From patchwork Mon Feb 14 14:12:34 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ani Sinha X-Patchwork-Id: 1592627 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=anisinha-ca.20210112.gappssmtp.com header.i=@anisinha-ca.20210112.gappssmtp.com header.a=rsa-sha256 header.s=20210112 header.b=Y+B0CYJ1; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4Jy6ys5XHjz9s5B for ; Tue, 15 Feb 2022 02:07:33 +1100 (AEDT) Received: from localhost ([::1]:54842 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1nJcwt-0003CM-HP for incoming@patchwork.ozlabs.org; Mon, 14 Feb 2022 10:07:31 -0500 Received: from eggs.gnu.org ([209.51.188.92]:45042) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nJc6V-0003Gt-P7 for qemu-devel@nongnu.org; Mon, 14 Feb 2022 09:13:23 -0500 Received: from [2607:f8b0:4864:20::42a] (port=42756 helo=mail-pf1-x42a.google.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1nJc6U-0005Gp-1O for qemu-devel@nongnu.org; Mon, 14 Feb 2022 09:13:23 -0500 Received: by mail-pf1-x42a.google.com with SMTP id i6so27527973pfc.9 for ; Mon, 14 Feb 2022 06:13:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=anisinha-ca.20210112.gappssmtp.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=bHSDtq9nX65sHhUSEmWXPKE+bo44P0ZIROyPp3M0lPU=; b=Y+B0CYJ1ToWPVCbDHLmF3+TUZk0r/e9ER7tqak0kYHzp9wODux1RynM/9Ba9ijcMRl jllBeDC24wnOpxhzPj+asniFpBN+USWvqk1xuCUNItYrjPVajP6/DEyJTj+0uHnEq+bU Hc6UcqYpwY5Y1SFF6q4NBPdTziBC2ZUq54obreySekDDKdS7LayIk6MAM3xXagnJ/4K9 cDDBvAlAM055D8Pn6IRFzVuAavtAKvAn2aWJbE9a6Uby/+0yHooZz7/G4i7XY3/SQNfZ L1yKEpg/1lIHg/QQWT9lAJsMX1GtFWTQApZyGkwuKENyQCG2RR3uWA0growJ0ryWxDkY hhjQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=bHSDtq9nX65sHhUSEmWXPKE+bo44P0ZIROyPp3M0lPU=; b=v1L3UD8RNv8HncWUu8nBJX/+kshmjILoP02xNKG+eY+gn1PXkcl1yVgtTBbGToSevD zNAb36ptKzult1COaJQ7aLcjzTOxaloz+xuHIP1rtq0SAI3SJ6DD2GIK9oo342rOEXIK AS9fvgj9K9URYEzCjfk1nBifxDRu+nGMfH8NlN1l/6lTspCv6Kc7ndM3RPyDI98raKCl ftLNdQVRDN+V5kCrf5OTXsjbR57JQnKW3C/4J2GekWaKHm36gUPpznA/FMnaSWloo3gQ uXemXUXE8JVNTN+0VESME9q+SV+hWYk2nAAKs/We3E+FMe4h+7VxW+B+UAa3lnGs8jOo JLCw== X-Gm-Message-State: AOAM533S3JN6np0d1sSMz8LLeP7wWfyi3SOHze8t6I38+bW1KOluIvGr N7i4HEX6lQwQQkOwV+eevzVchJ3U4L3psA== X-Google-Smtp-Source: ABdhPJy3y0uu7VcOJ965MhVfbym8GETW4Ec+4z9RIyTCyqH7io/87iumExSljhcQyz8684A1HVZI4Q== X-Received: by 2002:a63:5166:: with SMTP id r38mr11929291pgl.99.1644848000354; Mon, 14 Feb 2022 06:13:20 -0800 (PST) Received: from anisinha-lenovo.ba.nuagenetworks.net ([115.96.127.101]) by smtp.googlemail.com with ESMTPSA id hk3sm9808340pjb.12.2022.02.14.06.13.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 14 Feb 2022 06:13:19 -0800 (PST) From: Ani Sinha To: qemu-devel@nongnu.org, "Michael S. Tsirkin" , Igor Mammedov , Ani Sinha Subject: [PATCH v3 1/3] hw/smbios: code cleanup - use macro definitions for table header handles Date: Mon, 14 Feb 2022 19:42:34 +0530 Message-Id: <20220214141237.47946-2-ani@anisinha.ca> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220214141237.47946-1-ani@anisinha.ca> References: <20220214141237.47946-1-ani@anisinha.ca> MIME-Version: 1.0 X-Host-Lookup-Failed: Reverse DNS lookup failed for 2607:f8b0:4864:20::42a (failed) Received-SPF: none client-ip=2607:f8b0:4864:20::42a; envelope-from=ani@anisinha.ca; helo=mail-pf1-x42a.google.com X-Spam_score_int: -4 X-Spam_score: -0.5 X-Spam_bar: / X-Spam_report: (-0.5 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, PDS_HP_HELO_NORDNS=0.635, RCVD_IN_DNSWL_NONE=-0.0001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" This is a minor cleanup. Using macro definitions makes the code more readable. It is at once clear which tables use which handle numbers in their header. It also makes it easy to calculate the gaps between the numbers and update them if needed. Reviewed-by: Igor Mammedov Signed-off-by: Ani Sinha --- hw/smbios/smbios.c | 38 ++++++++++++++++++++++++++------------ 1 file changed, 26 insertions(+), 12 deletions(-) diff --git a/hw/smbios/smbios.c b/hw/smbios/smbios.c index 6013df1698..56b412ce35 100644 --- a/hw/smbios/smbios.c +++ b/hw/smbios/smbios.c @@ -549,9 +549,23 @@ bool smbios_skip_table(uint8_t type, bool required_table) return true; } +#define T0_BASE 0x000 +#define T1_BASE 0x100 +#define T2_BASE 0x200 +#define T3_BASE 0x300 +#define T4_BASE 0x400 +#define T11_BASE 0xe00 + +#define T16_BASE 0x1000 +#define T17_BASE 0x1100 +#define T19_BASE 0x1300 +#define T32_BASE 0x2000 +#define T41_BASE 0x2900 +#define T127_BASE 0x7F00 + static void smbios_build_type_0_table(void) { - SMBIOS_BUILD_TABLE_PRE(0, 0x000, false); /* optional, leave up to BIOS */ + SMBIOS_BUILD_TABLE_PRE(0, T0_BASE, false); /* optional, leave up to BIOS */ SMBIOS_TABLE_SET_STR(0, vendor_str, type0.vendor); SMBIOS_TABLE_SET_STR(0, bios_version_str, type0.version); @@ -599,7 +613,7 @@ static void smbios_encode_uuid(struct smbios_uuid *uuid, QemuUUID *in) static void smbios_build_type_1_table(void) { - SMBIOS_BUILD_TABLE_PRE(1, 0x100, true); /* required */ + SMBIOS_BUILD_TABLE_PRE(1, T1_BASE, true); /* required */ SMBIOS_TABLE_SET_STR(1, manufacturer_str, type1.manufacturer); SMBIOS_TABLE_SET_STR(1, product_name_str, type1.product); @@ -619,7 +633,7 @@ static void smbios_build_type_1_table(void) static void smbios_build_type_2_table(void) { - SMBIOS_BUILD_TABLE_PRE(2, 0x200, false); /* optional */ + SMBIOS_BUILD_TABLE_PRE(2, T2_BASE, false); /* optional */ SMBIOS_TABLE_SET_STR(2, manufacturer_str, type2.manufacturer); SMBIOS_TABLE_SET_STR(2, product_str, type2.product); @@ -637,7 +651,7 @@ static void smbios_build_type_2_table(void) static void smbios_build_type_3_table(void) { - SMBIOS_BUILD_TABLE_PRE(3, 0x300, true); /* required */ + SMBIOS_BUILD_TABLE_PRE(3, T3_BASE, true); /* required */ SMBIOS_TABLE_SET_STR(3, manufacturer_str, type3.manufacturer); t->type = 0x01; /* Other */ @@ -662,7 +676,7 @@ static void smbios_build_type_4_table(MachineState *ms, unsigned instance) { char sock_str[128]; - SMBIOS_BUILD_TABLE_PRE(4, 0x400 + instance, true); /* required */ + SMBIOS_BUILD_TABLE_PRE(4, T4_BASE + instance, true); /* required */ snprintf(sock_str, sizeof(sock_str), "%s%2x", type4.sock_pfx, instance); SMBIOS_TABLE_SET_STR(4, socket_designation_str, sock_str); @@ -702,7 +716,7 @@ static void smbios_build_type_11_table(void) return; } - SMBIOS_BUILD_TABLE_PRE(11, 0xe00, true); /* required */ + SMBIOS_BUILD_TABLE_PRE(11, T11_BASE, true); /* required */ snprintf(count_str, sizeof(count_str), "%zu", type11.nvalues); t->count = type11.nvalues; @@ -722,7 +736,7 @@ static void smbios_build_type_16_table(unsigned dimm_cnt) { uint64_t size_kb; - SMBIOS_BUILD_TABLE_PRE(16, 0x1000, true); /* required */ + SMBIOS_BUILD_TABLE_PRE(16, T16_BASE, true); /* required */ t->location = 0x01; /* Other */ t->use = 0x03; /* System memory */ @@ -749,7 +763,7 @@ static void smbios_build_type_17_table(unsigned instance, uint64_t size) char loc_str[128]; uint64_t size_mb; - SMBIOS_BUILD_TABLE_PRE(17, 0x1100 + instance, true); /* required */ + SMBIOS_BUILD_TABLE_PRE(17, T17_BASE + instance, true); /* required */ t->physical_memory_array_handle = cpu_to_le16(0x1000); /* Type 16 above */ t->memory_error_information_handle = cpu_to_le16(0xFFFE); /* Not provided */ @@ -790,7 +804,7 @@ static void smbios_build_type_19_table(unsigned instance, { uint64_t end, start_kb, end_kb; - SMBIOS_BUILD_TABLE_PRE(19, 0x1300 + instance, true); /* required */ + SMBIOS_BUILD_TABLE_PRE(19, T19_BASE + instance, true); /* required */ end = start + size - 1; assert(end > start); @@ -814,7 +828,7 @@ static void smbios_build_type_19_table(unsigned instance, static void smbios_build_type_32_table(void) { - SMBIOS_BUILD_TABLE_PRE(32, 0x2000, true); /* required */ + SMBIOS_BUILD_TABLE_PRE(32, T32_BASE, true); /* required */ memset(t->reserved, 0, 6); t->boot_status = 0; /* No errors detected */ @@ -828,7 +842,7 @@ static void smbios_build_type_41_table(Error **errp) struct type41_instance *t41; QTAILQ_FOREACH(t41, &type41, next) { - SMBIOS_BUILD_TABLE_PRE(41, 0x2900 + instance, true); + SMBIOS_BUILD_TABLE_PRE(41, T41_BASE + instance, true); SMBIOS_TABLE_SET_STR(41, reference_designation_str, t41->designation); t->device_type = t41->kind; @@ -871,7 +885,7 @@ static void smbios_build_type_41_table(Error **errp) static void smbios_build_type_127_table(void) { - SMBIOS_BUILD_TABLE_PRE(127, 0x7F00, true); /* required */ + SMBIOS_BUILD_TABLE_PRE(127, T127_BASE, true); /* required */ SMBIOS_BUILD_TABLE_POST; } From patchwork Mon Feb 14 14:12:35 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ani Sinha X-Patchwork-Id: 1592622 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=anisinha-ca.20210112.gappssmtp.com header.i=@anisinha-ca.20210112.gappssmtp.com header.a=rsa-sha256 header.s=20210112 header.b=S4hITY6W; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4Jy6gy2gjQz9s0r for ; Tue, 15 Feb 2022 01:54:38 +1100 (AEDT) Received: from localhost ([::1]:39544 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1nJckM-0000fM-Qm for incoming@patchwork.ozlabs.org; Mon, 14 Feb 2022 09:54:35 -0500 Received: from eggs.gnu.org ([209.51.188.92]:45178) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nJc6a-0003Ls-5V for qemu-devel@nongnu.org; Mon, 14 Feb 2022 09:13:30 -0500 Received: from [2607:f8b0:4864:20::102c] (port=52002 helo=mail-pj1-x102c.google.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1nJc6Y-0005Hx-Ac for qemu-devel@nongnu.org; Mon, 14 Feb 2022 09:13:27 -0500 Received: by mail-pj1-x102c.google.com with SMTP id y9so14690138pjf.1 for ; Mon, 14 Feb 2022 06:13:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=anisinha-ca.20210112.gappssmtp.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=IHZw2NbsTOllQQr+WFDECfmcdwGjfsvAlTYrot4L37o=; b=S4hITY6W+Xngk8d4Xf6x9fCreNZ+co9PqqKL8lWOslB4SoedUgfGnS7mJ7hJUcL4pA jVkK5Oq32HahB4jIdJUzm6w21aYN0wn8bmkYCVpirV4kQrhniTNTpgrWJg6dOUCJl5p1 XONLqLt3oauACgp7VM3Rz4c03FOu1bWX10Po63eoQDujVELo3rxKsCQ9soTmWaZFqaIm CmM0m3SyOO7KMKBDTQUjOi4yDiDJaqK7gYX0OfxSTjD2jRf78wVw/gqVvGxWhvfbuwDK KPRx4smPKcR56V0jej9N+lcMmvjO6MvJ41MDNxqceU1FRwZzpsSOnNL3TrMUySz/plyv GV3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=IHZw2NbsTOllQQr+WFDECfmcdwGjfsvAlTYrot4L37o=; b=G8aW3zxdQdSd2zERSAhnTAGp+N7+iOj9ZOm1nkE8CC7LJVbacfWGtYEz2RN8PNQ3ae D6gaR9w6dQc2fSyT9nUGnVaAPFhhG3xcrAyLsBx4rlEFT6KHisFvz0owY54KNngybJYL vfv8BQrqnqNaJdeNqF+VAT125VH6xUXvuCrtjQe2cuBKzAifczspf19BKU5X2hxVpdec g41E6zVtxlDXVqVjAKnoHRWTw5A+dUZEDgrv+dRruDhFJHgasREBJjeapYq+vCDix/IM tCJ+znFJpiF0CZXo92g7jz10AVkgYPMYu0URnIu/EKfmP38kvyPR07sVykFH26T6ME9f FPPQ== X-Gm-Message-State: AOAM530CphefZyMVY9o29d9FJq0q0yKamgjPmIlq9rALA11tFMHhKwXy T4zbd9JKZPJAQCmh2Adsi2Ul7GQNpYFYPQ== X-Google-Smtp-Source: ABdhPJyggusg7PuolYAH4vUknvcoBCN5d00OH+j5VnH6QZp0wWDQ4oPxQBwBdM+YbuAKg5q+GtAVmQ== X-Received: by 2002:a17:90a:4f:: with SMTP id 15mr14790405pjb.218.1644848004808; Mon, 14 Feb 2022 06:13:24 -0800 (PST) Received: from anisinha-lenovo.ba.nuagenetworks.net ([115.96.127.101]) by smtp.googlemail.com with ESMTPSA id hk3sm9808340pjb.12.2022.02.14.06.13.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 14 Feb 2022 06:13:24 -0800 (PST) From: Ani Sinha To: qemu-devel@nongnu.org, "Michael S. Tsirkin" , Igor Mammedov , Ani Sinha Subject: [PATCH v3 2/3] hw/smbios: fix table memory corruption with large memory vms Date: Mon, 14 Feb 2022 19:42:35 +0530 Message-Id: <20220214141237.47946-3-ani@anisinha.ca> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220214141237.47946-1-ani@anisinha.ca> References: <20220214141237.47946-1-ani@anisinha.ca> MIME-Version: 1.0 X-Host-Lookup-Failed: Reverse DNS lookup failed for 2607:f8b0:4864:20::102c (failed) Received-SPF: none client-ip=2607:f8b0:4864:20::102c; envelope-from=ani@anisinha.ca; helo=mail-pj1-x102c.google.com X-Spam_score_int: -4 X-Spam_score: -0.5 X-Spam_bar: / X-Spam_report: (-0.5 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, PDS_HP_HELO_NORDNS=0.635, RCVD_IN_DNSWL_NONE=-0.0001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" The current smbios table implementation splits the main memory in 16 GiB (DIMM like) chunks. With the current smbios table assignment code, we can have only 512 such chunks before the 16 bit handle numbers in the header for tables 17 and 19 conflict. A guest with more than 8 TiB of memory will hit this limitation and would fail with the following assertion in isa-debugcon: ASSERT_EFI_ERROR (Status = Already started) ASSERT /builddir/build/BUILD/edk2-ca407c7246bf/OvmfPkg/SmbiosPlatformDxe/SmbiosPlatformDxe.c(125): !EFI_ERROR (Status) This change adds an additional offset between tables 17 and 19 handle numbers when configuring VMs larger than 8 TiB of memory. The value of the offset is calculated to be equal to the additional space required to be reserved in order to accomodate more DIMM entries without the table handles colliding. In normal cases where the VM memory is smaller or equal to 8 TiB, this offset value is 0. Hence in this case, no additional handle numbers are reserved and table handle values remain as before. As table handles are altered for large memory VMs, this change can break migration in those cases. However, in those situations, qemu crashes anyway without this fix and hence we do not preserve the old bug by introducing compat knobs/machine types. Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=2023977 Signed-off-by: Ani Sinha Reviewed-by: Igor Mammedov --- hw/smbios/smbios.c | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) changelog: v3: reworded the commit log and comment in code. diff --git a/hw/smbios/smbios.c b/hw/smbios/smbios.c index 56b412ce35..44c53797a4 100644 --- a/hw/smbios/smbios.c +++ b/hw/smbios/smbios.c @@ -799,12 +799,13 @@ static void smbios_build_type_17_table(unsigned instance, uint64_t size) SMBIOS_BUILD_TABLE_POST; } -static void smbios_build_type_19_table(unsigned instance, +static void smbios_build_type_19_table(unsigned instance, unsigned offset, uint64_t start, uint64_t size) { uint64_t end, start_kb, end_kb; - SMBIOS_BUILD_TABLE_PRE(19, T19_BASE + instance, true); /* required */ + SMBIOS_BUILD_TABLE_PRE(19, T19_BASE + offset + instance, + true); /* required */ end = start + size - 1; assert(end > start); @@ -996,7 +997,7 @@ void smbios_get_tables(MachineState *ms, uint8_t **anchor, size_t *anchor_len, Error **errp) { - unsigned i, dimm_cnt; + unsigned i, dimm_cnt, offset; if (smbios_legacy) { *tables = *anchor = NULL; @@ -1026,6 +1027,16 @@ void smbios_get_tables(MachineState *ms, dimm_cnt = QEMU_ALIGN_UP(current_machine->ram_size, MAX_DIMM_SZ) / MAX_DIMM_SZ; + /* + * The offset determines if we need to keep additional space betweeen + * table 17 and table 19 header handle numbers so that they do + * not overlap. For example, for a VM with larger than 8 TB guest + * memory and DIMM like chunks of 16 GiB, the default space between + * the two tables (T19_BASE - T17_BASE = 512) is not enough. + */ + offset = (dimm_cnt > (T19_BASE - T17_BASE)) ? \ + dimm_cnt - (T19_BASE - T17_BASE) : 0; + smbios_build_type_16_table(dimm_cnt); for (i = 0; i < dimm_cnt; i++) { @@ -1033,7 +1044,7 @@ void smbios_get_tables(MachineState *ms, } for (i = 0; i < mem_array_size; i++) { - smbios_build_type_19_table(i, mem_array[i].address, + smbios_build_type_19_table(i, offset, mem_array[i].address, mem_array[i].length); } From patchwork Mon Feb 14 14:12:36 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ani Sinha X-Patchwork-Id: 1592625 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=anisinha-ca.20210112.gappssmtp.com header.i=@anisinha-ca.20210112.gappssmtp.com header.a=rsa-sha256 header.s=20210112 header.b=wJyqgUHP; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4Jy6pS6Wwxz9s5B for ; Tue, 15 Feb 2022 02:00:16 +1100 (AEDT) Received: from localhost ([::1]:47012 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1nJcpq-0005vd-3p for incoming@patchwork.ozlabs.org; Mon, 14 Feb 2022 10:00:14 -0500 Received: from eggs.gnu.org ([209.51.188.92]:45200) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nJc6i-0003O0-6Y for qemu-devel@nongnu.org; Mon, 14 Feb 2022 09:13:38 -0500 Received: from [2607:f8b0:4864:20::433] (port=45887 helo=mail-pf1-x433.google.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1nJc6g-0005IV-Px for qemu-devel@nongnu.org; Mon, 14 Feb 2022 09:13:35 -0500 Received: by mail-pf1-x433.google.com with SMTP id p10so8784644pfo.12 for ; Mon, 14 Feb 2022 06:13:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=anisinha-ca.20210112.gappssmtp.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=+khw6U6y+8T0a5P4YmrSF4T8TdATIQD/T3tJuNMPB/Q=; b=wJyqgUHPK38DzRyOQzc932BTccRSdo0igozOpcjCxaLPEgydZHp8NZTigU2TNAPnRS 7oysWee3AbTX/sZtkgIWIlqoDScLaVMsA25X7y3Al7pvVW1GAXjm0dcc4mvyE7FfSVJk 4+PelnJXvTyeILyxpgSvqqog80QwOnas34/4y3G9q4LT52Sgn+1OQf/i8RUv8wuTtI/e 49zlRITDQj8oDEq3HO4tLhtVmHZhWbJpGiqAvRyxnmjleKElxC6ABCoz97JMvwifweLv 7hQeIntftF9I1XVuM9MhDr+LGOtIKQYI44A9CVEi7FaSE0WtoX/SiLYMMhSbBULEuV4p LitQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=+khw6U6y+8T0a5P4YmrSF4T8TdATIQD/T3tJuNMPB/Q=; b=s1EDNL7oUTnethLU6yVQvWwVDsKhVsfovAGFEn2EghjgE3OsawdmEAvnwRylSpEqIW YihdWd972ghK6G7poQUtxJinmtxQsqYF89lvCnyqqbfkOLfRgKQ+eERjP8qj7zspFe1B XoJhfS2VapSCNRc5dZv/FeX2qLUq1ZA0fAqlBhfhq1zoNFisxkDst76jHr/A9ppSpuXL GvU808x9T/stvh9wVfDgmYGakjuh41bYENGUCrOIqw7+Dbu413u4qzNBoprEK65Tp+BP 1IS7Ml9IEzes7IrSoGqCzEiHLTZHlyPxS86E6dMYc2NaREl7tYgJVF8XZ4Axmc6xckFS +ZZQ== X-Gm-Message-State: AOAM5324Rk7HF5wcxcox2y7ta8pFLKnV/EgoXX9P+8hUv/nyNuBqozWe +csRyBarHonaTePDTtjFg3qhQrsC+eoDCw== X-Google-Smtp-Source: ABdhPJxyESkUxvhTi1Z3qc6MhXGJKj0urMaSU/AjPORDPc4iMepGtczdFDdFAeX8Dzon7e/z5exXoA== X-Received: by 2002:a63:5226:: with SMTP id g38mr12047023pgb.620.1644848013026; Mon, 14 Feb 2022 06:13:33 -0800 (PST) Received: from anisinha-lenovo.ba.nuagenetworks.net ([115.96.127.101]) by smtp.googlemail.com with ESMTPSA id hk3sm9808340pjb.12.2022.02.14.06.13.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 14 Feb 2022 06:13:32 -0800 (PST) From: Ani Sinha To: qemu-devel@nongnu.org, "Michael S. Tsirkin" , Igor Mammedov , Ani Sinha Subject: [PATCH v3 3/3] hw/smbios: add assertion to ensure handles of tables 19 and 32 do not collide Date: Mon, 14 Feb 2022 19:42:36 +0530 Message-Id: <20220214141237.47946-4-ani@anisinha.ca> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220214141237.47946-1-ani@anisinha.ca> References: <20220214141237.47946-1-ani@anisinha.ca> MIME-Version: 1.0 X-Host-Lookup-Failed: Reverse DNS lookup failed for 2607:f8b0:4864:20::433 (failed) Received-SPF: none client-ip=2607:f8b0:4864:20::433; envelope-from=ani@anisinha.ca; helo=mail-pf1-x433.google.com X-Spam_score_int: -4 X-Spam_score: -0.5 X-Spam_bar: / X-Spam_report: (-0.5 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, PDS_HP_HELO_NORDNS=0.635, RCVD_IN_DNSWL_NONE=-0.0001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" Since change b3cddba9c14b034 ("hw/smbios: fix table memory corruption with large memory vms") we reserve additional space between handle numbers of tables 17 and 19 for large VMs. This may cause table 19 to collide with table 32 in their handle numbers for those large VMs. This change adds an assertion to ensure numbers do not collide. If they do, qemu crashes with useful debug information for taking additional steps. Signed-off-by: Ani Sinha Reviewed-by: Igor Mammedov --- hw/smbios/smbios.c | 6 ++++++ 1 file changed, 6 insertions(+) changelog: v3: reworded the commit log and comment in code. diff --git a/hw/smbios/smbios.c b/hw/smbios/smbios.c index 44c53797a4..1f8d5c252f 100644 --- a/hw/smbios/smbios.c +++ b/hw/smbios/smbios.c @@ -1048,6 +1048,12 @@ void smbios_get_tables(MachineState *ms, mem_array[i].length); } + /* + * make sure 16 bit handle numbers in the headers of tables 19 + * and 32 do not overlap. + */ + assert((mem_array_size + offset) < (T32_BASE - T19_BASE)); + smbios_build_type_32_table(); smbios_build_type_38_table(); smbios_build_type_41_table(errp);