Re: [RFC PATCH 0/9] hw/sd: Allow card size not power of 2 again

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RFC PATCH 0/9] hw/sd: Allow card size not power of 2 again

From:	Philippe Mathieu-Daudé
Subject:	Re: [RFC PATCH 0/9] hw/sd: Allow card size not power of 2 again
Date:	Thu, 24 Jun 2021 10:12:37 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0

On 6/24/21 4:50 AM, Alexander Bulekov wrote:
> On 210623 2000, Philippe Mathieu-Daudé wrote:
>> Hi Ubi-Wan Kenubi and Tom,
>>
>> In commit a9bcedd (SD card size has to be power of 2) we decided
>> to restrict SD card size to avoid security problems (CVE-2020-13253)
>> but this became not practical to some users.
>>
>> This RFC series tries to remove the limitation, keeping our
>> functional tests working. It is unfinished work because I had to
>> attend other topics, but sending it early as RFC to get feedback.
>> I'll keep working when I get more time, except if one if you can
>> help me.
>>
>> Alexander, could you generate a qtest reproducer with the fuzzer
>> corpus? See: https://bugs.launchpad.net/qemu/+bug/1878054
> 
> I think that bug was already fixed - the reproducer no logner causes a
> timeout on 6.0. Did I misunderstand something?

That bug was fixed but now I'm changing the code and would like to feel
sure I'm not re-introducing the problem, so having the reproducer in the
tree would help.

> I applied this series and ran the OSS-Fuzz corpus for the sdhci-v3
> config. The only problem it found is this assert() (that exists without the
> patch anyways):
> https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29225 

Sigh.

> Let me know if this is something you think I should report on gitlab..

Yes please :(

> I'll leave the fuzzer running for another 24h or so, but otherwise I'm
> happy to leave a Tested-by, once there is a V1 series 
> -Alex

Thanks!

Phil.

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH 5/9] tests/acceptance: Use image_expand() in test_arm_orangepi_uboot_netbsd9, (continued)
- [PATCH 5/9] tests/acceptance: Use image_expand() in test_arm_orangepi_uboot_netbsd9, Philippe Mathieu-Daudé, 2021/06/23
- [RFC PATCH 6/9] tests/acceptance: Use image_expand() in test_arm_orangepi_bionic_20_08, Philippe Mathieu-Daudé, 2021/06/23
- [RFC PATCH 7/9] tests/acceptance: Do not expand SD card image in test_arm_orangepi_sd, Philippe Mathieu-Daudé, 2021/06/23
- [PATCH 8/9] tests/acceptance: Remove now unused pow2ceil(), Philippe Mathieu-Daudé, 2021/06/23
- [RFC PATCH 9/9] hw/sd: Allow card size not power of 2 again, Philippe Mathieu-Daudé, 2021/06/23
  - Re: [RFC PATCH 9/9] hw/sd: Allow card size not power of 2 again, Daniel P . Berrangé, 2021/06/24
  - Re: [RFC PATCH 9/9] hw/sd: Allow card size not power of 2 again, Tom Yan, 2021/06/24
    - Re: [RFC PATCH 9/9] hw/sd: Allow card size not power of 2 again, Peter Maydell, 2021/06/24
    - Re: [RFC PATCH 9/9] hw/sd: Allow card size not power of 2 again, Warner Losh, 2021/06/24
- Re: [RFC PATCH 0/9] hw/sd: Allow card size not power of 2 again, Alexander Bulekov, 2021/06/23
  - Re: [RFC PATCH 0/9] hw/sd: Allow card size not power of 2 again, Philippe Mathieu-Daudé <=
    - Re: [RFC PATCH 0/9] hw/sd: Allow card size not power of 2 again, Alexander Bulekov, 2021/06/26

Prev by Date: Re: [RFC v1 1/1] ui: Add a plain Wayland backend for Qemu UI
Next by Date: Re: Difficulties to access guest memory in TCG plugins
Previous by thread: Re: [RFC PATCH 0/9] hw/sd: Allow card size not power of 2 again
Next by thread: Re: [RFC PATCH 0/9] hw/sd: Allow card size not power of 2 again
Index(es):
- Date
- Thread