haraldwolff/qemu-patch-raspberry4
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
qemu-patch-raspberry4/hw
History
Peter Maydell 58d479786b hw/pci-host/bonito: Avoid buffer overrun for bad LDMA/COP accesses 
The LDMA and COP memory regions represent four 32 bit registers
each, but the memory regions themselves are 0x100 bytes large.
Add guards to the read and write accessors so that bogus accesses
beyond the four defined registers don't just run off the end of
the bonldma and boncop structs and into whatever lies beyond.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2015-08-13 16:22:53 +01:00
..
9pfs virtio: get_features() can fail 2015-07-27 18:11:53 +03:00
acpi hw/acpi/ich9: clean up stale comment about KVM not supporting SMM 2015-07-27 22:44:47 +03:00
alpha hw/alpha/typhoon.c: Fix misusing qemu_allocate_irqs for single irq 2015-06-03 14:21:24 +03:00
arm musicpal: Drop eth_can_receive 2015-07-20 17:47:24 +01:00
audio gus: clean up MemoryRegionPortio 2015-04-27 18:24:18 +02:00
block virtio-blk-dataplane: delete bottom half before the AioContext is freed 2015-07-29 10:02:06 +01:00
bt bt-sdp: fix broken uuids power-of-2 calculation 2015-04-28 15:36:08 +02:00
char virtio: get_features() can fail 2015-07-27 18:11:53 +03:00
core pc,virtio: fixes for 2.4 2015-07-13 13:35:51 +01:00
cpu icc_bus: fix typo ICC_BRIGDE -> ICC_BRIDGE 2014-11-03 19:51:56 +03:00
cris cris: memory: Replace memory_region_init_ram with memory_region_allocate_system_memory 2015-04-11 20:03:57 +10:00
display virtio fixes for 2.4 2015-07-28 17:09:56 +01:00
dma Include qapi/qmp/qerror.h exactly where needed 2015-06-22 18:20:41 +02:00
gpio pl061: fix wrong calculation of GPIOMIS register 2015-06-02 14:56:25 +01:00
i2c ACPI: split CONFIG_ACPI into 4 pieces 2015-05-29 11:28:59 +01:00
i386 acpi: fix pvpanic device is not shown in ui 2015-07-27 23:55:27 +03:00
ide Fix release_drive on unplugged devices (pci_piix3_xen_ide_unplug) 2015-08-03 14:27:12 +00:00
input virtio: get_features() can fail 2015-07-27 18:11:53 +03:00
intc xics_kvm: Don't enable KVM_CAP_IRQ_XICS if already enabled 2015-07-07 17:44:52 +02:00
ipack pci: Trivial device model conversions to realize 2015-02-26 12:42:16 +01:00
isa ich9: implement strap SPKR pin logic 2015-07-08 10:09:55 +03:00
lm32 hw/lm32/milkymist.c: Fix misusing qemu_allocate_irqs for single irq 2015-06-03 14:21:24 +03:00
m68k m68k: implement more ColdFire 5208 interrupt controller functionality 2015-06-22 14:43:25 +01:00
mem numa,pc-dimm: Store pc-dimm memory information in numa_info 2015-07-03 17:47:58 -03:00
microblaze microblaze: boot: Use cpu_set_pc() 2015-07-09 15:20:40 +02:00
mips target-mips: add Unified Hosting Interface (UHI) support 2015-06-26 09:08:50 +01:00
misc macio: remove nonexistent interrupt on pin 1 2015-07-07 17:44:49 +02:00
moxie memory: add parameter errp to memory_region_init_ram 2014-09-09 13:41:43 +02:00
net rtl8139: check TCP Data Offset field (CVE-2015-5165) 2015-08-03 13:08:10 +01:00
nvram spapr: Merge sPAPREnvironment into sPAPRMachineState 2015-07-07 17:44:50 +02:00
openrisc hw/core/loader: implement address translation in uimage loader 2014-11-03 00:59:10 +03:00
pci pci_add_capability: remove duplicate comments 2015-07-20 14:19:41 +03:00
pci-bridge hw/pci-bridge: format special OFW unit address for PXB host 2015-06-23 22:58:36 +02:00
pci-host hw/pci-host/bonito: Avoid buffer overrun for bad LDMA/COP accesses 2015-08-13 16:22:53 +01:00
pcmcia hmp: Remove "info pcmcia" 2014-10-24 12:19:11 +01:00
ppc timer: rename NSEC_PER_SEC due to Mac OS X header clash 2015-07-20 17:01:00 +01:00
s390x s390/virtio-ccw: Fix migration 2015-07-14 19:10:03 +02:00
scsi virtio fixes for 2.4 2015-07-28 17:09:56 +01:00
sd hw/sd/pxa2xx_mmci: Stop using old_mmio in MemoryRegionOps 2015-06-15 18:06:09 +01:00
sh4 sh4/r2d: convert to new MMIO accessor style 2015-06-12 12:02:48 +02:00
sparc fw_cfg: fix FW_CFG_BOOT_DEVICE update on ppc and sparc 2015-06-10 08:00:37 +02:00
sparc64 fw_cfg: fix FW_CFG_BOOT_DEVICE update on ppc and sparc 2015-06-10 08:00:37 +02:00
ssi omap: Fix warnings from Sparse 2015-03-19 11:11:55 +03:00
timer timer: rename NSEC_PER_SEC due to Mac OS X header clash 2015-07-20 17:01:00 +01:00
tpm qerror: Move #include out of qerror.h 2015-06-22 18:20:40 +02:00
tricore target-tricore: check return value before using it 2014-11-02 10:04:34 +03:00
unicore32 hw/unicore32/puv3.c: Fix misusing qemu_allocate_irqs for single irq 2015-06-03 14:21:24 +03:00
usb usbnet: Drop usbnet_can_receive 2015-07-27 14:12:18 +01:00
vfio vfio/pci: Fix bootindex 2015-07-22 14:56:01 -06:00
virtio virtio: fix 1.0 virtqueue migration 2015-08-05 16:56:34 +03:00
watchdog watchdog/diag288: correctly register for system reset requests 2015-07-14 19:10:03 +02:00
xen trivial patches for 2015-06-23 2015-06-23 18:25:55 +01:00
xenpv hw: Convert from BlockDriverState to BlockBackend, mostly 2014-10-20 14:02:25 +02:00
xtensa xtensa: Remove superfluous '\n' around error_report() 2015-03-10 08:15:33 +03:00
Makefile.objs vfio: move hw/misc/vfio.c to hw/vfio/pci.c Move vfio.h into include/hw/vfio 2014-12-19 15:24:06 -07:00