haraldwolff/qemu-patch-raspberry4
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
qemu-patch-raspberry4/hw
History
Jason Wang e0e2d64409 virtio: destroy region cache during reset 
We don't destroy region cache during reset which can make the maps
of previous driver leaked to a buggy or malicious driver that don't
set vring address before starting to use the device. Fix this by
destroy the region cache during reset and validate it before trying to
see them.

Cc: Cornelia Huck <cornelia.huck@de.ibm.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-03-15 19:37:19 +02:00
..
9pfs 9pfs: fix vulnerability in openat_dir() and local_unlinkat_common() 2017-03-06 17:34:01 +01:00
acpi Bugfix: Handle error if VM Generation ID device not present 2017-03-15 19:37:19 +02:00
adc STM32F2xx: Add the ADC device 2016-10-04 13:28:07 +01:00
alpha hw: Default -drive to if=ide explicitly where it works 2017-02-21 13:10:53 +01:00
arm bcm2835: add sdhost and gpio controllers 2017-02-28 17:10:00 +00:00
audio es1370: wire up reset via DeviceClass 2017-01-11 09:19:03 +01:00
block hw/block: Introduce share-rw qdev property 2017-02-28 20:40:36 +01:00
bt chardev: qom-ify 2017-01-27 18:08:00 +01:00
char hw/char/mcf_uart: QOMify the ColdFire UART 2017-02-16 14:06:56 +01:00
core qemu-timer: do not include sysemu/cpus.h from util/qemu-timer.h 2017-03-14 13:28:18 +01:00
cpu Introduce DEVICE_CATEGORY_CPU for CPU devices 2017-01-27 18:07:31 +01:00
cris cris: Fix broken header guard in hw/cris/boot.h 2016-07-12 16:20:46 +02:00
display qxl: clear guest_cursor on QXL_CURSOR_HIDE 2017-03-09 09:47:26 +01:00
dma migration: consolidate VMStateField.start 2017-02-13 17:27:13 +00:00
gpio bcm2835_gpio: add bcm2835 gpio controller 2017-02-28 17:10:00 +00:00
i2c arm: Uniquely name imx25 I2C buses. 2017-01-20 11:15:06 +00:00
i386 kvmclock: Don't crash QEMU if KVM is disabled 2017-03-14 13:26:36 +01:00
ide hw/block: Request permissions 2017-02-28 20:40:36 +01:00
input -----BEGIN PGP SIGNATURE----- 2017-02-02 16:08:28 +00:00
intc hw/intc/arm_gic: modernise the DPRINTF 2017-03-09 10:41:49 +00:00
ipack ipack: Update e-mail address 2016-05-18 15:04:27 +03:00
ipmi migration: consolidate VMStateField.start 2017-02-13 17:27:13 +00:00
isa Allow ISA bus to be configured out 2017-02-06 12:33:21 +11:00
lm32 char: rename CharDriverState Chardev 2017-01-27 18:07:59 +01:00
m68k hw/m68k: QOMify the ColdFire interrupt controller 2017-02-18 22:23:31 +01:00
mem pc: memhp: enable nvdimm device hotplug 2016-11-01 19:21:09 +02:00
microblaze clean-up: removed duplicate #includes 2016-10-28 18:17:24 +03:00
mips hw/mips: MIPS Boston board support 2017-02-24 10:37:21 +00:00
misc hw/misc/imx6_src: Don't crash trying to reset missing CPUs 2017-03-14 16:13:22 +00:00
moxie hw: explicitly include qemu-common.h and cpu.h 2016-03-22 22:20:17 +01:00
net hw/net: implement MIB counters in mcf_fec driver 2017-03-14 15:39:55 +08:00
nios2 nios2: Add Altera 10M50 GHRD emulation 2017-01-24 13:10:35 -08:00
nvram hw/block: Request permissions 2017-02-28 20:40:36 +01:00
openrisc target/openrisc: Rename the cpu from or32 to or1k 2017-02-14 08:14:58 +11:00
pci spapr/pci: populate PCI DT in reverse order 2017-03-01 11:23:39 +11:00
pci-bridge ppc patch queue 2017-02-02 2017-02-02 18:48:06 +00:00
pci-host ppc patch queue for 2017-02-22 2017-02-24 10:13:57 +00:00
pcmcia hw: Clean up includes 2016-01-29 15:07:25 +00:00
ppc qemu-timer: do not include sysemu/cpus.h from util/qemu-timer.h 2017-03-14 13:28:18 +01:00
s390x s390x/ipl: Load network boot image 2017-02-28 12:04:48 +01:00
scsi scsi: mptsas: fix the wrong reading size in fetch request 2017-03-14 13:26:37 +01:00
sd Block layer patches 2017-03-01 23:09:46 +00:00
sh4 hw: Default -drive to if=ide explicitly where it works 2017-02-21 13:10:53 +01:00
smbios stubs: move smbios stubs to hw/smbios 2017-01-16 17:52:35 +01:00
sparc sparc/sparc64: grab BQL before calling cpu_check_irqs 2017-03-09 10:41:38 +00:00
sparc64 sparc/sparc64: grab BQL before calling cpu_check_irqs 2017-03-09 10:41:38 +00:00
ssi aspeed/smc: use a modulo to check segment limits 2017-02-10 17:40:30 +00:00
timer armv7m: Split systick out from NVIC 2017-02-28 16:18:49 +00:00
tpm clean-up: removed duplicate #includes 2016-10-28 18:17:24 +03:00
tricore tricore: remove useless cast 2016-09-15 15:32:22 +03:00
unicore32 clean-up: removed duplicate #includes 2016-10-28 18:17:24 +03:00
usb ohci: relax link check 2017-03-09 09:46:13 +01:00
vfio vfio/pci-quirks.c: Disable stolen memory for igd VFIO 2017-02-22 13:19:59 -07:00
virtio virtio: destroy region cache during reset 2017-03-15 19:37:19 +02:00
watchdog wdt: Add Aspeed watchdog device model 2017-02-07 18:29:59 +00:00
xen Xen 2017/02/02 2017-02-03 12:31:40 +00:00
xenpv xenpv: Fix qemu_uuid compiling error 2016-09-29 11:43:17 +08:00
xtensa target/xtensa: sim: instantiate local memories 2017-02-23 10:30:41 -08:00
Makefile.objs acpi: filter based on CONFIG_ACPI_X86 rather than TARGET 2017-01-16 17:52:35 +01:00