[PATCH 2/4] qemu: handle bios 'none' case in qemuFirmwareFillDomain()

Daniel Henrique Barboza dbarboza at ventanamicro.com
Wed Mar 22 09:10:19 UTC 2023 

All the code present in qemuFirmwareFillDomain() assumes that
loader->path is always filled if using manual firmware selection.

In the newly added "<loader type='none'/>" case, i.e. without using
firmware autoselection, qemuFirmwareFillDomain() will call
qemuFirmwareFillDomainModern(), which in turn will fetch the number of
firmwares in the driver via qemuFirmwareFetchParsedConfigs(). If any
firmware is found, qemuFirmwareFillDomainModern() will call
qemuFirmwareMatchDomain(), and we'll SIGSEV in:

  STRNEQ(loader->path, fw->mapping.data.flash.executable.filename)) {

Because we never checked if loader->path != NULL ever since the start of
qemuFirmwareFillDomain(), 2 callers before.

This doesn't happen in the field because, at this moment, there is no
RISC-V firmwares set in the live driver. But the test driver from
qemuxml2argvdata will populate the list with some firmwares, triggering
the call to qemuFirmwareMatchDomain() that causes the seg fault. We'll
hit this SIGSEV when adding a xml2xargv test that uses loader
type='none'.

One fix is to use STRNEQ_NULLABLE() in the forementioned line, , but
doing that doesn't fix the loader->path != NULL assumption that we're
making in qemuFirmwareFillDomain(). Let's instead exit early in that
function if we're dealing with the loader type='none' scenario we're now
supporting: no firmware autoselection, loader->type == none,
loader->path == NULL.

Signed-off-by: Daniel Henrique Barboza <dbarboza at ventanamicro.com>
---
 src/qemu/qemu_firmware.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c
index 9de4166772..8541a57bf6 100644
--- a/src/qemu/qemu_firmware.c
+++ b/src/qemu/qemu_firmware.c
@@ -1616,6 +1616,16 @@ qemuFirmwareFillDomain(virQEMUDriver *driver,
         return -1;
     }
 
+    /* If we're not autoselecting a firmware, and we have a loader
+     * element, and loader type is 'none', and we don't have a
+     * loader->path, consider that the user wants to explictly
+     * disable the firmware selection in QEMU (-bios none). */
+    if (!autoSelection && loader &&
+        loader->type == VIR_DOMAIN_LOADER_TYPE_NONE &&
+        !loader->path) {
+        return 0;
+    }
+
     /* If firmware autoselection is disabled and the loader is a ROM
      * instead of a PFLASH device, then we're using BIOS and we don't
      * need any information at all */
-- 
2.39.2

More information about the libvir-list mailing list