qemu/hw/ppc
David Hildenbrand 3a1258399b nvdimm: Reject writing label data to ROM instead of crashing QEMU
Currently, when using a true R/O NVDIMM (ROM memory backend) with a label
area, the VM can easily crash QEMU by trying to write to the label area,
because the ROM memory is mmap'ed without PROT_WRITE.

    [root@vm-0 ~]# ndctl disable-region region0
    disabled 1 region
    [root@vm-0 ~]# ndctl zero-labels nmem0
    -> QEMU segfaults

Let's remember whether we have a ROM memory backend and properly
reject the write request:

    [root@vm-0 ~]# ndctl disable-region region0
    disabled 1 region
    [root@vm-0 ~]# ndctl zero-labels nmem0
    zeroed 0 nmem

In comparison, on a system with a R/W NVDIMM:

    [root@vm-0 ~]# ndctl disable-region region0
    disabled 1 region
    [root@vm-0 ~]# ndctl zero-labels nmem0
    zeroed 1 nmem

For ACPI, just return "unsupported", like if no label exists. For spapr,
return "H_P2", similar to when no label area exists.

Could we rely on the "unarmed" property? Maybe, but it looks cleaner to
only disallow what certainly cannot work.

After all "unarmed=on" primarily means: cannot accept persistent writes. In
theory, there might be setups where devices with "unarmed=on" set could
be used to host non-persistent data (temporary files, system RAM, ...); for
example, in Linux, admins can overwrite the "readonly" setting and still
write to the device -- which will work as long as we're not using ROM.
Allowing writing label data in such configurations can make sense.

Message-ID: <20230906120503.359863-2-david@redhat.com>
Fixes: dbd730e859 ("nvdimm: check -object memory-backend-file, readonly=on option")
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
2023-09-19 10:23:21 +02:00
..
e500-ccsr.h Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
e500.c hw/ppc/e500: fix broken snapshot replay 2023-09-06 11:19:33 +02:00
e500.h hw/ppc/e500: Add Freescale eSDHC to e500plat 2022-12-21 14:17:55 -03:00
e500plat.c hw/ppc: Use MachineClass->default_nic in the ppc machines 2023-05-22 09:44:22 +02:00
fdt.c target/ppc: Split page size information into a separate allocation 2018-04-27 18:05:22 +10:00
fw_cfg.c hw/ppc: Implement fw_cfg_arch_key_name() 2019-05-23 14:10:31 +02:00
Kconfig hw/ppc/Kconfig: MAC_NEWWORLD should always select USB_OHCI_PCI 2023-06-10 10:19:24 -03:00
mac_newworld.c hw/ppc: Use MachineClass->default_nic in the ppc machines 2023-05-22 09:44:22 +02:00
mac_oldworld.c hw/ppc: Reset timebase facilities on machine reset 2023-09-06 11:19:33 +02:00
meson.build ppc/spapr: Move spapr nested HV to a new file 2023-06-25 22:41:30 +02:00
mpc8544_guts.c ppc/ppc4xx: Convert printfs() 2022-01-04 07:55:34 +01:00
mpc8544ds.c hw/ppc: Use MachineClass->default_nic in the ppc machines 2023-05-22 09:44:22 +02:00
pef.c ppc/pef.c: initialize cgs->ready in kvmppc_svm_init() 2021-06-03 18:10:31 +10:00
pegasos2.c hw/ppc: Reset timebase facilities on machine reset 2023-09-06 11:19:33 +02:00
pnv_bmc.c Remove qemu-common.h include from most units 2022-04-06 14:31:55 +02:00
pnv_core.c hw/ppc: Reset timebase facilities on machine reset 2023-09-06 11:19:33 +02:00
pnv_homer.c include/hw/ppc: Split pnv_chip.h off pnv.h 2023-01-20 07:25:10 +01:00
pnv_lpc.c bulk: Remove pointless QOM casts 2023-06-05 20:48:34 +02:00
pnv_occ.c bulk: Remove pointless QOM casts 2023-06-05 20:48:34 +02:00
pnv_pnor.c block: Change blk_{pread,pwrite}() param order 2022-07-12 12:14:56 +02:00
pnv_psi.c pnv/psi: Initialize the PSIHB interrupts to match hardware 2023-07-07 04:46:12 -03:00
pnv_sbe.c bulk: Remove pointless QOM casts 2023-06-05 20:48:34 +02:00
pnv_xscom.c include/hw/ppc: Split pnv_chip.h off pnv.h 2023-01-20 07:25:10 +01:00
pnv.c ppc/pnv: Add QME region for P10 2023-07-07 06:32:53 -03:00
ppc4xx_devs.c ppc4xx_sdram: Move ppc4xx_sdram_banks() to ppc4xx_sdram.c 2022-10-28 13:15:23 -03:00
ppc4xx_pci.c ppc4xx_pci: Add define for ppc4xx-host-bridge type name 2023-07-07 04:47:49 -03:00
ppc4xx_sdram.c *: Add missing includes of qemu/error-report.h 2023-03-22 15:06:57 +00:00
ppc405_boards.c ppc4xx_sdram: Rename functions to prevent name clashes 2022-10-17 16:15:09 -03:00
ppc405_uc.c Drop duplicate #include 2023-02-08 07:28:05 +01:00
ppc405.h ppc4xx_sdram: QOM'ify 2022-10-17 16:15:09 -03:00
ppc440_bamboo.c ppc4xx_pci: Rename QOM type name define 2023-07-07 04:47:49 -03:00
ppc440_pcix.c ppc440_pcix: Rename QOM type define abd move it to common header 2023-07-07 04:47:49 -03:00
ppc440_uc.c ppc440: Remove ppc460ex_pcie_init legacy init function 2023-07-07 04:47:49 -03:00
ppc440.h ppc440: Remove ppc460ex_pcie_init legacy init function 2023-07-07 04:47:49 -03:00
ppc_booke.c Use g_new() & friends where that makes obvious sense 2022-03-21 15:44:44 +01:00
ppc.c target/ppc: Fix the order of kvm_enable judgment about kvmppc_set_interrupt() 2023-09-06 11:19:33 +02:00
ppce500_spin.c target/ppc: Restrict KVM-specific fields from ArchCPU 2023-06-28 14:27:59 +02:00
prep_systemio.c ppc/6xx: Allocate IRQ lines with qdev_init_gpio_in() 2022-07-18 13:59:43 -03:00
prep.c hw/ppc: Reset timebase facilities on machine reset 2023-09-06 11:19:33 +02:00
rs6000_mc.c Do not include hw/boards.h if it's not really necessary 2021-05-02 17:24:51 +02:00
sam460ex.c ppc440_pcix: Rename QOM type define abd move it to common header 2023-07-07 04:47:49 -03:00
spapr_caps.c spapr: TCG allow up to 8-thread SMT on POWER8 and newer CPUs 2023-06-25 22:41:30 +02:00
spapr_cpu_core.c hw/ppc: Reset timebase facilities on machine reset 2023-09-06 11:19:33 +02:00
spapr_drc.c Drop duplicate #include 2023-02-08 07:28:05 +01:00
spapr_events.c Use g_new() & friends where that makes obvious sense 2022-03-21 15:44:44 +01:00
spapr_hcall.c spapr: implement H_SET_MODE debug facilities 2023-09-06 11:19:33 +02:00
spapr_iommu.c hw/ppc: use g_free() in spapr_tce_table_post_load() 2023-09-08 13:08:52 +03:00
spapr_irq.c spapr/xics: Drop unused argument to xics_kvm_has_broken_disconnect() 2020-12-14 15:50:55 +11:00
spapr_nested.c ppc/spapr: Move spapr nested HV to a new file 2023-06-25 22:41:30 +02:00
spapr_numa.c Remove qemu-common.h include from most units 2022-04-06 14:31:55 +02:00
spapr_nvdimm.c nvdimm: Reject writing label data to ROM instead of crashing QEMU 2023-09-19 10:23:21 +02:00
spapr_ovec.c spapr: Improve handling of memory unplug with old guests 2021-01-19 10:20:29 +11:00
spapr_pci_nvlink2.c hw/ppc/pnv: Avoid dynamic stack allocation 2022-09-22 16:38:28 +01:00
spapr_pci_vfio.c include/hw/pci: Split pci_device.h off pci.h 2023-01-08 01:54:22 -05:00
spapr_pci.c pci: drop redundant PCIDeviceClass::is_bridge field 2022-12-21 07:32:24 -05:00
spapr_rng.c Do not include cpu.h if it's not really necessary 2021-05-02 17:24:51 +02:00
spapr_rtas_ddw.c spapr/ddw: Implement 64bit query extension 2022-07-06 10:22:37 -03:00
spapr_rtas.c softmmu/qtest: Move the target-specific pseries RTAS code out of qtest.c 2023-04-20 11:25:32 +02:00
spapr_rtc.c rtc: Have event RTC_CHANGE identify the RTC by QOM path 2022-02-28 11:39:35 +01:00
spapr_softmmu.c *: Add missing includes of qemu/error-report.h 2023-03-22 15:06:57 +00:00
spapr_tpm_proxy.c Remove qemu-common.h include from most units 2022-04-06 14:31:55 +02:00
spapr_vio.c hw/ppc/spapr_vio.c: use g_autofree in spapr_dt_vdevice() 2022-03-02 06:51:40 +01:00
spapr_vof.c Remove qemu-common.h include from most units 2022-04-06 14:31:55 +02:00
spapr.c spapr: Fix record-replay machine reset consuming too many events 2023-09-06 11:19:33 +02:00
trace-events ppc4xx_sdram: Generalise bank setup 2022-10-28 13:15:23 -03:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00
virtex_ml507.c hw/ppc/virtex_ml507: Prefer local over global variable 2022-12-21 14:17:55 -03:00
vof.c ppc/vof: Fix missed fields in VOF cleanup 2023-09-06 11:19:33 +02:00