yeahuh / rpms / qemu-kvm

Forked from rpms/qemu-kvm 2 years ago
Clone

Blame SOURCES/kvm-s390x-cpumodel-fix-segmentation-fault-when-baselinin.patch

b38b0f
From 10cd7878be0501be1e27b7b00c14958efcdb3d9b Mon Sep 17 00:00:00 2001
b38b0f
From: Cornelia Huck <cohuck@redhat.com>
b38b0f
Date: Wed, 17 Apr 2019 13:57:22 +0100
b38b0f
Subject: [PATCH 05/24] s390x/cpumodel: fix segmentation fault when baselining
b38b0f
 models
b38b0f
MIME-Version: 1.0
b38b0f
Content-Type: text/plain; charset=UTF-8
b38b0f
Content-Transfer-Encoding: 8bit
b38b0f
b38b0f
RH-Author: Cornelia Huck <cohuck@redhat.com>
b38b0f
Message-id: <20190417135741.25297-6-cohuck@redhat.com>
b38b0f
Patchwork-id: 85784
b38b0f
O-Subject: [RHEL-8.1.0 qemu-kvm PATCH v2 05/24] s390x/cpumodel: fix segmentation fault when baselining models
b38b0f
Bugzilla: 1699070
b38b0f
RH-Acked-by: David Hildenbrand <david@redhat.com>
b38b0f
RH-Acked-by: Thomas Huth <thuth@redhat.com>
b38b0f
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
b38b0f
RH-Acked-by: Jens Freimann <jfreimann@redhat.com>
b38b0f
b38b0f
From: David Hildenbrand <david@redhat.com>
b38b0f
b38b0f
Usually, when baselining two CPU models, whereby one of them has base
b38b0f
CPU features disabled (e.g. z14-base,msa=off), we fallback to an older
b38b0f
model that did not have these features in the base model. We always try to
b38b0f
create a "sane" CPU model (as far as possible), and one part of it is that
b38b0f
removing base features is no good and to be avoided.
b38b0f
b38b0f
Now, if we disable base features that were part of a z900, we're out of
b38b0f
luck. We won't find a CPU model and QEMU will segfault. This is a
b38b0f
scenario that should never happen in real life, but it can be used to
b38b0f
crash QEMU.
b38b0f
b38b0f
So let's properly report an error if we baseline e.g.:
b38b0f
b38b0f
{ "execute": "query-cpu-model-baseline",
b38b0f
  "arguments" : { "modela": { "name": "z14-base", "props": {"esan3" : false}},
b38b0f
                  "modelb": { "name": "z14"}} }
b38b0f
b38b0f
Instead of segfaulting.
b38b0f
b38b0f
Signed-off-by: David Hildenbrand <david@redhat.com>
b38b0f
Message-Id: <20180718092330.19465-1-david@redhat.com>
b38b0f
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
b38b0f
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
b38b0f
(cherry picked from commit 677ff32db12bcd1bca3a3df733d2478896d6df96)
b38b0f
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
b38b0f
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
b38b0f
---
b38b0f
 target/s390x/cpu_models.c | 8 ++++++++
b38b0f
 1 file changed, 8 insertions(+)
b38b0f
b38b0f
diff --git a/target/s390x/cpu_models.c b/target/s390x/cpu_models.c
b38b0f
index 5e9b716..d2c16b8 100644
b38b0f
--- a/target/s390x/cpu_models.c
b38b0f
+++ b/target/s390x/cpu_models.c
b38b0f
@@ -720,6 +720,14 @@ CpuModelBaselineInfo *arch_query_cpu_model_baseline(CpuModelInfo *infoa,
b38b0f
 
b38b0f
     model.def = s390_find_cpu_def(cpu_type, max_gen, max_gen_ga,
b38b0f
                                   model.features);
b38b0f
+
b38b0f
+    /* models without early base features (esan3) are bad */
b38b0f
+    if (!model.def) {
b38b0f
+        error_setg(errp, "No compatible CPU model could be created as"
b38b0f
+                   " important base features are disabled");
b38b0f
+        return NULL;
b38b0f
+    }
b38b0f
+
b38b0f
     /* strip off features not part of the max model */
b38b0f
     bitmap_and(model.features, model.features, model.def->full_feat,
b38b0f
                S390_FEAT_MAX);
b38b0f
-- 
b38b0f
1.8.3.1
b38b0f