qemu/hw/mem
David Hildenbrand 3a1258399b nvdimm: Reject writing label data to ROM instead of crashing QEMU
Currently, when using a true R/O NVDIMM (ROM memory backend) with a label
area, the VM can easily crash QEMU by trying to write to the label area,
because the ROM memory is mmap'ed without PROT_WRITE.

    [root@vm-0 ~]# ndctl disable-region region0
    disabled 1 region
    [root@vm-0 ~]# ndctl zero-labels nmem0
    -> QEMU segfaults

Let's remember whether we have a ROM memory backend and properly
reject the write request:

    [root@vm-0 ~]# ndctl disable-region region0
    disabled 1 region
    [root@vm-0 ~]# ndctl zero-labels nmem0
    zeroed 0 nmem

In comparison, on a system with a R/W NVDIMM:

    [root@vm-0 ~]# ndctl disable-region region0
    disabled 1 region
    [root@vm-0 ~]# ndctl zero-labels nmem0
    zeroed 1 nmem

For ACPI, just return "unsupported", like if no label exists. For spapr,
return "H_P2", similar to when no label area exists.

Could we rely on the "unarmed" property? Maybe, but it looks cleaner to
only disallow what certainly cannot work.

After all "unarmed=on" primarily means: cannot accept persistent writes. In
theory, there might be setups where devices with "unarmed=on" set could
be used to host non-persistent data (temporary files, system RAM, ...); for
example, in Linux, admins can overwrite the "readonly" setting and still
write to the device -- which will work as long as we're not using ROM.
Allowing writing label data in such configurations can make sense.

Message-ID: <20230906120503.359863-2-david@redhat.com>
Fixes: dbd730e859 ("nvdimm: check -object memory-backend-file, readonly=on option")
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
2023-09-19 10:23:21 +02:00
..
cxl_type3_stubs.c hw/cxl/events: Add injection of Memory Module Events 2023-06-23 02:54:40 -04:00
cxl_type3.c hw/cxl/events: Add injection of Memory Module Events 2023-06-23 02:54:40 -04:00
Kconfig hw/cxl/device: Add a memory device (8.2.8.5) 2022-05-13 06:13:36 -04:00
memory-device.c memory-device: Track used region size in DeviceMemoryState 2023-07-12 09:25:37 +02:00
meson.build meson: Replace softmmu_ss -> system_ss 2023-06-20 10:01:30 +02:00
npcm7xx_mc.c hw/*: Use type casting for SysBusDevice in NPCM7XX 2021-01-12 21:19:02 +00:00
nvdimm.c nvdimm: Reject writing label data to ROM instead of crashing QEMU 2023-09-19 10:23:21 +02:00
pc-dimm.c virtio-balloon: optimize the virtio-balloon on the ARM platform 2023-04-21 04:25:52 -04:00
sparse-mem.c *: Add missing includes of qemu/error-report.h 2023-03-22 15:06:57 +00:00
trace-events docs: fix references to docs/devel/tracing.rst 2021-06-02 06:51:09 +02:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00