[Qemu-commits] [qemu/qemu] 4d84bb: hw/tpm/tpm_tis_common.c: Assert that locty is in r...

[Richard Henderson]

  Branch: refs/heads/staging
  Home:   https://github.com/qemu/qemu
  Commit: 4d84bb6c8b42cc781a02e1ac6648875966abc877
      
https://github.com/qemu/qemu/commit/4d84bb6c8b42cc781a02e1ac6648875966abc877
  Author: Peter Maydell <peter.maydell@linaro.org>
  Date:   2022-06-01 (Wed, 01 Jun 2022)

  Changed paths:
    M hw/tpm/tpm_tis_common.c

  Log Message:
  -----------
  hw/tpm/tpm_tis_common.c: Assert that locty is in range

In tpm_tis_mmio_read(), tpm_tis_mmio_write() and
tpm_tis_dump_state(), we calculate a locality index with
tpm_tis_locality_from_addr() and then use it as an index into the
s->loc[] array.  In all these cases, the array index can't overflow
because the MemoryRegion is sized to be TPM_TIS_NUM_LOCALITIES <<
TPM_TIS_LOCALITY_SHIFT bytes.  However, Coverity can't see that, and
it complains (CID 1487138, 1487180, 1487188, 1487198, 1487240).

Add an assertion to tpm_tis_locality_from_addr() that the calculated
locality index is valid, which will help Coverity and also catch any
potential future bug where the MemoryRegion isn't sized exactly.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 20220525125904.483075-1-stefanb@linux.ibm.com


  Commit: e37a0ef4605e5d2041785ff3fc89ca6021faf7a0
      
https://github.com/qemu/qemu/commit/e37a0ef4605e5d2041785ff3fc89ca6021faf7a0
  Author: Anthony PERARD <anthony.perard@citrix.com>
  Date:   2022-06-07 (Tue, 07 Jun 2022)

  Changed paths:
    M hw/tpm/tpm_crb.c

  Log Message:
  -----------
  tpm_crb: mark command buffer as dirty on request completion

At the moment, there doesn't seems to be any way to know that QEMU
made modification to the command buffer. This is potentially an issue
on Xen while migrating a guest, as modification to the buffer after
the migration as started could be ignored and not transfered to the
destination.

Mark the memory region of the command buffer as dirty once a request
is completed.

Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Message-id: 20220411144749.47185-1-anthony.perard@citrix.com


  Commit: 6d940eff4734bcb40b1a25f62d7cec5a396f994a
      
https://github.com/qemu/qemu/commit/6d940eff4734bcb40b1a25f62d7cec5a396f994a
  Author: Richard Henderson <richard.henderson@linaro.org>
  Date:   2022-06-07 (Tue, 07 Jun 2022)

  Changed paths:
    M hw/tpm/tpm_crb.c
    M hw/tpm/tpm_tis_common.c

  Log Message:
  -----------
  Merge tag 'pull-tpm-2022-06-07-1' of https://github.com/stefanberger/qemu-tpm 
into staging

Merge tpm 2022/06/07 v1

# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCAAdFiEEuBi5yt+QicLVzsZrda1lgCoLQhEFAmKf8HgACgkQda1lgCoL
# QhHx8Qf/QB2z+0B1xKKn8NqrWbZ+FaVlnPu/3hX4kraCY5zAYV9e64kdWhuIKRbM
# 74/KARGMpkme6Y8rUSK6mVeiY+ul+egfVMnKyfhsM1jhAQT/DzSlht/XZzbn3Mg+
# FFXQBMqcvcNWH53q9zi9GJYqH4tcxUku3ejgodU4+SO2wB5S59pS/tD+i5H06Vy5
# Iw1kW6I11gYhJGETxVgb6F2Jfyu6uPWFhIg7eN06XwNExFc45E8GjrpIs2rO78GN
# OzMBjwAG+C+/PU+UZDOd5Zhq5qv+8DcvDQuPXyqksxPcFvouvLghQvQL/h7neMlM
# jOwHS153ay0EAT/t2lZafsBwqKQxvQ==
# =b9Qe
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 07 Jun 2022 05:42:32 PM PDT
# gpg:                using RSA key B818B9CADF9089C2D5CEC66B75AD65802A0B4211
# gpg: Good signature from "Stefan Berger <stefanb@linux.vnet.ibm.com>" 
[unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: B818 B9CA DF90 89C2 D5CE  C66B 75AD 6580 2A0B 4211

* tag 'pull-tpm-2022-06-07-1' of https://github.com/stefanberger/qemu-tpm:
  tpm_crb: mark command buffer as dirty on request completion
  hw/tpm/tpm_tis_common.c: Assert that locty is in range

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>


Compare: https://github.com/qemu/qemu/compare/9b1f58854959...6d940eff4734