:
From: Remy Noel
get rid of the delete attribute.
We still ne
Hi
On Thu, Dec 6, 2018 at 1:13 PM Markus Armbruster wrote:
>
> Marc-André Lureau writes:
>
> > Hi
> > On Thu, Dec 6, 2018 at 10:08 AM Markus Armbruster wrote:
> >>
> >> One more question...
> >>
> >> Marc-André Lureau writes:
> >>
> >> > Not all backends are able to switch gcontext. Those back
> On Dec 6, 2018, at 14:14, Cédric Le Goater wrote:
>
> Hello,
>
>> Your patch has style problems, please review. If any of these errors
>> are false positives report them to the maintainer, see
>> CHECKPATCH in MAINTAINERS.
>> Checking PATCH 25/37: spapr/xive: add state synchronization with
Hi,
06.12.2018, 09:37, "elohi...@gmail.com" :
> From: Xie Yongji
>
> Now we attempt to connect asynchronously for "reconnect socket"
> during open(). But vhost-user device prefer a connected socket
> during initialization. That means we may still need to support
> sync connection during open() fo
On 04.12.18 09:27, Christian Borntraeger wrote:
> On 30.11.2018 10:49, David Hildenbrand wrote:
>> Just like on other architectures, we should stop the clock while the guest
>> is not running. This is already properly done for TCG. Right now, doing an
>> offline migration (stop, migrate, cont) can
Marc-André Lureau writes:
> Hi
>
> On Thu, Dec 6, 2018 at 1:13 PM Markus Armbruster wrote:
>>
>> Marc-André Lureau writes:
>>
>> > Hi
>> > On Thu, Dec 6, 2018 at 10:08 AM Markus Armbruster
>> > wrote:
>> >>
>> >> One more question...
>> >>
>> >> Marc-André Lureau writes:
>> >>
>> >> > Not al
On Thu, 6 Dec 2018 at 17:21, Yury Kotov wrote:
>
> Hi, it's very interesting patchset.
>
> I also research reconnecting issue for vhost-user-blk and SPDK.
> Did you support a case when vhost backend is not started but QEMU does?
>
Now we do not support this case. Because qemu have to get config f
On Tue, 4 Dec 2018 09:27:21 +0100
Christian Borntraeger wrote:
> On 30.11.2018 10:49, David Hildenbrand wrote:
> > Just like on other architectures, we should stop the clock while the guest
> > is not running. This is already properly done for TCG. Right now, doing an
> > offline migration (stop,
On Thu, 6 Dec 2018 14:18:16 +0530
P J P wrote:
> From: Prasad J Pandit
>
> While performing block transfer write in smb_ioport_writeb(),
> 'smb_index' is incremented and used to index smb_data[] array.
> Check 'smb_index' value to avoid OOB access.
>
> Reported-by: Michael Hanselmann
> Signe
On Fri, 30 Nov 2018 10:49:57 +0100
David Hildenbrand wrote:
> Just like on other architectures, we should stop the clock while the guest
> is not running. This is already properly done for TCG. Right now, doing an
> offline migration (stop, migrate, cont) can easily trigger stalls in the
> guest.
Yes, I also think that realize shout be sync.
But may be it's better to add an 'disconnected' option to init the chardev
in disconnected state, then do the first connection with
qemu_chr_fe_wait_connected from vhost_user_blk_realize. So when
connection will be broken in realize we can try again.
W
On Thu, Dec 06, 2018 at 06:34:25AM +0100, Thomas Huth wrote:
> On 2018-12-05 18:30, Philippe Mathieu-Daudé wrote:
> > On 12/3/18 3:05 PM, Thomas Huth wrote:
> >> So far we only had implicit requirements for the minimum compiler version,
> >> e.g. we require at least GCC 4.1 for the support of atomi
Hi
On Thu, Dec 6, 2018 at 1:38 PM Markus Armbruster wrote:
>
> Marc-André Lureau writes:
>
> > Hi
> >
> > On Thu, Dec 6, 2018 at 1:13 PM Markus Armbruster wrote:
> >>
> >> Marc-André Lureau writes:
> >>
> >> > Hi
> >> > On Thu, Dec 6, 2018 at 10:08 AM Markus Armbruster
> >> > wrote:
> >> >>
>
On Thu, 6 Dec 2018 14:18:16 +0530
P J P wrote:
> From: Prasad J Pandit
>
> While performing block transfer write in smb_ioport_writeb(),
> 'smb_index' is incremented and used to index smb_data[] array.
> Check 'smb_index' value to avoid OOB access.
>
> Reported-by: Michael Hanselmann
> Signe
On Wed, Dec 05, 2018 at 03:57:14PM -0500, Michael S. Tsirkin wrote:
> On Wed, Dec 05, 2018 at 02:24:32PM -0600, Michael Roth wrote:
> > Quoting Daniel P. Berrangé (2018-12-05 11:18:18)
> > >
> > > Unless I'm mis-reading the patches, it looks like the VFIO device always
> > > has
> > > to be avail
On Wed, Dec 05, 2018 at 02:24:32PM -0600, Michael Roth wrote:
> Quoting Daniel P. Berrangé (2018-12-05 11:18:18)
> > On Thu, Oct 25, 2018 at 05:06:29PM +0300, Sameeh Jubran wrote:
> > > From: Sameeh Jubran
> > >
> > > Hi all,
> > >
> > > Background:
> > >
> > > There has been a few attempts to
From: Remy Noel
It is possible for an io_poll callback to be concurrently executed along
with an aio_set_fd_handlers. This can cause all sorts of problems, like
a NULL callback or a bad opaque pointer.
This changes set_fd_handlers so that it no longer modify existing handlers
entries and instead
On Thu, 6 Dec 2018 at 09:48, Igor Mammedov wrote:
>
> On Thu, 6 Dec 2018 14:18:16 +0530
> P J P wrote:
>
> > From: Prasad J Pandit
> >
> > While performing block transfer write in smb_ioport_writeb(),
> > 'smb_index' is incremented and used to index smb_data[] array.
> > Check 'smb_index' value
FYI:
http://terenceli.github.io/%E6%8A%80%E6%9C%AF/2018/12/06/qemu-escape
在 2018/12/6 17:02, li qiang 写道:
> 在 2018/12/6 16:48, P J P 写道:
>> From: Prasad J Pandit
>>
>> While performing block transfer write in smb_ioport_writeb(),
>> 'smb_index' is incremented and used to index smb_data[] array.
On Thu, 6 Dec 2018 at 09:10, li qiang wrote:
> Oh... Finally another one find this.
>
> I've already found this. This is very a serious security issue.
If you find a security issue, we would appreciate it if
you let us know, rather than just waiting to see if
anybody else notices it...
thank
On Wed, Dec 05, 2018 at 10:04:36AM -0800, Maran Wilson wrote:
> On 12/5/2018 5:20 AM, Stefan Hajnoczi wrote:
> > On Tue, Dec 04, 2018 at 02:44:33PM -0800, Maran Wilson wrote:
> > > On 12/3/2018 8:35 AM, Stefano Garzarella wrote:
> > > > On Mon, Dec 3, 2018 at 4:44 PM Rob Bradford
> > > > wrote:
>
On Wed, Dec 05, 2018 at 05:46:57PM +0300, Vladimir Sementsov-Ogievskiy wrote:
> qcrypto_block_encrypt_helper and qcrypto_block_decrypt_helper are
> almost identical, let's reduce code duplication and simplify further
> improvements.
>
> Signed-off-by: Vladimir Sementsov-Ogievskiy
> ---
> crypto/
在 2018/12/6 18:16, Peter Maydell 写道:
> On Thu, 6 Dec 2018 at 09:10, li qiang wrote:
>> Oh... Finally another one find this.
>>
>> I've already found this. This is very a serious security issue.
> If you find a security issue, we would appreciate it if
> you let us know, rather than just waiti
On Wed, Dec 05, 2018 at 10:01:00PM +0100, Kamil Rytarowski wrote:
> On 05.12.2018 21:43, Ed Maste wrote:
> > I'd very much like to have CI coverage for QEMU on FreeBSD, and as of
> > yesterday there's a hosted CI service that supports FreeBSD: Cirrus
> > CI. They also offer free service for OSS pro
On Thu, 6 Dec 2018 at 17:52, Yury Kotov wrote:
>
> Yes, I also think that realize shout be sync.
>
> But may be it's better to add an 'disconnected' option to init the chardev
> in disconnected state, then do the first connection with
> qemu_chr_fe_wait_connected from vhost_user_blk_realize. So wh
On Wed, Dec 05, 2018 at 05:46:58PM +0300, Vladimir Sementsov-Ogievskiy wrote:
> Rename qcrypto_block_*crypt_helper to qcrypto_cipher_*crypt_helper, as
> it's not about QCryptoBlock. This is needed to introduce
> qcrypto_block_*crypt_helper in the next commit, which will have
> QCryptoBlock pointer
On Wed, Dec 05, 2018 at 05:46:56PM +0300, Vladimir Sementsov-Ogievskiy wrote:
> Free block->cipher and block->ivgen on error path.
>
> Signed-off-by: Vladimir Sementsov-Ogievskiy
> ---
> crypto/block-luks.c | 3 +++
> 1 file changed, 3 insertions(+)
Reviewed-by: Daniel P. Berrangé
Regards,
D
On Wed, Dec 05, 2018 at 05:46:59PM +0300, Vladimir Sementsov-Ogievskiy wrote:
> Introduce QCryptoBlock-based functions and use them where possible.
> This is needed to implement thread-safe encrypt/decrypt operations.
>
> Signed-off-by: Vladimir Sementsov-Ogievskiy
> ---
> crypto/blockpriv.h |
On Thu, 6 Dec 2018 at 10:34, li qiang wrote:
>
>
> 在 2018/12/6 18:16, Peter Maydell 写道:
> > On Thu, 6 Dec 2018 at 09:10, li qiang wrote:
> >> Oh... Finally another one find this.
> >>
> >> I've already found this. This is very a serious security issue.
> > If you find a security issue, we wou
On Wed, Dec 05, 2018 at 05:47:00PM +0300, Vladimir Sementsov-Ogievskiy wrote:
> The two thing that should be handled are cipher and ivgen. For ivgen
> the solution is just mutex, as iv calculations should not be long in
> comparison with encryption/decryption. And for cipher let's just keep
> per-t
Peter Maydell 于2018年12月6日周四 下午6:46写道:
> On Thu, 6 Dec 2018 at 10:34, li qiang wrote:
> >
> >
> > 在 2018/12/6 18:16, Peter Maydell 写道:
> > > On Thu, 6 Dec 2018 at 09:10, li qiang wrote:
> > >> Oh... Finally another one find this.
> > >>
> > >> I've already found this. This is very a serious
The first patches are simple cleanups:
- patch 1 move the pvpanic device with the 'ocmmon objects' so we compile
it once for the x86/arm/aarch64 archs,
- patch 2 simply renames ISA fields/definitions to generic ones.
Then instead of add/use the MMIO pvpanic device in
Add mmio mode as a pci device support info in docs/specs/pvpanic.txt.
Signed-off-by: Peng Hao
---
docs/specs/pvpanic.txt | 13 -
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/docs/specs/pvpanic.txt b/docs/specs/pvpanic.txt
index c7bbacc..6d62d72 100644
--- a/docs/spec
From: Philippe Mathieu-Daudé
The 'pvpanic' ISA device can be use by any machine with an ISA bus.
Reviewed-by: Peter Maydell
Signed-off-by: Philippe Mathieu-Daudé
Signed-off-by: Peng Hao
---
hw/misc/Makefile.objs | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/misc/Make
On Thu, 6 Dec 2018 at 11:00, Li Qiang wrote:
> Yes, I know that, but as this issue is so good to write a perfect exploit
> so I want to do more.
>
> I know the qemu planing and know this issue doesn't affect anyone.
> I want to do a perfect work.
The problem is that it does affect other people, b
Add pvpanic device in arm virt machine config file.
Signed-off-by: Peng Hao
---
default-configs/arm-softmmu.mak | 1 +
1 file changed, 1 insertion(+)
diff --git a/default-configs/arm-softmmu.mak b/default-configs/arm-softmmu.mak
index 2420491..50345df 100644
--- a/default-configs/arm-softmmu.ma
Add pvpanic new type "TYPE_PVPANIC_PCI"
Signed-off-by: Peng Hao
---
hw/misc/pvpanic.c | 62 ---
include/hw/misc/pvpanic.h | 1 +
include/hw/pci/pci.h | 1 +
3 files changed, 60 insertions(+), 4 deletions(-)
diff --git a/hw/misc/pvpanic.
+-- On Thu, 6 Dec 2018, Igor Mammedov wrote --+
| > From: Prasad J Pandit
| >
| > While performing block transfer write in smb_ioport_writeb(),
| > 'smb_index' is incremented and used to index smb_data[] array.
| > Check 'smb_index' value to avoid OOB access.
| >
| > Reported-by: Michael Hanselm
From: Philippe Mathieu-Daudé
To ease the MMIO device addition in the next patch, rename:
- ISA_PVPANIC_DEVICE -> PVPANIC_ISA_DEVICE.
- MemoryRegion io -> mr.
Reviewed-by: Peter Maydell
Signed-off-by: Philippe Mathieu-Daudé
Signed-off-by: Peng Hao
---
hw/misc/pvpanic.c | 28 --
On 05.12.2018 17:09, Vladimir Sementsov-Ogievskiy wrote:
> 05.12.2018 18:52, Christian Borntraeger wrote:
>>
>>
>> On 05.12.2018 14:39, Vladimir Sementsov-Ogievskiy wrote:
>>> 05.12.2018 15:35, Christian Borntraeger wrote:
On 05.12.2018 13:00, Vladimir Sementsov-Ogievskiy wrote:
>
Hi
On 12/4/18 5:26 PM, Alex Williamson wrote:
> In preparation for reporting higher virtual link speeds and widths,
> create enums and macros to help us manage them.
>
> Cc: Michael S. Tsirkin
> Cc: Marcel Apfelbaum
> Tested-by: Geoffrey McRae
> Signed-off-by: Alex Williamson
Reviewed-by: Eri
Hi,
On 12/4/18 5:26 PM, Alex Williamson wrote:
> Add fields allowing the PCIe link speed and width of a PCIESlot to
> be configured, with an instance_post_init callback on the root port
> parent class to set defaults. This allows child classes to set these
> via properties or via their own instan
On Thu, 6 Dec 2018 at 11:12, Li Qiang wrote:
> OK, next time I will report it directly like what I did before.
Thank you -- I appreciate that.
-- PMM
Hi Alex,
On 12/4/18 5:26 PM, Alex Williamson wrote:
> Make use of the PCIESlot speed and width fields to update link
> information beyond those configured in pcie_cap_v1_fill(). This is
> only called for devices supporting a version 2 capability and
> automatically skips any non-PCIESlot devices.
Hi Alex,
On 12/4/18 5:26 PM, Alex Williamson wrote:
> The PCIe link speed and width between a downstream device and its
> upstream port is negotiated on real hardware and susceptible to
> dynamic changes due to signal issues and power management. In the
> emulated device case there is no real har
On Mon, 3 Dec 2018 at 20:38, Richard Henderson
wrote:
>
> Post v8.3 bits taken from SysReg_v85_xml-00bet8.
>
> Signed-off-by: Richard Henderson
> ---
> target/arm/cpu.h | 22 +-
> 1 file changed, 21 insertions(+), 1 deletion(-)
>
> diff --git a/target/arm/cpu.h b/target/arm/c
Hi
On 12/4/18 5:27 PM, Alex Williamson wrote:
> Now that the downstream port will virtually negotiate itself to the
> link status of the downstream devie, we can remove this emulation.
s/devie/device
> It's not clear that it was every terribly useful anyway.
>
> Tested-by: Geoffrey McRae
> Signed
Peter Maydell 于2018年12月6日周四 下午7:05写道:
> On Thu, 6 Dec 2018 at 11:00, Li Qiang wrote:
> > Yes, I know that, but as this issue is so good to write a perfect exploit
> > so I want to do more.
> >
> > I know the qemu planing and know this issue doesn't affect anyone.
> > I want to do a perfect work.
On Thu, 6 Dec 2018 at 11:10, P J P wrote:
>
> +-- On Thu, 6 Dec 2018, Igor Mammedov wrote --+
> | > From: Prasad J Pandit
> | >
> | > While performing block transfer write in smb_ioport_writeb(),
> | > 'smb_index' is incremented and used to index smb_data[] array.
> | > Check 'smb_index' value to
Hi,
On 12/4/18 5:27 PM, Alex Williamson wrote:
> Including all machine types that might have a pcie-root-port.
>
> Cc: Peter Maydell
> Cc: Michael S. Tsirkin
> Cc: Marcel Apfelbaum
> Cc: Paolo Bonzini
> Cc: Richard Henderson
> Cc: Eduardo Habkost
> Acked-by: David Gibson
> Signed-off-by: A
On Thu, 6 Dec 2018 at 11:19, Peter Maydell wrote:
>
> On Thu, 6 Dec 2018 at 11:10, P J P wrote:
> >
> > +-- On Thu, 6 Dec 2018, Igor Mammedov wrote --+
> > | > From: Prasad J Pandit
> > | >
> > | > While performing block transfer write in smb_ioport_writeb(),
> > | > 'smb_index' is incremented a
Hi
On 12/4/18 5:27 PM, Alex Williamson wrote:
> Change the default speed and width for new machine types to the
> fastest and widest currently supported. This should be compatible to
> the PCIe 4.0 spec. Pre-QEMU-4.0 machine types remain at 2.5GT/s, x1
> width.
>
> Cc: Michael S. Tsirkin
> Cc:
Hi,
On 12/4/18 5:26 PM, Alex Williamson wrote:
> Allow users to experimentally specify speed and width values for the
> generic PCIe root port. Defaults remain at 2.5GT/s & x1 for
> compatiblity with the intent to only support changing defaults via
> machine types for now.
>
> Note for libvirt t
在 2018/12/6 16:48, P J P 写道:
> From: Prasad J Pandit
>
> While performing block transfer write in smb_ioport_writeb(),
> 'smb_index' is incremented and used to index smb_data[] array.
> Check 'smb_index' value to avoid OOB access.
>
> Reported-by: Michael Hanselmann
> Signed-off-by: Prasad J Pan
On 06.12.18 09:48, P J P wrote:
> Reported-by: Michael Hanselmann
> Signed-off-by: Prasad J Pandit
Reviewed-by: Michael Hanselmann
Best regards,
Michael
An update of:
v2: https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg00748.html
We made the debugger module WinDbg (like GDB) for QEMU. This is the replacement
of the remote server in Windows kernel. Used for remote Windows kernel debugging
without debugging mode.
WinDbg is a multi
This option starts windbg server.
Signed-off-by: Mikhail Abakumov
Acked-by: Alistair Francis
Signed-off-by: Pavel Dovgalyuk
---
qemu-options.hx |8
vl.c|8
2 files changed, 16 insertions(+)
diff --git a/qemu-options.hx b/qemu-options.hx
index f7df472f43..
Add chardev for listening to windbg client. Target device is a parameter
in the '-windbg' option.
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
windbgstub.c | 31 +++
1 file changed, 31 insertions(+)
diff --git a/windbgstub.c b/windbgstub.c
in
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
target/i386/windbgstub.c | 11 +++
1 file changed, 11 insertions(+)
diff --git a/target/i386/windbgstub.c b/target/i386/windbgstub.c
index 15a90e521c..dc58f5a8cc 100644
--- a/target/i386/windbgstub.c
+++ b/target/i386/
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
Makefile.target |3 +++
default-configs/i386-softmmu.mak |1 +
include/exec/windbgstub-utils.h | 18 ++
include/exec/windbgstub.h| 17 +
stubs/Makefile.objs
Add some helper features for windbgstub.
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
include/exec/windbgstub-utils.h | 40 +++
include/exec/windbgstub.h |6 +++
windbgstub-utils.c | 83 +++
3 f
Define addresses that must be found on loading stage.
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
target/i386/windbgstub.c | 48 +-
1 file changed, 47 insertions(+), 1 deletion(-)
diff --git a/target/i386/windbgstub.c b/targe
It is necessary to find address on the structure kdDebuggerDataBlock,
which is located somewhere at kernel .data section.
We can find it in structure defined in kernel:
typedef struct _DBGKD_DEBUG_DATA_HEADER
{
LIST_ENTRY64 List;
ULONG OwnerTag;
ULONG Size;
} DBGKD_DEBUG_DATA_HEADER, *
Header file from windbg's source code describing the main structures.
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
include/exec/windbgkd.h | 928 +++
include/exec/windbgstub-utils.h |1
2 files changed, 929 insertions(+)
c
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
target/i386/windbgstub.c | 32
1 file changed, 32 insertions(+)
diff --git a/target/i386/windbgstub.c b/target/i386/windbgstub.c
index 1c1631d7c1..15a90e521c 100644
--- a/target/i386/windbgstub
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
windbgstub.c | 27 +++
1 file changed, 27 insertions(+)
diff --git a/windbgstub.c b/windbgstub.c
index f13c9a6c1e..8cbece40da 100644
--- a/windbgstub.c
+++ b/windbgstub.c
@@ -134,8 +134,35 @@ static voi
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
target/i386/windbgstub.c | 374 ++
1 file changed, 372 insertions(+), 2 deletions(-)
diff --git a/target/i386/windbgstub.c b/target/i386/windbgstub.c
index e2ed2b3105..7a091e1dee 1006
Add parsing data stream to packets from windbg client.
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
include/exec/windbgstub-utils.h | 11 +++
windbgstub.c| 139 +++
2 files changed, 150 insertions(+)
diff --git a/
Add definition of the WindbgState struct and its initialization.
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
windbgstub.c | 31 +++
1 file changed, 31 insertions(+)
diff --git a/windbgstub.c b/windbgstub.c
index 4673703b66..b073cc6a3f 100644
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
include/exec/windbgstub-utils.h |2 ++
windbgstub-utils.c | 47 +++
windbgstub.c|8 +++
3 files changed, 57 insertions(+)
diff --git a/include/ex
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
include/exec/windbgstub-utils.h |2 +
target/i386/windbgstub.c| 90 ---
windbgstub.c|8 +++
3 files changed, 93 insertions(+), 7 deletions(-)
diff --git a
Insert hook to wrmsr operation. Windows kernel put address on KPCR struct
to fs/gs (x32/x64) register. Needs catch this moment and allow windbgstub
handle packets from client.
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
include/exec/windbgstub-utils.h |3 +++
include/
Add function for init DBGKD_ANY_WAIT_STATE_CHANGE. It is a header of
'state change' packets.
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
target/i386/windbgstub.c | 45 +
1 file changed, 45 insertions(+)
diff --git a/target/i3
Add helper functions for serialization and deserialization kernel structures to
byte buffer.
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
target/i386/windbgstub.c | 123 ++
1 file changed, 123 insertions(+)
diff --git a/target/
Add function to search in virtual memory.
Implemented Boyer-Moore search algorithm.
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
include/exec/windbgstub-utils.h |4 +
windbgstub-utils.c | 120 +++
2 files changed, 124 i
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
include/exec/windbgstub-utils.h |2 +
windbgstub-utils.c | 62 +++
windbgstub.c|8 +
3 files changed, 72 insertions(+)
diff --git a/include/exec/
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
include/exec/windbgstub-utils.h |2 ++
target/i386/windbgstub.c| 27 +++
windbgstub.c|8
3 files changed, 37 insertions(+)
diff --git a/include/exec/windbgst
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
include/exec/windbgstub-utils.h |3 +++
target/i386/windbgstub.c| 33 -
2 files changed, 35 insertions(+), 1 deletion(-)
diff --git a/include/exec/windbgstub-utils.h b/include/exec/w
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
include/exec/windbgstub-utils.h |1 +
target/i386/windbgstub.c| 61 +++
windbgstub.c|4 +++
3 files changed, 66 insertions(+)
diff --git a/include/exec/wi
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
windbgstub.c | 59 ++
1 file changed, 59 insertions(+)
diff --git a/windbgstub.c b/windbgstub.c
index 2869d94389..c45faec43f 100644
--- a/windbgstub.c
+++ b/windbgstub.c
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
include/exec/windbgstub-utils.h |3 ++
windbgstub-utils.c | 68 +++
windbgstub.c| 12 +++
3 files changed, 83 insertions(+)
diff --git a/include/ex
Add WinDbg stub to the MAINTAINERS.
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
MAINTAINERS | 12
1 file changed, 12 insertions(+)
diff --git a/MAINTAINERS b/MAINTAINERS
index 1032406c56..dffbd267be 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1689,6 +16
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
include/exec/windbgstub-utils.h |1 +
windbgstub-utils.c | 41 +++
windbgstub.c|4
3 files changed, 46 insertions(+)
diff --git a/include/exec/w
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
windbgstub.c | 54 +-
1 file changed, 53 insertions(+), 1 deletion(-)
diff --git a/windbgstub.c b/windbgstub.c
index c45faec43f..fe0b007a06 100644
--- a/windbgstub.c
+++ b/wi
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
include/exec/windbgstub-utils.h |2 ++
windbgstub-utils.c | 29 +
windbgstub.c|8
3 files changed, 39 insertions(+)
diff --git a/include/exec/windbg
+-- On Thu, 6 Dec 2018, Peter Maydell wrote --+
| > > Do we need patch v2, or it can be done while merging it?
| >
| > I can add in the Fixes line when I apply the patch to master.
|
| Oh, I think we should also add to the commit message something
| along the lines of:
|
| "Note that this bug is
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
windbgstub.c | 35 ++-
1 file changed, 34 insertions(+), 1 deletion(-)
diff --git a/windbgstub.c b/windbgstub.c
index fe0b007a06..f13c9a6c1e 100644
--- a/windbgstub.c
+++ b/windbgstub.c
@@ -91,7
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
include/exec/windbgstub-utils.h |1 +
windbgstub-utils.c | 10 ++
windbgstub.c|4
3 files changed, 15 insertions(+)
diff --git a/include/exec/windbgstub-utils.h b/include/e
The JSON parser happily accepts duplicate object member names. The
last value wins. Reproducer #1:
$ qemu-system-x86_64 -qmp stdio
{"QMP": {"version": {"qemu": {"micro": 93, "minor": 0, "major": 3},
"package": "v3.1.0-rc3-7-g87a45d86ed"}, "capabilities": []}}
{'execute':'qmp_capa
+-- On Thu, 6 Dec 2018, P J P wrote --+
| | to clarify that this is a serious bug but also that it's
| | not one that will be affecting anybody's production systems.
|
| Okay, preparing patch v2...
Sent revised patch
[PATCH v1] i2c: pm_smbus: check smb_index before block transfer write
Thank y
Signed-off-by: Mikhail Abakumov
Signed-off-by: Pavel Dovgalyuk
---
include/exec/windbgstub-utils.h |2 ++
windbgstub-utils.c |7 +++
windbgstub.c| 27 +++
3 files changed, 36 insertions(+)
diff --git a/include/exec/windbgstu
Hi
On Thu, Nov 22, 2018 at 2:38 AM Marc-André Lureau
wrote:
>
> Introduce utility header/object, and replace remaining qemu functions
> with SLIRP helpers.
>
> Signed-off-by: Marc-André Lureau
self-nack,
not only this patch deserves to be split, but it also introduces regression.
> ---
> sl
On Thu, 6 Dec 2018 at 11:15, Peter Maydell wrote:
>
> On Mon, 3 Dec 2018 at 20:38, Richard Henderson
> wrote:
> >
> > Post v8.3 bits taken from SysReg_v85_xml-00bet8.
> >
> > Signed-off-by: Richard Henderson
> > ---
> > target/arm/cpu.h | 22 +-
> > 1 file changed, 21 insert
From: Prasad J Pandit
While performing block transfer write in smb_ioport_writeb(),
'smb_index' is incremented and used to index smb_data[] array.
Check 'smb_index' value to avoid OOB access.
Note that this bug is exploitable by a guest to escape
from the virtual machine. However the commit whic
1 - 100 of 323 matches
Mail list logo
