808a2e2dfa
CVE-2016-6833: vmxnet3: use-after-free (bz #1368982) CVE-2016-6490: virtio: infinite loop in virtqueue_pop (bz #1361428) CVE-2016-7156: pvscsi: infinite loop when building SG list (bz #1373480) CVE-2016-7170: vmware_vga: OOB stack memory access (bz #1374709) CVE-2016-7161: net: Heap overflow in xlnx.xps-ethernetlite (bz #1379298) CVE-2016-7466: usb: xhci memory leakage during device unplug (bz #1377838) CVE-2016-7422: virtio: null pointer dereference (bz #1376756) CVE-2016-7908: net: Infinite loop in mcf_fec_do_tx (bz #1381193) CVE-2016-8576: usb: xHCI: infinite loop vulnerability (bz #1382322) CVE-2016-7995: usb: hcd-ehci: memory leak (bz #1382669) Don't depend on edk2 roms where they aren't available (bz #1373576)
56 lines
2.2 KiB
Diff
56 lines
2.2 KiB
Diff
From: Paolo Bonzini <pbonzini@redhat.com>
|
|
Date: Mon, 20 Jun 2016 16:32:39 +0200
|
|
Subject: [PATCH] scsi: esp: fix migration
|
|
|
|
Commit 926cde5 ("scsi: esp: make cmdbuf big enough for maximum CDB size",
|
|
2016-06-16) changed the size of a migrated field. Split it in two
|
|
parts, and only migrate the second part in a new vmstate version.
|
|
|
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
(cherry picked from commit cc96677469388bad3d66479379735cf75db069e3)
|
|
---
|
|
hw/scsi/esp.c | 5 +++--
|
|
include/migration/vmstate.h | 5 ++++-
|
|
2 files changed, 7 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/hw/scsi/esp.c b/hw/scsi/esp.c
|
|
index baa0a2c..1f2f2d3 100644
|
|
--- a/hw/scsi/esp.c
|
|
+++ b/hw/scsi/esp.c
|
|
@@ -574,7 +574,7 @@ static bool esp_mem_accepts(void *opaque, hwaddr addr,
|
|
|
|
const VMStateDescription vmstate_esp = {
|
|
.name ="esp",
|
|
- .version_id = 3,
|
|
+ .version_id = 4,
|
|
.minimum_version_id = 3,
|
|
.fields = (VMStateField[]) {
|
|
VMSTATE_BUFFER(rregs, ESPState),
|
|
@@ -585,7 +585,8 @@ const VMStateDescription vmstate_esp = {
|
|
VMSTATE_BUFFER(ti_buf, ESPState),
|
|
VMSTATE_UINT32(status, ESPState),
|
|
VMSTATE_UINT32(dma, ESPState),
|
|
- VMSTATE_BUFFER(cmdbuf, ESPState),
|
|
+ VMSTATE_PARTIAL_BUFFER(cmdbuf, ESPState, 16),
|
|
+ VMSTATE_BUFFER_START_MIDDLE_V(cmdbuf, ESPState, 16, 4),
|
|
VMSTATE_UINT32(cmdlen, ESPState),
|
|
VMSTATE_UINT32(do_cmd, ESPState),
|
|
VMSTATE_UINT32(dma_left, ESPState),
|
|
diff --git a/include/migration/vmstate.h b/include/migration/vmstate.h
|
|
index 84ee355..853a2bd 100644
|
|
--- a/include/migration/vmstate.h
|
|
+++ b/include/migration/vmstate.h
|
|
@@ -888,8 +888,11 @@ extern const VMStateInfo vmstate_info_bitmap;
|
|
#define VMSTATE_PARTIAL_BUFFER(_f, _s, _size) \
|
|
VMSTATE_STATIC_BUFFER(_f, _s, 0, NULL, 0, _size)
|
|
|
|
+#define VMSTATE_BUFFER_START_MIDDLE_V(_f, _s, _start, _v) \
|
|
+ VMSTATE_STATIC_BUFFER(_f, _s, _v, NULL, _start, sizeof(typeof_field(_s, _f)))
|
|
+
|
|
#define VMSTATE_BUFFER_START_MIDDLE(_f, _s, _start) \
|
|
- VMSTATE_STATIC_BUFFER(_f, _s, 0, NULL, _start, sizeof(typeof_field(_s, _f)))
|
|
+ VMSTATE_BUFFER_START_MIDDLE_V(_f, _s, _start, 0)
|
|
|
|
#define VMSTATE_PARTIAL_VBUFFER(_f, _s, _size) \
|
|
VMSTATE_VBUFFER(_f, _s, 0, NULL, 0, _size)
|