diff options
Diffstat (limited to 'app-emulation/qemu/files/qemu-6.2.0-user-SLIC-crash.patch')
| -rw-r--r-- | app-emulation/qemu/files/qemu-6.2.0-user-SLIC-crash.patch | 173 |
1 files changed, 0 insertions, 173 deletions
diff --git a/app-emulation/qemu/files/qemu-6.2.0-user-SLIC-crash.patch b/app-emulation/qemu/files/qemu-6.2.0-user-SLIC-crash.patch deleted file mode 100644 index 76809782b5f7..000000000000 --- a/app-emulation/qemu/files/qemu-6.2.0-user-SLIC-crash.patch +++ /dev/null @@ -1,173 +0,0 @@ -Gentoo bug: https://bugs.gentoo.org/830170 -Upstream bug: https://gitlab.com/qemu-project/qemu/-/issues/786 -Patches taken from -https://lore.kernel.org/qemu-devel/20211227193120.1084176-1-imammedo@redhat.com/ - -commit dce6c86f54eab61028e110497c222e73381379df -Author: Igor Mammedov <imammedo@redhat.com> -Date: Mon Dec 27 14:31:17 2021 -0500 - - acpi: fix QEMU crash when started with SLIC table - - if QEMU is started with used provided SLIC table blob, - - -acpitable sig=SLIC,oem_id='CRASH ',oem_table_id="ME",oem_rev=00002210,asl_compiler_id="",asl_compiler_rev=00000000,data=/dev/null - it will assert with: - - hw/acpi/aml-build.c:61:build_append_padded_str: assertion failed: (len <= maxlen) - - and following backtrace: - - ... - build_append_padded_str (array=0x555556afe320, str=0x555556afdb2e "CRASH ME", maxlen=0x6, pad=0x20) at hw/acpi/aml-build.c:61 - acpi_table_begin (desc=0x7fffffffd1b0, array=0x555556afe320) at hw/acpi/aml-build.c:1727 - build_fadt (tbl=0x555556afe320, linker=0x555557ca3830, f=0x7fffffffd318, oem_id=0x555556afdb2e "CRASH ME", oem_table_id=0x555556afdb34 "ME") at hw/acpi/aml-build.c:2064 - ... - - which happens due to acpi_table_begin() expecting NULL terminated - oem_id and oem_table_id strings, which is normally the case, but - in case of user provided SLIC table, oem_id points to table's blob - directly and as result oem_id became longer than expected. - - Fix issue by handling oem_id consistently and make acpi_get_slic_oem() - return NULL terminated strings. - - PS: - After [1] refactoring, oem_id semantics became inconsistent, where - NULL terminated string was coming from machine and old way pointer - into byte array coming from -acpitable option. That used to work - since build_header() wasn't expecting NULL terminated string and - blindly copied the 1st 6 bytes only. - - However commit [2] broke that by replacing build_header() with - acpi_table_begin(), which was expecting NULL terminated string - and was checking oem_id size. - - 1) 602b45820 ("acpi: Permit OEM ID and OEM table ID fields to be changed") - 2) - Fixes: 4b56e1e4eb08 ("acpi: build_fadt: use acpi_table_begin()/acpi_table_end() instead of build_header()") - Resolves: https://gitlab.com/qemu-project/qemu/-/issues/786 - Signed-off-by: Igor Mammedov <imammedo@redhat.com> - -diff --git a/hw/acpi/core.c b/hw/acpi/core.c -index 1e004d0078..3e811bf03c 100644 ---- a/hw/acpi/core.c -+++ b/hw/acpi/core.c -@@ -345,8 +345,8 @@ int acpi_get_slic_oem(AcpiSlicOem *oem) - struct acpi_table_header *hdr = (void *)(u - sizeof(hdr->_length)); - - if (memcmp(hdr->sig, "SLIC", 4) == 0) { -- oem->id = hdr->oem_id; -- oem->table_id = hdr->oem_table_id; -+ oem->id = g_strndup(hdr->oem_id, 6); -+ oem->table_id = g_strndup(hdr->oem_table_id, 8); - return 0; - } - } -diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c -index a99c6e4fe3..570f82997b 100644 ---- a/hw/i386/acpi-build.c -+++ b/hw/i386/acpi-build.c -@@ -2721,6 +2721,8 @@ void acpi_build(AcpiBuildTables *tables, MachineState *machine) - - /* Cleanup memory that's no longer used. */ - g_array_free(table_offsets, true); -+ g_free(slic_oem.id); -+ g_free(slic_oem.table_id); - } - - static void acpi_ram_update(MemoryRegion *mr, GArray *data) - -commit a22de122ad03ea40953ad0328b2c3e31002d8052 -Author: Igor Mammedov <imammedo@redhat.com> -Date: Mon Dec 27 14:31:18 2021 -0500 - - tests: acpi: whitelist expected blobs before changing them - - Signed-off-by: Igor Mammedov <imammedo@redhat.com> - -diff --git a/tests/data/acpi/q35/FACP.slic b/tests/data/acpi/q35/FACP.slic -new file mode 100644 -index 0000000000..f6a864cc86 -Binary files /dev/null and b/tests/data/acpi/q35/FACP.slic differ -diff --git a/tests/data/acpi/q35/SLIC.slic b/tests/data/acpi/q35/SLIC.slic -new file mode 100644 -index 0000000000..e69de29bb2 -diff --git a/tests/qtest/bios-tables-test-allowed-diff.h b/tests/qtest/bios-tables-test-allowed-diff.h -index dfb8523c8b..49dbf8fa3e 100644 ---- a/tests/qtest/bios-tables-test-allowed-diff.h -+++ b/tests/qtest/bios-tables-test-allowed-diff.h -@@ -1 +1,3 @@ - /* List of comma-separated changed AML files to ignore */ -+"tests/data/acpi/q35/FACP.slic", -+"tests/data/acpi/q35/SLIC.slic", - -commit cb913395d76f8fdfd7f1d0c8ea77d4710821bbd3 -Author: Igor Mammedov <imammedo@redhat.com> -Date: Mon Dec 27 14:31:19 2021 -0500 - - tests: acpi: add SLIC table test - - When user uses '-acpitable' to add SLIC table, some ACPI - tables (FADT) will change its 'Oem ID'/'Oem Table ID' fields to - match that of SLIC. Test makes sure thati QEMU handles - those fields correctly when SLIC table is added with - '-acpitable' option. - - Signed-off-by: Igor Mammedov <imammedo@redhat.com> - -diff --git a/tests/qtest/bios-tables-test.c b/tests/qtest/bios-tables-test.c -index 258874167e..ae7ef13ec7 100644 ---- a/tests/qtest/bios-tables-test.c -+++ b/tests/qtest/bios-tables-test.c -@@ -1567,6 +1567,19 @@ static void test_acpi_oem_fields_virt(void) - g_free(args); - } - -+static void test_acpi_q35_slic(void) -+{ -+ test_data data = { -+ .machine = MACHINE_Q35, -+ .variant = ".slic", -+ }; -+ -+ test_acpi_one("-acpitable sig=SLIC,oem_id='CRASH ',oem_table_id='ME'," -+ "oem_rev=00002210,asl_compiler_id='qemu'," -+ "asl_compiler_rev=00000000,data=/dev/null", -+ &data); -+ free_test_data(&data); -+} - - int main(int argc, char *argv[]) - { -@@ -1639,6 +1652,7 @@ int main(int argc, char *argv[]) - qtest_add_func("acpi/q35/kvm/xapic", test_acpi_q35_kvm_xapic); - qtest_add_func("acpi/q35/kvm/dmar", test_acpi_q35_kvm_dmar); - } -+ qtest_add_func("acpi/q35/slic", test_acpi_q35_slic); - } else if (strcmp(arch, "aarch64") == 0) { - if (has_tcg) { - qtest_add_func("acpi/virt", test_acpi_virt_tcg); - -commit ffba261306370e0ad8506401b104be5fa4749ade -Author: Igor Mammedov <imammedo@redhat.com> -Date: Mon Dec 27 14:31:20 2021 -0500 - - tests: acpi: SLIC: update expected blobs - - Signed-off-by: Igor Mammedov <imammedo@redhat.com> - -diff --git a/tests/data/acpi/q35/FACP.slic b/tests/data/acpi/q35/FACP.slic -index f6a864cc86..891fd4b784 100644 -Binary files a/tests/data/acpi/q35/FACP.slic and b/tests/data/acpi/q35/FACP.slic differ -diff --git a/tests/data/acpi/q35/SLIC.slic b/tests/data/acpi/q35/SLIC.slic -index e69de29bb2..fd26592e24 100644 -Binary files a/tests/data/acpi/q35/SLIC.slic and b/tests/data/acpi/q35/SLIC.slic differ -diff --git a/tests/qtest/bios-tables-test-allowed-diff.h b/tests/qtest/bios-tables-test-allowed-diff.h -index 49dbf8fa3e..dfb8523c8b 100644 ---- a/tests/qtest/bios-tables-test-allowed-diff.h -+++ b/tests/qtest/bios-tables-test-allowed-diff.h -@@ -1,3 +1 @@ - /* List of comma-separated changed AML files to ignore */ --"tests/data/acpi/q35/FACP.slic", --"tests/data/acpi/q35/SLIC.slic", |