From 124e857d763ca76498e967026a2eb1190243385e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Le=20Goater?= Date: Fri, 27 Nov 2020 08:32:12 +0100 Subject: xive/p9: Remove assert from xive_eq_for_target() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [ Upstream commit f07ea9564425d8005ab334dfa40f7cebe4e71fbf ] XIVE VPs are structures describing the vCPUs of guests. When starting a guest, these are allocated and enabled and some checks are done on the location of the associated ENDs, which describe the event queues. If the block of the VP and the block of the ENDs do not match, the XIVE driver asserts. Unfortunately, there is no way to check that a VP identifier is part of a VP block that was previously allocated and it is relatively easy to crash the host with a bogus VP id. That can be done with a QEMU hack on a machine using vsmt. Simply remove the assert, the OS should gracefully handle the error. Signed-off-by: Cédric Le Goater Reported-by: Greg Kurz Signed-off-by: Vasant Hegde --- hw/xive.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/xive.c b/hw/xive.c index 9a36f1a..f6dceac 100644 --- a/hw/xive.c +++ b/hw/xive.c @@ -2114,7 +2114,7 @@ static inline bool xive_eq_for_target(uint32_t target, uint8_t prio, if (eq_blk != vp_blk) { xive_err(x, "eq_blk != vp_blk (%d vs. %d) for target 0x%08x/%d\n", eq_blk, vp_blk, target, prio); - assert(false); + return false; } if (out_eq_blk) -- cgit v1.1