Re: [Qemu-ppc] [PATCH 1/3] pseries: Fix RTAS based config access

[David Gibson]

On Thu, Apr 12, 2012 at 04:50:46PM +0300, Michael S. Tsirkin wrote:
> On Thu, Apr 12, 2012 at 02:29:33PM +0200, Andreas Färber wrote:
> > Am 02.04.2012 06:17, schrieb David Gibson:
> > > On the pseries platform, access to PCI config space is via RTAS calls(
> > > which go to the hypervisor) rather than MMIO.  This means we don't use
> > > the same code path as nearly everyone else which goes through pci_host.c
> > > and we're missing some of the parameter checking along the way.
> > > 
> > > We do have some parameter checking in the RTAS calls, but it's not enough.
> > > It checks for overruns, but does not check for unaligned accesses,
> > > oversized accesses (which means the guest could trigger an assertion
> > > failure from pci_host_config_{read,write}_common().  Worse it doesn't do
> > > the basic checking for the number of RTAS arguments and results before
> > > accessing them.
> > > 
> > > This patch fixes these bugs.
> > > 
> > > Cc: Michael S. Tsirkin <address@hidden>
> > 
> > mst, are you planning to review these two patches? The code movements
> > and RTAS error handling looks okay to me on brief sight, but I'm no PCI
> > expert and the two of you were having discussions as to where to do such
> > checks.
> > 
> > Thanks,
> > 
> > Andreas
> 
> I saw a long argument so I was waiting for dust to settle :)

Well.. this patch is basically my capitulation on that argument.  It's
just the minimal bugfix, minus any cleanup / refactoring of the
checking code as I was doing before.

> Will try to review next week.

-- 
David Gibson                    | I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
                                | _way_ _around_!
http://www.ozlabs.org/~dgibson