haraldwolff/qemu-patch-raspberry4
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
qemu-patch-raspberry4/hw/block
History
Philippe Mathieu-Daudé 1ab95af033 hw/block/fdc: Kludge missing floppy drive to fix CVE-2021-20196 
Guest might select another drive on the bus by setting the
DRIVE_SEL bit of the DIGITAL OUTPUT REGISTER (DOR).
The current controller model doesn't expect a BlockBackend
to be NULL. A simple way to fix CVE-2021-20196 is to create
an empty BlockBackend when it is missing. All further
accesses will be safely handled, and the controller state
machines keep behaving correctly.

Cc: qemu-stable@nongnu.org
Fixes: CVE-2021-20196
Reported-by: Gaoning Pan (Ant Security Light-Year Lab) <pgn@zju.edu.cn>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Hanna Reitz <hreitz@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20211124161536.631563-3-philmd@redhat.com
BugLink: https://bugs.launchpad.net/qemu/+bug/1912780
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/338
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Hanna Reitz <hreitz@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
2021-12-02 01:09:38 -05:00
..
dataplane virtio: Clarify MR transaction optimization 2021-07-02 11:13:39 -04:00
block.c block: Add backend_defaults property 2021-07-06 14:28:55 +01:00
cdrom.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
ecc.c vmstate: Constify some VMStateDescriptions 2021-05-02 17:24:50 +02:00
fdc-internal.h hw/block/fdc: Declare shared prototypes in fdc-internal.h 2021-06-25 08:53:28 -04:00
fdc-isa.c hw/block/fdc: Add description to floppy controllers 2021-06-25 08:53:28 -04:00
fdc-sysbus.c hw/block/fdc: Add description to floppy controllers 2021-06-25 08:53:28 -04:00
fdc.c hw/block/fdc: Kludge missing floppy drive to fix CVE-2021-20196 2021-12-02 01:09:38 -05:00
hd-geometry.c block: Remove blk_pread_unthrottled() 2019-08-16 10:25:16 +02:00
Kconfig hw/block/fdc: Extract SysBus floppy controllers to fdc-sysbus.c 2021-06-25 08:53:28 -04:00
m25p80.c hw/block: m25p80: Add support for mt25ql02g and mt25qu02g 2021-05-01 10:03:52 +02:00
meson.build hw/block/fdc: Extract SysBus floppy controllers to fdc-sysbus.c 2021-06-25 08:53:28 -04:00
nand.c block: Separate blk_is_writable() and blk_supports_write_perm() 2021-01-27 20:45:20 +01:00
onenand.c block: Separate blk_is_writable() and blk_supports_write_perm() 2021-01-27 20:45:20 +01:00
pflash_cfi01.c hw/block/pflash_cfi: Replace DPRINTF with trace events 2021-03-18 11:16:31 +01:00
pflash_cfi02.c hw/block/pflash_cfi02: Do not create aliases when not necessary 2021-05-11 18:11:02 +02:00
swim.c qbus: Rename qbus_create_inplace() to qbus_init() 2021-09-30 13:42:10 +01:00
tc58128.c hw/sh4: Add missing license 2021-03-06 16:18:42 +01:00
trace-events hw/block/fdc: Extract SysBus floppy controllers to fdc-sysbus.c 2021-06-25 08:53:28 -04:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00
vhost-user-blk.c vhost-user-blk: Implement reconnection during realize 2021-06-30 13:21:22 +02:00
virtio-blk.c virtio-blk: Constify VirtIOFeature feature_sizes[] 2021-05-14 08:12:09 -04:00
xen-block.c xen-block: Use specific blockdev driver 2021-05-10 13:43:58 +01:00
xen_blkif.h xen: Import other xen/io/*.h 2019-06-24 10:42:30 +01:00