[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH for v2.4.1] exec: fix a glitch in checking dma r
From: |
Paolo Bonzini |
Subject: |
Re: [Qemu-devel] [PATCH for v2.4.1] exec: fix a glitch in checking dma r/w access |
Date: |
Mon, 25 Jan 2016 15:37:59 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.0 |
On 25/01/2016 15:29, P J P wrote:
> diff --git a/exec.c b/exec.c
> index 0a4a0c5..98d97d3 100644
> --- a/exec.c
> +++ b/exec.c
> @@ -375,7 +375,7 @@ address_space_translate_internal(AddressSpaceDispatch *d,
> hwaddr addr, hwaddr *x
> static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write)
> {
> if (memory_region_is_ram(mr)) {
> - return !(is_write && mr->readonly);
> + return (is_write && !mr->readonly);
Putting the various cases in a table:
Read or write? Readonly? Old New
Read Yes T F
Read No T F
Write Yes F F
Write No T T
This patch changes behavior for reads (is_write=false). For
address_space_read, this makes them go through a path that is at least
100 times slower (memory_region_dispatch_read instead of just a memcpy).
For address_space_map, it probably breaks everything that expects a
single block of RAM to be mapped in a single step, for example virtio.
So, how was this tested, and how can the bug be triggered?
Paolo
> }
> if (memory_region_is_romd(mr)) {
> return !is_write;
>