haraldwolff/qemu-patch-raspberry4
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
qemu-patch-raspberry4/hw
History
Radim Krčmář 876d516311 spice: fix invalid memory access to vga.vram 
vga_common_init() doesn't allow more than 256 MiB vram size and silently
shrinks any larger value.  qxl_dirty_surfaces() used the unshrinked size
via qxl->shadow_rom.surface0_area_size when accessing the memory, which
resulted in segfault.

Add a workaround for this case and an assert if it happens again.

We have to bump the vga memory limit too, because 256 MiB wouldn't have
allowed 8k (it requires more than 128 MiB).
1024 MiB doesn't work, but 512 MiB seems fine.

Proposed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-03 08:33:08 +01:00
..
9pfs rcu: introduce RCU-enabled QLIST 2015-02-16 17:30:19 +01:00
acpi pci, pc, virtio fixes and cleanups 2015-01-27 13:17:30 +00:00
alpha QOM infrastructure fixes and device conversions 2015-03-02 13:20:43 +00:00
arm error: Use error_report_err() where appropriate 2015-02-18 10:51:09 +01:00
audio sb16: fix interrupt acknowledgement 2015-01-22 11:04:18 +01:00
block Clean up around error_get_pretty(), qerror_report_err() 2015-02-26 07:01:08 +00:00
bt l2cap: fix access to freed memory 2014-08-15 19:12:48 +04:00
char QOM infrastructure fixes and device conversions 2015-03-02 13:20:43 +00:00
core QOM infrastructure fixes and device conversions 2015-03-02 13:20:43 +00:00
cpu icc_bus: fix typo ICC_BRIGDE -> ICC_BRIDGE 2014-11-03 19:51:56 +03:00
cris hw: Convert from BlockDriverState to BlockBackend, mostly 2014-10-20 14:02:25 +02:00
display spice: fix invalid memory access to vga.vram 2015-03-03 08:33:08 +01:00
dma vmstate: accept QEMUTimer in VMSTATE_TIMER*, add VMSTATE_TIMER_PTR* 2015-01-26 12:22:44 +01:00
gpio PPC: Add MPC8XXX gpio controller 2014-11-04 23:26:12 +01:00
i2c Fix debug print warning 2014-09-02 22:38:16 +04:00
i386 Revert "Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging" 2015-03-03 00:29:17 +00:00
ide QOM infrastructure fixes and device conversions 2015-03-02 13:20:43 +00:00
input Add trace to ps2.c. 2015-02-10 09:27:20 +03:00
intc hmp: Name HMP info handler functions hmp_info_SUBCOMMAND() 2015-02-18 11:58:50 +01:00
ipack memory: remove memory_region_destroy 2014-08-18 12:06:21 +02:00
isa isa: remove isa_mem_base variable 2015-02-13 14:09:28 +00:00
lm32 acpi-build: make ROMs RAM blocks resizeable 2015-01-08 13:17:55 +02:00
m68k hw/core/loader: implement address translation in uimage loader 2014-11-03 00:59:10 +03:00
mem numa: Move NUMA declarations from sysemu.h to numa.h 2015-02-23 15:39:27 -03:00
microblaze hw/core/loader: implement address translation in uimage loader 2014-11-03 00:59:10 +03:00
mips QOM infrastructure fixes and device conversions 2015-03-02 13:20:43 +00:00
misc hw: misc, add educational driver 2015-01-26 12:26:55 +01:00
moxie memory: add parameter errp to memory_region_init_ram 2014-09-09 13:41:43 +02:00
net etsec: Replace qdev_init() by qdev_init_nofail() 2015-02-24 00:19:05 +01:00
nvram fw_cfg: fix endianness in fw_cfg_data_mem_read() / _write() 2015-01-16 11:54:30 +00:00
openrisc hw/core/loader: implement address translation in uimage loader 2014-11-03 00:59:10 +03:00
pci Clean up around error_get_pretty(), qerror_report_err() 2015-02-26 07:01:08 +00:00
pci-bridge pci: split shpc_cleanup and shpc_free 2015-02-16 17:30:14 +01:00
pci-host - vhost-scsi: add bootindex property 2015-02-24 13:58:18 +00:00
pcmcia hmp: Remove "info pcmcia" 2014-10-24 12:19:11 +01:00
ppc NUMA fixes queue 2015-03-02 12:13:45 +00:00
s390x s390x/pci: Rework memory access in zpci instruction 2015-02-18 09:37:15 +01:00
scsi Clean up around error_get_pretty(), qerror_report_err() 2015-02-26 07:01:08 +00:00
sd vmstate: accept QEMUTimer in VMSTATE_TIMER*, add VMSTATE_TIMER_PTR* 2015-01-26 12:22:44 +01:00
sh4 r2d: Don't use legacy -usbdevice support for setting up board 2015-02-18 10:53:10 +01:00
sparc hmp: Name HMP info handler functions hmp_info_SUBCOMMAND() 2015-02-18 11:58:50 +01:00
sparc64 QOM infrastructure fixes and device conversions 2015-03-02 13:20:43 +00:00
ssi ssi: xilinx_spi: Initialise CS GPIOs as NULL 2014-08-15 18:54:40 +04:00
timer fix mc146818rtc wrong subsection name to avoid vmstate_subsection_load() fail 2015-02-05 17:16:14 +01:00
tpm Drop superfluous conditionals around g_strdup() 2014-12-10 11:30:55 +03:00
tricore target-tricore: check return value before using it 2014-11-02 10:04:34 +03:00
unicore32 memory: add parameter errp to memory_region_init_ram 2014-09-09 13:41:43 +02:00
usb Clean up around error_get_pretty(), qerror_report_err() 2015-02-26 07:01:08 +00:00
vfio vfio: Fix debug message compile error 2015-02-10 10:25:44 -07:00
virtio - vhost-scsi: add bootindex property 2015-02-24 13:58:18 +00:00
watchdog vmstate: accept QEMUTimer in VMSTATE_TIMER*, add VMSTATE_TIMER_PTR* 2015-01-26 12:22:44 +01:00
xen xen-pt: Fix PCI devices re-attach failed 2015-01-13 11:49:46 +00:00
xenpv hw: Convert from BlockDriverState to BlockBackend, mostly 2014-10-20 14:02:25 +02:00
xtensa hw/xtensa/xtfpga: treat uImage load address as virtual 2014-11-03 01:00:37 +03:00
Makefile.objs vfio: move hw/misc/vfio.c to hw/vfio/pci.c Move vfio.h into include/hw/vfio 2014-12-19 15:24:06 -07:00