[Qemu-devel] [PATCH] contrib/elf2dmp: add kernel start address checking

Viktor Prutyanov posted 1 patch 5 years, 1 month ago
Test docker-clang@ubuntu failed
Test asan failed
Test docker-mingw@fedora passed
Test checkpatch passed
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20190219211936.6466-1-viktor.prutyanov@phystech.edu
Maintainers: Viktor Prutyanov <viktor.prutyanov@phystech.edu>
contrib/elf2dmp/main.c | 6 ++++++
1 file changed, 6 insertions(+)
[Qemu-devel] [PATCH] contrib/elf2dmp: add kernel start address checking
Posted by Viktor Prutyanov 5 years, 1 month ago
Before this patch, if elf2dmp failed to find NT kernel PE magic in
allowed virtual address range, then it assumes NULL as NT kernel
address and cause segfault.

This patch fix the problem described above by checking NT kernel address
before futher processing.

Signed-off-by: Viktor Prutyanov <viktor.prutyanov@phystech.edu>
---
 contrib/elf2dmp/main.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/contrib/elf2dmp/main.c b/contrib/elf2dmp/main.c
index 1a45eaf565..1bfeb89ba7 100644
--- a/contrib/elf2dmp/main.c
+++ b/contrib/elf2dmp/main.c
@@ -524,6 +524,12 @@ int main(int argc, char *argv[])
         }
     }
 
+    if (!nt_start_addr) {
+        eprintf("Failed to find NT kernel image\n");
+        err = 1;
+        goto out_ps;
+    }
+
     printf("KernBase = 0x%016"PRIx64", signature is \'%.2s\'\n", KernBase,
             (char *)nt_start_addr);
 
-- 
2.17.2


Re: [Qemu-devel] [PATCH] contrib/elf2dmp: add kernel start address checking
Posted by Paolo Bonzini 5 years, 1 month ago
On 19/02/19 22:19, Viktor Prutyanov wrote:
> Before this patch, if elf2dmp failed to find NT kernel PE magic in
> allowed virtual address range, then it assumes NULL as NT kernel
> address and cause segfault.
> 
> This patch fix the problem described above by checking NT kernel address
> before futher processing.
> 
> Signed-off-by: Viktor Prutyanov <viktor.prutyanov@phystech.edu>
> ---
>  contrib/elf2dmp/main.c | 6 ++++++
>  1 file changed, 6 insertions(+)
> 
> diff --git a/contrib/elf2dmp/main.c b/contrib/elf2dmp/main.c
> index 1a45eaf565..1bfeb89ba7 100644
> --- a/contrib/elf2dmp/main.c
> +++ b/contrib/elf2dmp/main.c
> @@ -524,6 +524,12 @@ int main(int argc, char *argv[])
>          }
>      }
>  
> +    if (!nt_start_addr) {
> +        eprintf("Failed to find NT kernel image\n");
> +        err = 1;
> +        goto out_ps;
> +    }
> +
>      printf("KernBase = 0x%016"PRIx64", signature is \'%.2s\'\n", KernBase,
>              (char *)nt_start_addr);
>  
> 

Queued, thanks.

Paolo

Re: [Qemu-devel] [PATCH] contrib/elf2dmp: add kernel start address checking
Posted by Peter Maydell 5 years ago
On Wed, 20 Feb 2019 at 11:30, Paolo Bonzini <pbonzini@redhat.com> wrote:
>
> On 19/02/19 22:19, Viktor Prutyanov wrote:
> > Before this patch, if elf2dmp failed to find NT kernel PE magic in
> > allowed virtual address range, then it assumes NULL as NT kernel
> > address and cause segfault.
> >
> > This patch fix the problem described above by checking NT kernel address
> > before futher processing.
> >
> > Signed-off-by: Viktor Prutyanov <viktor.prutyanov@phystech.edu>
> > ---
> >  contrib/elf2dmp/main.c | 6 ++++++
> >  1 file changed, 6 insertions(+)
> >
> > diff --git a/contrib/elf2dmp/main.c b/contrib/elf2dmp/main.c
> > index 1a45eaf565..1bfeb89ba7 100644
> > --- a/contrib/elf2dmp/main.c
> > +++ b/contrib/elf2dmp/main.c
> > @@ -524,6 +524,12 @@ int main(int argc, char *argv[])
> >          }
> >      }
> >
> > +    if (!nt_start_addr) {
> > +        eprintf("Failed to find NT kernel image\n");
> > +        err = 1;
> > +        goto out_ps;
> > +    }
> > +
> >      printf("KernBase = 0x%016"PRIx64", signature is \'%.2s\'\n", KernBase,
> >              (char *)nt_start_addr);
> >
> >
>
> Queued, thanks.

Hi Paolo -- I noticed this fix wasn't in master yet -- is it in
a tree you're planning on sending a pullreq for soon?

thanks
-- PMM

Re: [Qemu-devel] [PATCH] contrib/elf2dmp: add kernel start address checking
Posted by Paolo Bonzini 5 years ago
On 08/03/19 18:55, Peter Maydell wrote:
> On Wed, 20 Feb 2019 at 11:30, Paolo Bonzini <pbonzini@redhat.com> wrote:
>>
>> On 19/02/19 22:19, Viktor Prutyanov wrote:
>>> Before this patch, if elf2dmp failed to find NT kernel PE magic in
>>> allowed virtual address range, then it assumes NULL as NT kernel
>>> address and cause segfault.
>>>
>>> This patch fix the problem described above by checking NT kernel address
>>> before futher processing.
>>>
>>> Signed-off-by: Viktor Prutyanov <viktor.prutyanov@phystech.edu>
>>> ---
>>>  contrib/elf2dmp/main.c | 6 ++++++
>>>  1 file changed, 6 insertions(+)
>>>
>>> diff --git a/contrib/elf2dmp/main.c b/contrib/elf2dmp/main.c
>>> index 1a45eaf565..1bfeb89ba7 100644
>>> --- a/contrib/elf2dmp/main.c
>>> +++ b/contrib/elf2dmp/main.c
>>> @@ -524,6 +524,12 @@ int main(int argc, char *argv[])
>>>          }
>>>      }
>>>
>>> +    if (!nt_start_addr) {
>>> +        eprintf("Failed to find NT kernel image\n");
>>> +        err = 1;
>>> +        goto out_ps;
>>> +    }
>>> +
>>>      printf("KernBase = 0x%016"PRIx64", signature is \'%.2s\'\n", KernBase,
>>>              (char *)nt_start_addr);
>>>
>>>
>>
>> Queued, thanks.
> 
> Hi Paolo -- I noticed this fix wasn't in master yet -- is it in
> a tree you're planning on sending a pullreq for soon?

Yep, I just wanted to flush kconfig and qgraph before everybody starts
sending pull requests for soft freeze.

Paolo