OpenE2K/qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
8cdb99af45
qemu-e2k/hw/i386
History
Igor Mammedov 8cdb99af45 acpi: fix QEMU crash when started with SLIC table 
if QEMU is started with used provided SLIC table blob,

  -acpitable sig=SLIC,oem_id='CRASH ',oem_table_id="ME",oem_rev=00002210,asl_compiler_id="",asl_compiler_rev=00000000,data=/dev/null
it will assert with:

  hw/acpi/aml-build.c:61:build_append_padded_str: assertion failed: (len <= maxlen)

and following backtrace:

  ...
  build_append_padded_str (array=0x555556afe320, str=0x555556afdb2e "CRASH ME", maxlen=0x6, pad=0x20) at hw/acpi/aml-build.c:61
  acpi_table_begin (desc=0x7fffffffd1b0, array=0x555556afe320) at hw/acpi/aml-build.c:1727
  build_fadt (tbl=0x555556afe320, linker=0x555557ca3830, f=0x7fffffffd318, oem_id=0x555556afdb2e "CRASH ME", oem_table_id=0x555556afdb34 "ME") at hw/acpi/aml-build.c:2064
  ...

which happens due to acpi_table_begin() expecting NULL terminated
oem_id and oem_table_id strings, which is normally the case, but
in case of user provided SLIC table, oem_id points to table's blob
directly and as result oem_id became longer than expected.

Fix issue by handling oem_id consistently and make acpi_get_slic_oem()
return NULL terminated strings.

PS:
After [1] refactoring, oem_id semantics became inconsistent, where
NULL terminated string was coming from machine and old way pointer
into byte array coming from -acpitable option. That used to work
since build_header() wasn't expecting NULL terminated string and
blindly copied the 1st 6 bytes only.

However commit [2] broke that by replacing build_header() with
acpi_table_begin(), which was expecting NULL terminated string
and was checking oem_id size.

1) 602b45820 ("acpi: Permit OEM ID and OEM table ID fields to be changed")
2)
Fixes: 4b56e1e4eb ("acpi: build_fadt: use acpi_table_begin()/acpi_table_end() instead of build_header()")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/786
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20211227193120.1084176-2-imammedo@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Denis Lisov <dennis.lissov@gmail.com>
Tested-by: Alexander Tsoy <alexander@tsoy.me>
Cc: qemu-stable@nongnu.org
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-01-07 19:30:13 -05:00
..
kvm i386/kvm: Replace abs64() with uabs64() from host-utils 2021-09-29 19:37:38 +10:00
xen memory: make global_dirty_tracking a bitmask 2021-11-01 22:56:43 +01:00
acpi-build.c acpi: fix QEMU crash when started with SLIC table 2022-01-07 19:30:13 -05:00
acpi-build.h hw/acpi/ich9: Enable ACPI PCI hot-plug 2021-07-16 04:33:35 -04:00
acpi-common.c acpi: x86: madt: use build_append_int_noprefix() API to compose MADT table 2021-10-05 17:30:57 -04:00
acpi-common.h misc: Correct relative include path 2021-06-05 21:10:42 +02:00
acpi-microvm.c acpi: build_dsdt_microvm: use acpi_table_begin()/acpi_table_end() instead of build_header() 2021-10-05 17:30:57 -04:00
acpi-microvm.h microvm/acpi: add minimal acpi support 2020-09-17 14:16:19 +02:00
amd_iommu.c dma: Let dma_memory_read/write() take MemTxAttrs argument 2021-12-30 17:16:32 +01:00
amd_iommu.h Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
e820_memory_layout.c hw/i386/pc: Extract e820 memory layout code 2019-09-16 17:13:07 +02:00
e820_memory_layout.h hw/i386/pc: Extract e820 memory layout code 2019-09-16 17:13:07 +02:00
fw_cfg.c hw/i386/fw_cfg: Set SGX bits in feature control fw_cfg accordingly 2021-09-30 15:30:24 +02:00
fw_cfg.h acpi: factor out fw_cfg_add_acpi_dsdt() 2020-06-24 17:18:28 -04:00
generic_event_device_x86.c acpi: ged: add x86 device variant. 2020-09-17 14:16:19 +02:00
intel_iommu_internal.h intel-iommu: ignore leaf SNP bit in scalable mode 2021-11-29 08:49:36 -05:00
intel_iommu.c intel-iommu: correctly check passthrough during translation 2022-01-07 19:30:13 -05:00
Kconfig hw/i386/pc: Allow instantiating a virtio-iommu device 2021-11-01 18:49:10 -04:00
kvmvapic.c Do not include cpu.h if it's not really necessary 2021-05-02 17:24:51 +02:00
meson.build microvm: add device tree support. 2021-11-02 17:24:17 +01:00
microvm-dt.c microvm: check g_file_set_contents() return value 2021-11-22 11:14:28 +01:00
microvm-dt.h microvm: add device tree support. 2021-11-02 17:24:17 +01:00
microvm.c * Build system fixes and cleanups 2021-11-03 13:07:30 -04:00
multiboot.c target/i386: use DMA-enabled multiboot ROM for new-enough QEMU machine types 2021-11-02 15:57:27 +01:00
multiboot.h target/i386: use DMA-enabled multiboot ROM for new-enough QEMU machine types 2021-11-02 15:57:27 +01:00
pc_piix.c hw/i386: expose a "smbios-entry-point-type" PC machine property 2022-01-07 05:19:55 -05:00
pc_q35.c hw/i386: expose a "smbios-entry-point-type" PC machine property 2022-01-07 05:19:55 -05:00
pc_sysfw_ovmf-stubs.c hw/i386: Introduce X86_FW_OVMF Kconfig symbol 2021-07-14 22:28:58 +02:00
pc_sysfw_ovmf.c hw/i386: Introduce X86_FW_OVMF Kconfig symbol 2021-07-14 22:28:58 +02:00
pc_sysfw.c target/i386/sev: Declare system-specific functions in 'sev.h' 2021-10-13 10:47:49 +02:00
pc.c virtio-mem: Set "unplugged-inaccessible=auto" for the 7.0 machine on x86 2022-01-07 19:30:13 -05:00
port92.c Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
sgx-epc.c numa: Enable numa for SGX EPC sections 2021-12-10 09:47:18 +01:00
sgx-stub.c numa: Enable numa for SGX EPC sections 2021-12-10 09:47:18 +01:00
sgx.c numa: Support SGX numa in the monitor and Libvirt interfaces 2021-12-10 09:47:18 +01:00
trace-events docs: fix references to docs/devel/tracing.rst 2021-06-02 06:51:09 +02:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00
vmmouse.c hw/i386/vmmouse: Require 'i8042' property to be set 2021-12-18 10:57:37 +01:00
vmport.c Do not include cpu.h if it's not really necessary 2021-05-02 17:24:51 +02:00
x86-iommu-stub.c hw/i386/pc: Remove x86_iommu_get_type() 2021-11-01 18:49:10 -04:00
x86-iommu.c hw/i386/pc: Move IOMMU singleton into PCMachineState 2021-11-01 18:49:10 -04:00
x86.c target/i386: use DMA-enabled multiboot ROM for new-enough QEMU machine types 2021-11-02 15:57:27 +01:00