qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PATCH 0/11] Xen PCI Passthrough security fixes

From: Stefano Stabellini
Subject: [Qemu-devel] [PATCH 0/11] Xen PCI Passthrough security fixes
Date: Tue, 2 Jun 2015 16:08:26 +0100
User-agent: Alpine 2.02 (DEB 1266 2009-07-14) 
Hi all,

the following is a collection of QEMU security fixes for PCI Passthrough
on Xen. Non-Xen usages of QEMU are unaffected.

Although the CVEs have already been made public, given the large amount
of changes, I decided not to send a pull request without giving a chance
to the QEMU community to comment on the patches first.

Each patch has a detail description of what is trying to fix. You can
also cross-reference the CVE numbers.



Jan Beulich (11):
      xen: properly gate host writes of modified PCI CFG contents
      xen: don't allow guest to control MSI mask register
      xen/MSI-X: limit error messages
      xen/MSI: don't open-code pass-through of enable bit modifications
      xen/pt: consolidate PM capability emu_mask
      xen/pt: correctly handle PM status bit
      xen/pt: split out calculation of throughable mask in PCI config space 
handling
      xen/pt: mark all PCIe capability bits read-only
      xen/pt: mark reserved bits in PCI config space fields
      xen/pt: add a few PCI config space field descriptions
      xen/pt: unknown PCI config space fields should be read-only

 hw/pci/msi.c                |    4 -
 hw/xen/xen_pt.c             |   51 +++++++++-
 hw/xen/xen_pt.h             |    7 +-
 hw/xen/xen_pt_config_init.c |  235 ++++++++++++++++++++++++++++---------------
 hw/xen/xen_pt_msi.c         |   12 ++-
 include/hw/pci/pci_regs.h   |    2 +
 6 files changed, 217 insertions(+), 94 deletions(-)


Cheers,

Stefano
reply via email to
[Prev in Thread] Current Thread [Next in Thread]