[Qemu-commits] [qemu/qemu] 1bf8b8: qom: code hardening

qemu-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-commits] [qemu/qemu] 1bf8b8: qom: code hardening - have bound chec

From:	Peter Maydell
Subject:	[Qemu-commits] [qemu/qemu] 1bf8b8: qom: code hardening - have bound checking while lo...
Date:	Fri, 11 Dec 2020 04:37:08 -0800

  Branch: refs/heads/staging
  Home:   https://github.com/qemu/qemu
  Commit: 1bf8b88f144bee747e386c88d45d772e066bbb36
      
https://github.com/qemu/qemu/commit/1bf8b88f144bee747e386c88d45d772e066bbb36
  Author: Ani Sinha <ani@anisinha.ca>
  Date:   2020-12-10 (Thu, 10 Dec 2020)

  Changed paths:
    M qom/object.c

  Log Message:
  -----------
  qom: code hardening - have bound checking while looping with integer value

Object property insertion code iterates over an integer to get an unused
index that can be used as an unique name for an object property. This loop
increments the integer value indefinitely. Although very unlikely, this can
still cause an integer overflow.
In this change, we fix the above code by checking against INT16_MAX and making
sure that the interger index does not overflow beyond that value. If no
available index is found, the code would cause an assertion failure. This
assertion failure is necessary because the callers of the function do not check
the return value for NULL.

Signed-off-by: Ani Sinha <ani@anisinha.ca>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20200921093325.25617-1-ani@anisinha.ca>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>


  Commit: c7f7e6970d3b74c1454cafea4918187e06c473eb
      
https://github.com/qemu/qemu/commit/c7f7e6970d3b74c1454cafea4918187e06c473eb
  Author: Tobin Feldman-Fitzthum <tobin@ibm.com>
  Date:   2020-12-10 (Thu, 10 Dec 2020)

  Changed paths:
    M include/monitor/monitor.h
    M include/sysemu/sev.h
    M monitor/misc.c
    M qapi/misc-target.json
    M target/i386/monitor.c
    M target/i386/sev-stub.c
    M target/i386/sev.c
    M target/i386/trace-events

  Log Message:
  -----------
  sev: add sev-inject-launch-secret

AMD SEV allows a guest owner to inject a secret blob
into the memory of a virtual machine. The secret is
encrypted with the SEV Transport Encryption Key and
integrity is guaranteed with the Transport Integrity
Key. Although QEMU facilitates the injection of the
launch secret, it cannot access the secret.

Signed-off-by: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
Message-Id: <20201027170303.47550-1-tobin@linux.ibm.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>


  Commit: d1615ea575b08fc96aeeb2630c40c5e51364b95c
      
https://github.com/qemu/qemu/commit/d1615ea575b08fc96aeeb2630c40c5e51364b95c
  Author: Luwei Kang <luwei.kang@intel.com>
  Date:   2020-12-10 (Thu, 10 Dec 2020)

  Changed paths:
    M target/i386/cpu.c
    M target/i386/cpu.h

  Log Message:
  -----------
  i386/cpu: Make the Intel PT LIP feature configurable

The current implementation will disable the guest Intel PT feature
if the Intel PT LIP feature is supported on the host, but the LIP
feature is comming soon(e.g. SnowRidge and later).

This patch will make the guest LIP feature configurable and Intel
PT feature can be enabled in guest when the guest LIP status same
with the host.

Signed-off-by: Luwei Kang <luwei.kang@intel.com>
Message-Id: <20201202101042.11967-1-luwei.kang@intel.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>


  Commit: 33744604d768e4281d425baa3ce7128b91319503
      
https://github.com/qemu/qemu/commit/33744604d768e4281d425baa3ce7128b91319503
  Author: Peter Maydell <peter.maydell@linaro.org>
  Date:   2020-12-11 (Fri, 11 Dec 2020)

  Changed paths:
    M include/monitor/monitor.h
    M include/sysemu/sev.h
    M monitor/misc.c
    M qapi/misc-target.json
    M qom/object.c
    M target/i386/cpu.c
    M target/i386/cpu.h
    M target/i386/monitor.c
    M target/i386/sev-stub.c
    M target/i386/sev.c
    M target/i386/trace-events

  Log Message:
  -----------
  Merge remote-tracking branch 
'remotes/ehabkost/tags/machine-next-pull-request' into staging

Machine queue, 2020-12-10

Some patches that were queued after 5.2 soft freeze.

# gpg: Signature made Thu 10 Dec 2020 22:41:29 GMT
# gpg:                using RSA key 5A322FD5ABC4D3DBACCFD1AA2807936F984DC5A6
# gpg:                issuer "ehabkost@redhat.com"
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" [full]
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF  D1AA 2807 936F 984D C5A6

* remotes/ehabkost/tags/machine-next-pull-request:
  i386/cpu: Make the Intel PT LIP feature configurable
  sev: add sev-inject-launch-secret
  qom: code hardening - have bound checking while looping with integer value

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>


Compare: https://github.com/qemu/qemu/compare/2ecfc0657afa...33744604d768

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-commits] [qemu/qemu] 1bf8b8: qom: code hardening - have bound checking while lo..., Peter Maydell <=
- [Qemu-commits] [qemu/qemu] 1bf8b8: qom: code hardening - have bound checking while lo..., Peter Maydell, 2020/12/11

Prev by Date: [Qemu-commits] [qemu/qemu] 4bd802: Clean up includes
Next by Date: [Qemu-commits] [qemu/qemu] 75b208: target/i386: fix operand order for PDEP and PEXT
Previous by thread: [Qemu-commits] [qemu/qemu] 4bd802: Clean up includes
Next by thread: [Qemu-commits] [qemu/qemu] 1bf8b8: qom: code hardening - have bound checking while lo...
Index(es):
- Date
- Thread