QEMU With E2K User Support
Go to file
Stefan Hajnoczi a2e9011b41 ivshmem: Check ivshmem_read() size argument
The third argument to the fd_read() callback implemented by
ivshmem_read() is the number of bytes, not a flags field.  Fix this and
check we received enough bytes before accessing the buffer pointer.

Cc: Cam Macdonell <cam@cs.ualberta.ca>
Reported-by: Sebastian Krahmer <krahmer@suse.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
[AF: Handle partial reads via FIFO]
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Cc: qemu-stable@nongnu.org
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-10-31 17:01:44 +01:00
audio audio: Drop superfluous conditionals around g_free() 2014-06-13 12:34:54 +02:00
backends pci, pc, virtio, misc bugfixes 2014-09-18 20:02:01 +01:00
block iscsi: Refuse to open as writable if the LUN is write protected 2014-10-31 11:29:02 +01:00
bsd-user bsd-user: Fix syscall format, add strace support for more syscalls 2014-06-11 00:25:06 +01:00
default-configs PPC: Fix default config ordering and add eTSEC for ppc64 2014-09-08 12:50:54 +02:00
disas disas/libvixl/a64/instructions-a64.h: Remove unused constants 2014-10-24 12:19:12 +01:00
docs virtio-scsi fixes, the first part of dynamic sysbus devices, 2014-10-30 13:35:12 +00:00
dtc@bc895d6d09 dtc: add submodule 2013-04-18 13:50:53 +02:00
fpu softfloat: add functions corresponding to IEEE-2008 min/maxNumMag 2014-10-14 13:28:51 +01:00
fsdev virtfs-proxy-helper: fix call to accept 2014-04-28 08:55:32 +04:00
gdb-xml s390x/gdb: add the feature xml files for s390x 2014-09-01 09:45:19 +02:00
hw ivshmem: Check ivshmem_read() size argument 2014-10-31 17:01:44 +01:00
include scsi: devirtualize unrealize of SCSI devices 2014-10-31 11:29:02 +01:00
libcacard libcacard: don't free sign buffer while sign op is pending 2014-10-28 11:38:18 +01:00
libdecnumber libdecnumber: Fix warnings from smatch (missing static, boolean operations) 2014-08-24 13:21:06 +04:00
linux-headers linux-headers: update to 3.17-rc7 2014-10-10 10:37:47 +02:00
linux-user translate-all.c: memory walker initial address miscalculation 2014-10-06 21:53:35 +03:00
net Net patches 2014-09-04 17:39:07 +01:00
pc-bios linuxboot: compute initrd loading address 2014-10-09 15:36:15 +02:00
pixman@87eea99e44 pixman: update internal copy to pixman-0.32.6 2014-09-15 08:14:19 +02:00
po po: fix conflict with %.mo rule in rules.mak 2014-09-26 13:35:08 +02:00
qapi qapi: Add corrupt field to ImageInfoSpecificQCow2 2014-10-04 19:18:17 +01:00
qga qga: Rewrite code where using readdir_r 2014-10-22 07:49:52 -05:00
qobject json-lexer: fix escaped backslash in single-quoted string 2014-06-23 11:01:24 -04:00
qom qom: Demote already-has-a-parent to a regular error 2014-10-23 16:41:25 +02:00
roms Update OpenBIOS images 2014-09-25 13:34:03 +01:00
scripts kvm_stat: Add powerpc support 2014-10-31 16:36:23 +01:00
slirp slirp: udp: fix NULL pointer dereference because of uninitialized socket 2014-09-23 19:15:05 +01:00
stubs block: Code motion to get rid of stubs/blockdev.c 2014-10-20 13:41:26 +02:00
sysconfigs/target Eliminate cpus-x86_64.conf file 2012-09-21 15:12:58 +02:00
target-alpha target-alpha: Use cpu_exec_interrupt qom hook 2014-09-25 18:54:21 +01:00
target-arm target-arm: A32: Emulate the SMC instruction 2014-10-24 12:19:15 +01:00
target-cris gdbstub: Allow target CPUs to specify watchpoint STOP_BEFORE_ACCESS flag 2014-10-06 14:25:43 +01:00
target-i386 i386: fix breakpoints handling in icount mode 2014-10-31 16:41:05 +01:00
target-lm32 gdbstub: Allow target CPUs to specify watchpoint STOP_BEFORE_ACCESS flag 2014-10-06 14:25:43 +01:00
target-m68k target-m68k: Use cpu_exec_interrupt qom hook 2014-09-25 18:54:21 +01:00
target-microblaze target-microblaze: Use cpu_exec_interrupt qom hook 2014-09-25 18:54:22 +01:00
target-mips target-mips: add ULL suffix in bitswap to avoid compiler warning 2014-10-24 14:07:51 +01:00
target-moxie softmmu: introduce cpu_ldst.h 2014-06-05 16:10:33 +02:00
target-openrisc target-openrisc: Use cpu_exec_interrupt qom hook 2014-09-25 18:54:22 +01:00
target-ppc qdev: Drop legacy_name from qdev properties 2014-10-15 05:03:15 +02:00
target-s390x s390x/migration: migrate CPU state 2014-10-10 13:31:51 +02:00
target-sh4 target-sh4: Use cpu_exec_interrupt qom hook 2014-09-25 18:54:22 +01:00
target-sparc target-sparc: Use cpu_exec_interrupt qom hook 2014-09-25 18:54:22 +01:00
target-tricore target-tricore: Add instructions of BO opcode format 2014-10-20 12:25:07 +01:00
target-unicore32 target-unicore32: Use cpu_exec_interrupt qom hook 2014-09-25 18:54:22 +01:00
target-xtensa gdbstub: Allow target CPUs to specify watchpoint STOP_BEFORE_ACCESS flag 2014-10-06 14:25:43 +01:00
tcg tcg: Always enable TCGv type checking 2014-09-29 14:55:28 -04:00
tests iotests: Add test for qcow2 L1 table update 2014-10-23 15:34:02 +02:00
trace trace: [hmp] Reimplement "trace-event" and "info trace-events" using QMP 2014-09-26 09:34:38 +01:00
ui ui: Use the new ".mo-cflags" rule syntax for SDL_CFLAGS 2014-10-31 11:26:25 +01:00
util Four changes here. Polling for reconnection of character devices, 2014-10-09 15:09:05 +01:00
.exrc qemu: add .exrc 2012-09-07 09:02:44 +03:00
.gitignore trace: [tcg] Generate TCG tracing routines 2014-08-12 14:26:12 +01:00
.gitmodules PPC: Add u-boot firmware for e500 2014-06-16 13:24:35 +02:00
.mailmap Update mailmap 2013-09-05 09:40:31 -05:00
.travis.yml .travis.yml: remove "make check" from main matrix 2014-09-26 21:05:06 +04:00
accel.c accel: Create accel object when initializing machine 2014-10-09 15:36:14 +02:00
aio-posix.c AioContext: introduce aio_prepare 2014-08-29 10:46:58 +01:00
aio-win32.c aio-win32: avoid out-of-bounds access to the events array 2014-09-22 11:39:21 +01:00
arch_init.c migration: catch unknown flag combinations in ram_load 2014-10-14 11:24:20 +02:00
async.c async: aio_context_new(): Handle event_notifier_init failure 2014-09-22 11:39:48 +01:00
balloon.c qapi event: convert BALLOON_CHANGE 2014-06-23 11:12:28 -04:00
block-migration.c block: Rename BlockDriverAIOCB* to BlockAIOCB* 2014-10-20 13:41:27 +02:00
block.c block: Respect underlying file's EOF 2014-10-23 15:34:02 +02:00
blockdev-nbd.c block: Use g_new() & friends where that makes obvious sense 2014-08-20 11:51:28 +02:00
blockdev.c block: Lift device model API into BlockBackend 2014-10-20 14:03:50 +02:00
blockjob.c block: Rename BlockDriverCompletionFunc to BlockCompletionFunc 2014-10-20 13:41:27 +02:00
bootdevice.c bootindex: change fprintf to error_report 2014-10-15 10:46:01 +02:00
bt-host.c sysemu: avoid proliferation of include/ subdirectories 2013-04-15 18:19:25 +02:00
bt-vhci.c sysemu: avoid proliferation of include/ subdirectories 2013-04-15 18:19:25 +02:00
Changelog Use qemu-project.org domain name 2013-10-11 09:34:56 -07:00
CODING_STYLE CODING_STYLE: Section about conditional statement 2014-08-15 18:54:06 +04:00
configure configure: Prepend pixman and ftd flags to overrule system-provided ones 2014-10-15 12:20:27 +02:00
COPYING
COPYING.LIB
coroutine-gthread.c glib-compat.h: add new thread API emulation on top of pre-2.31 API 2014-06-10 07:44:01 +02:00
coroutine-sigaltstack.c Merge remote-tracking branch 'kwolf/for-anthony' into staging 2013-02-26 07:44:39 -06:00
coroutine-ucontext.c Fix warnings suppressors to honor --disable-werror 2013-04-17 10:28:04 -05:00
coroutine-win32.c coroutine-win32.c: Add noinline attribute to work around gcc bug 2014-06-26 14:08:14 +01:00
cpu-exec.c cpu-exec: Do CPU_INTERRUPT_HALT unconditionally 2014-09-25 18:54:22 +01:00
cpus.c Introduce cpu_clean_all_dirty 2014-09-16 11:04:09 +02:00
cputlb.c implementing victim TLB for QEMU system emulated TLB 2014-09-01 17:43:06 +01:00
device_tree.c device_tree.c: dump all err mesages with error_report 2014-09-02 22:38:16 +04:00
device-hotplug.c blockdev: Eliminate drive_del() 2014-10-20 13:41:26 +02:00
disas.c monitor: QEMU Monitor Instruction Disassembly Incorrect for PowerPC LE Mode 2014-06-16 13:24:26 +02:00
dma-helpers.c hw: Convert from BlockDriverState to BlockBackend, mostly 2014-10-20 14:02:25 +02:00
dump.c dump: Turn some functions to void to make code cleaner 2014-10-23 09:01:29 -04:00
exec.c exec.c: fix setting 1-byte-long watchpoints 2014-09-19 17:42:16 +01:00
gdbstub.c gdbstub: Allow target CPUs to specify watchpoint STOP_BEFORE_ACCESS flag 2014-10-06 14:25:43 +01:00
HACKING HACKING: Document vaddr type usage 2013-07-23 02:41:31 +02:00
hmp-commands.hx hmp: Remove "info pcmcia" 2014-10-24 12:19:11 +01:00
hmp.c Add HMP command "info memory-devices" 2014-09-26 13:37:06 -04:00
hmp.h Add HMP command "info memory-devices" 2014-09-26 13:37:06 -04:00
iohandler.c iohandler.c: Properly initialize sigaction struct 2014-05-24 00:07:29 +04:00
ioport.c memory: convert memory_region_destroy to object_unparent 2014-08-18 12:06:20 +02:00
iothread.c async: aio_context_new(): Handle event_notifier_init failure 2014-09-22 11:39:48 +01:00
kvm-all.c kvm fix compilation with GCC 4.3.4 2014-10-10 14:07:08 +01:00
kvm-stub.c accel: Move KVM accel registration to kvm-all.c 2014-10-04 08:59:15 +02:00
LICENSE LICENSE: clarify 2013-08-12 09:15:12 -05:00
main-loop.c Revert "main-loop.c: Handle SIGINT, SIGHUP and SIGTERM synchronously" 2014-10-27 15:05:09 +00:00
MAINTAINERS virtio-scsi fixes, the first part of dynamic sysbus devices, 2014-10-30 13:35:12 +00:00
Makefile trace: install trace-events file 2014-09-26 09:34:39 +01:00
Makefile.objs qemu-file: Move stdio implementation to qemu-file-stdio.c 2014-10-14 10:29:28 +02:00
Makefile.target bootdevice: move bootdevice related code to new file bootdevice.c 2014-10-15 09:49:48 +02:00
memory_mapping.c Add skip_dump flag to ignore memory region during dump 2014-10-31 11:29:01 +01:00
memory.c Add skip_dump flag to ignore memory region during dump 2014-10-31 11:29:01 +01:00
migration-exec.c aio / timers: Untangle include files 2013-08-22 19:10:27 +02:00
migration-fd.c aio / timers: Untangle include files 2013-08-22 19:10:27 +02:00
migration-rdma.c rdma: Fix incorrect description in comments 2014-09-20 17:55:53 +04:00
migration-tcp.c qemu-sockets: Add error to non-blocking connect handler 2014-10-09 15:36:15 +02:00
migration-unix.c qemu-sockets: Add error to non-blocking connect handler 2014-10-09 15:36:15 +02:00
migration.c block/migration: Disable cache invalidate for incoming migration 2014-10-14 09:35:21 +02:00
module-common.c module: implement module loading 2014-02-20 13:14:18 +01:00
monitor.c hmp: Remove "info pcmcia" 2014-10-24 12:19:11 +01:00
nbd.c block/migration: Disable cache invalidate for incoming migration 2014-10-14 09:35:21 +02:00
numa.c memory: add parameter errp to memory_region_init_ram 2014-09-09 13:41:43 +02:00
os-posix.c os-posix: report error message when lock file failed 2014-09-26 21:21:09 +04:00
os-win32.c util: Split out exec_dir from os_find_datadir 2014-02-20 13:12:54 +01:00
page_cache.c migration: Plug memory leak in migrate-set-cache-size command 2014-06-10 19:54:43 +04:00
qapi-schema.json qmp: Print descriptions of object properties 2014-10-15 05:03:15 +02:00
qdev-monitor.c qmp: Print descriptions of object properties 2014-10-15 05:03:15 +02:00
qdict-test-data.txt
qemu-bridge-helper.c qemu-bridge-helper: Fix fd leak in main() 2014-06-27 10:39:10 +02:00
qemu-char.c qemu-char: Fix reconnect socket error reporting 2014-10-09 15:36:15 +02:00
qemu-coroutine-io.c qemu-coroutine-io: fix for Win32 2014-08-29 10:46:58 +01:00
qemu-coroutine-lock.c coroutine: remove qemu_co_queue_wait_insert_head 2013-12-02 17:11:49 +01:00
qemu-coroutine-sleep.c coroutine: Drop co_sleep_ns 2014-08-29 10:46:58 +01:00
qemu-coroutine.c coroutine: make pool size dynamic 2014-08-15 15:07:14 +02:00
qemu-doc.texi block: delete cow block driver 2014-09-22 11:39:45 +01:00
qemu-file-stdio.c qemu-file: Move stdio implementation to qemu-file-stdio.c 2014-10-14 10:29:28 +02:00
qemu-file-unix.c qemu-file: Move unix and socket implementations to qemu-file-unix.c 2014-10-14 10:29:28 +02:00
qemu-file.c qemu-file: Move stdio implementation to qemu-file-stdio.c 2014-10-14 10:29:28 +02:00
qemu-img-cmds.hx qemu-img: Allow cache mode specification for amend 2014-08-22 14:54:48 +02:00
qemu-img.c qemu-img: Print error if check failed 2014-10-23 19:42:07 +02:00
qemu-img.texi block: delete cow block driver 2014-09-22 11:39:45 +01:00
qemu-io-cmds.c qemu-io: Respect early image end for map 2014-10-23 15:34:02 +02:00
qemu-io.c block: Make BlockBackend own its BlockDriverState 2014-10-20 13:41:26 +02:00
qemu-log.c qemu-log: default to stderr for logging output 2013-02-26 13:31:47 -06:00
qemu-nbd.c block: Make BlockBackend own its BlockDriverState 2014-10-20 13:41:26 +02:00
qemu-nbd.texi nbd: Miscellaneous typo fixes. 2014-05-24 00:07:29 +04:00
qemu-options-wrapper.h vl.c: In qemu -h output, only print options for the arch we are running as 2011-12-19 10:27:33 -06:00
qemu-options.h
qemu-options.hx -machine vmport=off: Allow disabling of VMWare ioport emulation 2014-10-31 11:29:01 +01:00
qemu-seccomp.c seccomp: add semctl() to the syscall whitelist 2014-08-21 10:29:16 +02:00
qemu-tech.texi qemu-tech.texi: update implemented xtensa features list 2012-11-29 13:00:52 -06:00
qemu-timer.c vl.c: remove init_clocks call from main 2014-05-09 20:57:32 +02:00
qemu.nsi nsis: Improved support for parallel installation of 32 and 64 bit code 2013-11-07 07:02:44 +01:00
qemu.sasl sasl: Avoid 'Could not find keytab file' in syslog 2014-03-15 13:54:18 +04:00
qmp-commands.hx add input-send-event command 2014-10-02 09:58:14 +02:00
qmp.c qmp: Print descriptions of object properties 2014-10-15 05:03:15 +02:00
qtest.c qtest: fix qtest log fd should be initialized before qtest chardev 2014-10-23 16:41:27 +02:00
README Use qemu-project.org domain name 2013-10-11 09:34:56 -07:00
rules.mak rules.mak: Allow .mo-objs and .mo-cflags in -y variables 2014-10-31 11:26:25 +01:00
savevm.c snapshot: fix referencing wrong variable in while loop in do_delvm 2014-10-03 10:30:33 +01:00
softmmu_template.h implementing victim TLB for QEMU system emulated TLB 2014-09-01 17:43:06 +01:00
spice-qemu-char.c qemu-char: Rename register_char_driver_qapi() to register_char_driver() 2014-09-16 23:36:32 +01:00
tcg-runtime.c tcg: Push tcg-runtime routines into exec/helper-* 2014-05-28 09:33:54 -07:00
tci.c Merge remote-tracking branch 'remotes/bonzini/softmmu-smap' into staging 2014-06-05 21:06:14 +01:00
thread-pool.c block: Rename BlockDriverCompletionFunc to BlockCompletionFunc 2014-10-20 13:41:27 +02:00
thunk.c exec: move include files to include/exec/ 2012-12-19 08:31:31 +01:00
tpm.c Use error_is_set() only when necessary 2014-02-17 11:57:23 -05:00
trace-events megasas: Fixup MSI-X handling 2014-10-31 11:29:01 +01:00
translate-all.c translate-all.c: memory walker initial address miscalculation 2014-10-06 21:53:35 +03:00
translate-all.h translate-all: Change tb_check_watchpoint() argument to CPUState 2014-03-13 19:20:48 +01:00
user-exec.c softmmu: introduce cpu_ldst.h 2014-06-05 16:10:33 +02:00
VERSION Open 2.2 development tree 2014-08-01 18:30:08 +01:00
version.rc Use qemu-project.org domain name 2013-10-11 09:34:56 -07:00
vl.c vl.c: Fix Coverity complaining for vmstate_dump_file 2014-10-31 11:29:01 +01:00
vmstate.c vmstate: Allow dynamic allocation for VBUFFER during migration 2014-10-14 09:35:48 +02:00
xbzrle.c xbzrle.c: Avoid undefined behaviour with signed arithmetic 2014-04-18 10:33:36 +04:00
xen-common-stub.c accel: Move Xen registration code to xen-common.c 2014-10-04 08:59:15 +02:00
xen-common.c accel: Pass MachineState object to accel init functions 2014-10-09 12:57:10 +02:00
xen-hvm-stub.c xen-hvm: Fix xen_hvm_init() to adjust pc memory layout 2014-06-23 17:50:04 +03:00
xen-hvm.c xen-hvm.c: Always return -1 when failure occurs in xen_hvm_init() 2014-09-20 17:55:53 +04:00
xen-mapcache.c xen: build on ARM 2014-07-07 10:37:40 +00:00

Read the documentation in qemu-doc.html or on http://wiki.qemu-project.org

- QEMU team