On 2019.02.19 03:30:43 +0000, Zhao, Yan Y wrote:
Do we need to check whether the index is in DWORD or QWORD, which is specified in DWORD 0 of the command?
That is for MI_FLUSH_DW cmd length instead of index size I believe. And index is always Qword aligned, but take steps of u32. So this patch is to fix the upper bound.
BTW, maybe we also need to check whether gma is QWORD aligned ?
Current code did masking on it before checking gma..
-----Original Message----- From: intel-gvt-dev [mailto:intel-gvt-dev-bounces@lists.freedesktop.org] On Behalf Of Zhenyu Wang Sent: Monday, February 18, 2019 2:47 PM To: intel-gvt-dev@lists.freedesktop.org Cc: stable@vger.kernel.org Subject: [PATCH] drm/i915/gvt: Fix MI_FLUSH_DW parsing with correct index check
When MI_FLUSH_DW post write hw status page in index mode, the index value is in dword step. This fixes wrong qword step in cmd parser code which incorrectly stopped VM for invalid MI_FLUSH_DW write index.
Fixes: be1da7070aea ("drm/i915/gvt: vGPU command scanner") Cc: stable@vger.kernel.org # v4.10+ Signed-off-by: Zhenyu Wang zhenyuw@linux.intel.com
drivers/gpu/drm/i915/gvt/cmd_parser.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/i915/gvt/cmd_parser.c b/drivers/gpu/drm/i915/gvt/cmd_parser.c index 35b4ec3f7618..d42f7a2dc82f 100644 --- a/drivers/gpu/drm/i915/gvt/cmd_parser.c +++ b/drivers/gpu/drm/i915/gvt/cmd_parser.c @@ -1441,7 +1441,7 @@ static inline int cmd_address_audit(struct parser_exec_state *s, }
if (index_mode) {
if (guest_gma >= I915_GTT_PAGE_SIZE / sizeof(u64)) {
if (guest_gma >= I915_GTT_PAGE_SIZE / sizeof(u32)) { ret = -EFAULT; goto err;-- 2.20.1
intel-gvt-dev mailing list intel-gvt-dev@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/intel-gvt-dev
intel-gvt-dev mailing list intel-gvt-dev@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/intel-gvt-dev