rpm/qemu
SHA256
1
0
Fork 0
forked from pool/qemu
Code Pull Requests Activity
392cb30c5d
qemu/target-arm-monitor-query-cpu-model-expan.patch
Bruce Rogers 38b478cbe9 Accepting request 785936 from home:bfrogers:branches:Virtualization 
- Fix potential OOB accesses in slirp (CVE-2020-8608 bsc#1163018
  bsc#1161066 CVE-2020-7039)
  slirp-use-correct-size-while-emulating-c.patch
  slirp-use-correct-size-while-emulating-I.patch
  tcp_emu-Fix-oob-access.patch
  tcp_emu-fix-unsafe-snprintf-usages.patch
  util-add-slirp_fmt-helpers.patch
- Replace this patch with upstream version
  target-arm-monitor-query-cpu-model-expan.patch

OBS-URL: https://build.opensuse.org/request/show/785936
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=536
2020-03-17 13:47:06 +00:00

60 lines
2.4 KiB
Diff
Raw Blame History

From: Liang Yan <lyan@suse.com>
Date: Fri, 7 Feb 2020 14:04:21 +0000
Subject: target/arm/monitor: query-cpu-model-expansion crashed qemu when using
machine type none
Git-commit: 0999a4ba8718aa96105b978d3567fc7e90244c7e
References: bsc#1159443
Commit e19afd566781 mentioned that target-arm only supports queryable
cpu models 'max', 'host', and the current type when KVM is in use.
The logic works well until using machine type none.
For machine type none, cpu_type will be null if cpu option is not
set by command line, strlen(cpu_type) will terminate process.
So We add a check above it.
This won't affect i386 and s390x since they do not use current_cpu.
Signed-off-by: Liang Yan <lyan@suse.com>
Message-id: 20200203134251.12986-1-lyan@suse.com
Reviewed-by: Andrew Jones <drjones@redhat.com>
Tested-by: Andrew Jones <drjones@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
target/arm/monitor.c | 15 +++++++++------
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/target/arm/monitor.c b/target/arm/monitor.c
index fa054f8a369c8221c8746b8d8046..782085ca2120b243584f7c058ef8 100644
--- a/target/arm/monitor.c
+++ b/target/arm/monitor.c
@@ -136,17 +136,20 @@ CpuModelExpansionInfo *qmp_query_cpu_model_expansion(CpuModelExpansionType type,
}
if (kvm_enabled()) {
- const char *cpu_type = current_machine->cpu_type;
- int len = strlen(cpu_type) - strlen(ARM_CPU_TYPE_SUFFIX);
bool supported = false;
if (!strcmp(model->name, "host") || !strcmp(model->name, "max")) {
/* These are kvmarm's recommended cpu types */
supported = true;
- } else if (strlen(model->name) == len &&
- !strncmp(model->name, cpu_type, len)) {
- /* KVM is enabled and we're using this type, so it works. */
- supported = true;
+ } else if (current_machine->cpu_type) {
+ const char *cpu_type = current_machine->cpu_type;
+ int len = strlen(cpu_type) - strlen(ARM_CPU_TYPE_SUFFIX);
+
+ if (strlen(model->name) == len &&
+ !strncmp(model->name, cpu_type, len)) {
+ /* KVM is enabled and we're using this type, so it works. */
+ supported = true;
+ }
}
if (!supported) {
error_setg(errp, "We cannot guarantee the CPU type '%s' works "
View Git Blame Copy Permalink