[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 080832: ebpf: only include in system emulator
From: |
Peter Maydell |
Subject: |
[Qemu-commits] [qemu/qemu] 080832: ebpf: only include in system emulators |
Date: |
Mon, 20 Sep 2021 08:23:02 -0700 |
Branch: refs/heads/staging
Home: https://github.com/qemu/qemu
Commit: 080832e4f4801a28bd1170c49e61f6a0f5f05d03
https://github.com/qemu/qemu/commit/080832e4f4801a28bd1170c49e61f6a0f5f05d03
Author: Paolo Bonzini <pbonzini@redhat.com>
Date: 2021-09-17 (Fri, 17 Sep 2021)
Changed paths:
M ebpf/meson.build
Log Message:
-----------
ebpf: only include in system emulators
eBPF files are being included in user emulators, which is useless and
also breaks compilation because ebpf/trace-events is only processed
if a system emulator is included in the build.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/566
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Commit: bedd7e93d01961fcb16a97ae45d93acf357e11f6
https://github.com/qemu/qemu/commit/bedd7e93d01961fcb16a97ae45d93acf357e11f6
Author: Jason Wang <jasowang@redhat.com>
Date: 2021-09-17 (Fri, 17 Sep 2021)
Changed paths:
M hw/net/virtio-net.c
Log Message:
-----------
virtio-net: fix use after unmap/free for sg
When mergeable buffer is enabled, we try to set the num_buffers after
the virtqueue elem has been unmapped. This will lead several issues,
E.g a use after free when the descriptor has an address which belongs
to the non direct access region. In this case we use bounce buffer
that is allocated during address_space_map() and freed during
address_space_unmap().
Fixing this by storing the elems temporarily in an array and delay the
unmap after we set the the num_buffers.
This addresses CVE-2021-3748.
Reported-by: Alexander Bulekov <alxndr@bu.edu>
Fixes: fbe78f4f55c6 ("virtio-net support")
Cc: qemu-stable@nongnu.org
Signed-off-by: Jason Wang <jasowang@redhat.com>
Commit: 326ff8dd09556fc2e257196c49f35009700794ac
https://github.com/qemu/qemu/commit/326ff8dd09556fc2e257196c49f35009700794ac
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2021-09-20 (Mon, 20 Sep 2021)
Changed paths:
M ebpf/meson.build
M hw/net/virtio-net.c
Log Message:
-----------
Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into
staging
# gpg: Signature made Fri 17 Sep 2021 09:17:32 BST
# gpg: using RSA key EF04965B398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat)
<jasowang@redhat.com>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211
* remotes/jasowang/tags/net-pull-request:
virtio-net: fix use after unmap/free for sg
ebpf: only include in system emulators
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Compare: https://github.com/qemu/qemu/compare/c3f76fbca607...326ff8dd0955
- [Qemu-commits] [qemu/qemu] 080832: ebpf: only include in system emulators,
Peter Maydell <=