rpms/qemu
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

pci: fix unaligned writes to pci config index register (rhbz#830261)

Browse Source 
(resulted in NetBSD being unable to boot in a VM.)
This commit is contained in:
Kyle McMartin 2013-01-30 09:39:12 -05:00
parent 9d29b15e79
commit dbbc37dd0a
2 changed files with 40 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
0203-pci-fix-corrupted-pci-conf-index-register-by-unaligned-write.patch Normal file
View File

@ -0,0 +1,33 @@
commit cdde6ffc27517bdf069734fbc5693ce2b14edc75
Author: Avi Kivity <avi@redhat.com>
Date: Wed Jan 4 16:28:42 2012 +0200
pci: fix corrupted pci conf index register by unaligned write
Commit d0ed8076cbdc261 converted the PCI config access to the memory
API, but also inadvertantly changed it to accept unaligned writes,
and corrupt the index register in the process. This causes a regression
booting NetBSD.
Fix by ignoring unaligned or non-dword writes.
https://bugs.launchpad.net/qemu/+bug/897771
Reported-by: Andreas Gustafsson <gson@gson.org>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
diff --git a/hw/pci_host.c b/hw/pci_host.c
index 44c6c20..8041778 100644
--- a/hw/pci_host.c
+++ b/hw/pci_host.c
@@ -101,6 +101,9 @@ static void pci_host_config_write(void *opaque, target_phys_addr_t addr,
PCI_DPRINTF("%s addr " TARGET_FMT_plx " len %d val %"PRIx64"\n",
__func__, addr, len, val);
+ if (addr != 0 || len != 4) {
+ return;
+ }
s->config_reg = val;
}

8
qemu.spec
View File

@ -38,7 +38,7 @@
Summary: QEMU is a FAST! processor emulator Summary: QEMU is a FAST! processor emulator
Name: qemu Name: qemu
Version: 1.0.1 Version: 1.0.1
Release: 3%{?dist} Release: 4%{?dist}
# Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped # Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped
Epoch: 2 Epoch: 2
License: GPLv2+ and LGPLv2+ and BSD License: GPLv2+ and LGPLv2+ and BSD
@ -126,6 +126,7 @@ Patch147: 0147-usb-ehci-Ensure-frindex-writes-leave-a-valid-frindex.patch
# General bug fixes # General bug fixes
Patch202: qemu-virtio-9p-noatime.patch Patch202: qemu-virtio-9p-noatime.patch
Patch203: 0203-pci-fix-corrupted-pci-conf-index-register-by-unaligned-write.patch
# Feature patches, should be in 1.1 before release # Feature patches, should be in 1.1 before release
Patch301: enable_architectural_PMU_cpuid_leaf.patch Patch301: enable_architectural_PMU_cpuid_leaf.patch
@ -495,6 +496,7 @@ such as kvm_stat.
%patch147 -p1 %patch147 -p1
%patch202 -p1 %patch202 -p1
%patch203 -p1
%patch301 -p1 %patch301 -p1
%patch302 -p1 %patch302 -p1
@ -991,6 +993,10 @@ fi
%{_mandir}/man1/qemu-img.1* %{_mandir}/man1/qemu-img.1*
%changelog %changelog
* Wed Jan 30 2013 Kyle McMartin <kmcmarti@redhat.com> - 2:1.0.1-4
- pci: fix unaligned writes to pci config index register (rhbz#830261)
(resulted in NetBSD being unable to boot in a VM.)
* Wed Jan 16 2013 Cole Robinson <crobinso@redhat.com> - 2:1.0.1-3 * Wed Jan 16 2013 Cole Robinson <crobinso@redhat.com> - 2:1.0.1-3
- CVE-2012-6075: Buffer overflow in e1000 nic (bz #889301, bz #889304) - CVE-2012-6075: Buffer overflow in e1000 nic (bz #889301, bz #889304)