[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH-for-5.0 1/2] hw/display/sm501: Avoid heap overflow in sm501_2

From: Philippe Mathieu-Daudé
Subject: Re: [PATCH-for-5.0 1/2] hw/display/sm501: Avoid heap overflow in sm501_2d_operation()
Date: Sun, 12 Apr 2020 23:02:15 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.5.0

On 4/12/20 10:57 PM, Peter Maydell wrote:
> On Sun, 12 Apr 2020 at 21:53, Philippe Mathieu-Daudé <address@hidden> wrote:
>> "VMs using KVM" as security boundary is very clear, thanks.
>> Note 1: This this doesn't appear on the QEMU security process
>> description: https://www.qemu.org/contribute/security-process/
> It's part of the list of how to decide whether an issue is
> security sensitive:
>  "Is QEMU used in conjunction with a hypervisor (as opposed
>   to TCG binary translation)?"

Indeed I missed this. This bug correctly matches the example described:

  "The ‘generic-sdhci’ interface, instead, had only one user
  in ‘Xilinx Zynq Baseboard emulation’ (hw/arm/xilinx_zynq.c).
  Xilinx Zynq is a programmable systems on chip (SoC) device.
  While QEMU does emulate this device, in practice it is used
  to facilitate cross-platform developmental efforts, i.e. QEMU
  is used to write programs for the SoC device. In such developer
  environments, it is generally assumed that the guest is trusted."

> We also document it in the user manuals now (a relatively
> recent improvement):
> https://www.qemu.org/docs/master/system/security.html#non-virtualization-use-case
>> Note 2: If a reported bug is not in security boundary, it should be
>> reported as a bug to mainstream QEMU, to give the community a chance to
>> fix it.
> Yes; bugs are still bugs.
> thanks
> -- PMM

reply via email to

[Prev in Thread] Current Thread [Next in Thread]