qemu-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-commits] [qemu/qemu] 9596ef: e1000: fix hang of win2k12 shutdown w

From: GitHub
Subject: [Qemu-commits] [qemu/qemu] 9596ef: e1000: fix hang of win2k12 shutdown with flood pin...
Date: Mon, 07 Dec 2015 07:00:04 -0800 
  Branch: refs/heads/master
  Home:   https://github.com/qemu/qemu
  Commit: 9596ef7c7b8528bedb240792ea1fb598543ad3c4
      
https://github.com/qemu/qemu/commit/9596ef7c7b8528bedb240792ea1fb598543ad3c4
  Author: Denis V. Lunev <address@hidden>
  Date:   2015-12-07 (Mon, 07 Dec 2015)

  Changed paths:
    M hw/net/e1000.c

  Log Message:
  -----------
  e1000: fix hang of win2k12 shutdown with flood ping

e1000 driver in Win2k12 is really well rotten. It 100% hangs on shutdown
of UP VM under flood ping. The guest checks card state and reinjects
itself interrupt in a loop. This is fatal for UP machine.

There is no good way to fix this misbehavior but to kludge it. The
emulation has interrupt throttling register aka ITR which limits
interrupt rate and allows the guest to proceed this phase.
There is no problem with this kludge for Linux guests - it adjust the
value of it itself.

On the other hand according to the initial research in
    commit e9845f0985f088dd01790f4821026df0afba5795
    Author: Vincenzo Maffione <address@hidden>
    Date:   Fri Aug 2 18:30:52 2013 +0200

    e1000: add interrupt mitigation support

    ...

    Interrupt mitigation boosts performance when the guest suffers from
    an high interrupt rate (i.e. receiving short UDP packets at high packet
    rate). For some numerical results see the following link
    http://info.iet.unipi.it/~luigi/papers/20130520-rizzo-vm.pdf

this should also boost performance a bit.

See https://bugzilla.redhat.com/show_bug.cgi?id=874406 for additional
details.

Signed-off-by: Denis V. Lunev <address@hidden>
CC: Vincenzo Maffione <address@hidden>
CC: Stefan Hajnoczi <address@hidden>
Signed-off-by: Jason Wang <address@hidden>


  Commit: 837f21aacf5a714c23ddaadbbc5212f9b661e3f7
      
https://github.com/qemu/qemu/commit/837f21aacf5a714c23ddaadbbc5212f9b661e3f7
  Author: Prasad J Pandit <address@hidden>
  Date:   2015-12-07 (Mon, 07 Dec 2015)

  Changed paths:
    M hw/net/pcnet.c

  Log Message:
  -----------
  net: pcnet: add check to validate receive data size(CVE-2015-7504)

In loopback mode, pcnet_receive routine appends CRC code to the
receive buffer. If the data size given is same as the buffer size,
the appended CRC code overwrites 4 bytes after s->buffer. Added a
check to avoid that.

Reported by: Qinghao Tang <address@hidden>
Cc: address@hidden
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Prasad J Pandit <address@hidden>
Signed-off-by: Jason Wang <address@hidden>


  Commit: 8b98a2f07175d46c3f7217639bd5e03f2ec56343
      
https://github.com/qemu/qemu/commit/8b98a2f07175d46c3f7217639bd5e03f2ec56343
  Author: Jason Wang <address@hidden>
  Date:   2015-12-07 (Mon, 07 Dec 2015)

  Changed paths:
    M hw/net/pcnet.c

  Log Message:
  -----------
  pcnet: fix rx buffer overflow(CVE-2015-7512)

Backends could provide a packet whose length is greater than buffer
size. Check for this and truncate the packet to avoid rx buffer
overflow in this case.

Cc: Prasad J Pandit <address@hidden>
Cc: address@hidden
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Jason Wang <address@hidden>


  Commit: 6a9c6470957e935acc796e87e2697340640760f9
      
https://github.com/qemu/qemu/commit/6a9c6470957e935acc796e87e2697340640760f9
  Author: Michael S. Tsirkin <address@hidden>
  Date:   2015-12-07 (Mon, 07 Dec 2015)

  Changed paths:
    M hw/net/vmxnet3.c

  Log Message:
  -----------
  vmxnet3: silence warning

vmxnet3 always produces a warning under qtest.

This is not a user error, don't warn.

Suggested-by: Paolo Bonzini <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Jason Wang <address@hidden>


  Commit: 12fdd928c8d8ea55108c076dbbfff35ecf8e7a97
      
https://github.com/qemu/qemu/commit/12fdd928c8d8ea55108c076dbbfff35ecf8e7a97
  Author: Andrew Baumann <address@hidden>
  Date:   2015-12-07 (Mon, 07 Dec 2015)

  Changed paths:
    M hw/net/lan9118.c

  Log Message:
  -----------
  lan9118: fix emulation of MAC address loaded bit in E2P_CMD register

There appears to have been a longstanding typo in the implementation
of the "MAC address loaded" bit in the E2P_CMD (EEPROM command)
register. The code was using 0x10, but the controller spec says it
should be bit 8 (0x100).

Signed-off-by: Andrew Baumann <address@hidden>
Signed-off-by: Jason Wang <address@hidden>


  Commit: 52b4bb7383b32e4e7512f98c57738c8fc9cb35ba
      
https://github.com/qemu/qemu/commit/52b4bb7383b32e4e7512f98c57738c8fc9cb35ba
  Author: Andrew Baumann <address@hidden>
  Date:   2015-12-07 (Mon, 07 Dec 2015)

  Changed paths:
    M hw/net/lan9118.c

  Log Message:
  -----------
  lan9118: log and ignore access to invalid registers, rather than aborting

With this change, access to invalid/unimplemented device registers are
logged as a "guest error" rather than aborting qemu with
hw_error. This enables drivers for similar devices (e.g. SMSC 9221),
by simply ignoring the unimplemented writes. It's also closer to what
real hardware does.

Signed-off-by: Andrew Baumann <address@hidden>
Signed-off-by: Jason Wang <address@hidden>


  Commit: 84942979de3b7204ff53dbd263f8919897c779b2
      
https://github.com/qemu/qemu/commit/84942979de3b7204ff53dbd263f8919897c779b2
  Author: Peter Maydell <address@hidden>
  Date:   2015-12-07 (Mon, 07 Dec 2015)

  Changed paths:
    M hw/net/e1000.c
    M hw/net/lan9118.c
    M hw/net/pcnet.c
    M hw/net/vmxnet3.c

  Log Message:
  -----------
  Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into 
staging

# gpg: Signature made Mon 07 Dec 2015 14:06:07 GMT using RSA key ID 398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <address@hidden>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F  3562 EF04 965B 398D 6211

* remotes/jasowang/tags/net-pull-request:
  lan9118: log and ignore access to invalid registers, rather than aborting
  lan9118: fix emulation of MAC address loaded bit in E2P_CMD register
  vmxnet3: silence warning
  pcnet: fix rx buffer overflow(CVE-2015-7512)
  net: pcnet: add check to validate receive data size(CVE-2015-7504)
  e1000: fix hang of win2k12 shutdown with flood ping

Signed-off-by: Peter Maydell <address@hidden>


Compare: https://github.com/qemu/qemu/compare/a5582eac1517...84942979de3b
reply via email to
[Prev in Thread] Current Thread [Next in Thread]