[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 0/4] ahci: unmap fixes
From: |
P J P |
Subject: |
Re: [Qemu-devel] [PATCH 0/4] ahci: unmap fixes |
Date: |
Tue, 9 Feb 2016 17:38:08 +0000 (UTC) |
> On Monday, 8 February 2016 10:23 PM, John Snow <address@hidden> wrote:
>> PJP, ping? Look good?
Oops, sorry!
> On 01/29/2016 04:41 PM, John Snow wrote:
>> As reported by Zuozhi fzz <address@hidden>, there's a problem
>> you can expose in AHCI by rewriting the command list buffer and/or FIS
>> receive buffer addresses, then re-starting the AHCI device before bringing
>> it to a stop. Depending on the success of the remap operations, you may
>> be able to transition the device to a state where it thinks it is
>> "running" but no longer has a guest memory mapping.
>>
>> When you try to transition it to the stopped state, QEMU crashes.
>>
>> Tighten up the start/stop conditions, and pepper in a paranoia check inside
>> of the unmap function.
>>
>> John Snow (4):
>> ahci: Do not unmap NULL addresses
>> ahci: handle LIST_ON and FIS_ON in map helpers
>> ahci: explicitly reject bad engine states on post_load
>> ahci: prohibit "restarting" the FIS or CLB engines
Yes, they look good.
Thank you.
--- -P J P
http://feedmug.com