[PULL 00/15] Improve --without-default-devices testing, fix CVE-2023-0330

Thomas Huth posted 15 patches 10 months, 4 weeks ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20230526090840.2225958-1-thuth@redhat.com
Maintainers: Richard Henderson <richard.henderson@linaro.org>, Radoslaw Biernacki <rad@semihalf.com>, Peter Maydell <peter.maydell@linaro.org>, Leif Lindholm <quic_llindhol@quicinc.com>, Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>, Eduardo Habkost <eduardo@habkost.net>, Marcel Apfelbaum <marcel.apfelbaum@gmail.com>, "Philippe Mathieu-Daudé" <philmd@linaro.org>, Yanan Wang <wangyanan55@huawei.com>, Helge Deller <deller@gmx.de>, Xiaojuan Yang <yangxiaojuan@loongson.cn>, Song Gao <gaosong@loongson.cn>, Huacai Chen <chenhuacai@kernel.org>, Jiaxun Yang <jiaxun.yang@flygoat.com>, Paolo Bonzini <pbonzini@redhat.com>, Fam Zheng <fam@euphon.net>, Max Filippov <jcmvbkbc@gmail.com>, Gerd Hoffmann <kraxel@redhat.com>, Thomas Huth <thuth@redhat.com>, Laurent Vivier <lvivier@redhat.com>, "Michael S. Tsirkin" <mst@redhat.com>, Igor Mammedov <imammedo@redhat.com>, Ani Sinha <anisinha@redhat.com>, John Snow <jsnow@redhat.com>, Alexander Bulekov <alxndr@bu.edu>, Bandan Das <bsd@redhat.com>, Stefan Hajnoczi <stefanha@redhat.com>, Darren Kenny <darren.kenny@oracle.com>, Qiuhao Li <Qiuhao.Li@outlook.com>
hw/alpha/dp264.c                   |  4 +++-
hw/arm/sbsa-ref.c                  |  4 +++-
hw/arm/virt.c                      |  4 +++-
hw/core/machine.c                  |  8 ++++++++
hw/hppa/machine.c                  |  4 +++-
hw/loongarch/virt.c                |  4 +++-
hw/mips/loongson3_virt.c           |  4 +++-
hw/scsi/lsi53c895a.c               | 24 +++++++++++++++++------
hw/xtensa/virt.c                   |  9 ++++++---
tests/qtest/ac97-test.c            | 40 +++++++++++++++++++++++++++++++++++++-
tests/qtest/bios-tables-test.c     |  2 +-
tests/qtest/cdrom-test.c           |  6 +++++-
tests/qtest/fuzz-lsi53c895a-test.c | 33 +++++++++++++++++++++++++++++++
tests/qtest/rtl8139-test.c         |  4 ++++
tests/qtest/usb-hcd-ehci-test.c    |  5 +++++
tests/qtest/usb-hcd-uhci-test.c    |  4 +++-
16 files changed, 140 insertions(+), 19 deletions(-)
[PULL 00/15] Improve --without-default-devices testing, fix CVE-2023-0330
Posted by Thomas Huth 10 months, 4 weeks ago
The following changes since commit a3cb6d5004ff638aefe686ecd540718a793bd1b1:

  Merge tag 'pull-tcg-20230525' of https://gitlab.com/rth7680/qemu into staging (2023-05-25 11:11:52 -0700)

are available in the Git repository at:

  https://gitlab.com/thuth/qemu.git tags/pull-request-2023-05-26

for you to fetch changes up to b987718bbb1d0eabf95499b976212dd5f0120d75:

  hw/scsi/lsi53c895a: Fix reentrancy issues in the LSI controller (CVE-2023-0330) (2023-05-26 09:37:04 +0200)

----------------------------------------------------------------
* Use MachineClass->default_nic in more machines to allow running them
  without "--nodefaults" in builds that used "--without-default-devices"
* Improve qtests for such builds
* Add up-/downsampling qtest
* Avoid crash if default RAM backend name has been stolen
* Fix reentrant DMA problem in the lsi53c895a device (CVE-2023-0330)

----------------------------------------------------------------
Igor Mammedov (1):
      machine: do not crash if default RAM backend name has been stolen

Philippe Mathieu-Daudé (1):
      hw/mips: Use MachineClass->default_nic in the virt machine

Thomas Huth (12):
      hw/hppa: Use MachineClass->default_nic in the hppa machine
      hw/alpha: Use MachineClass->default_nic in the alpha machine
      hw/arm: Use MachineClass->default_nic in the virt machine
      hw/loongarch64: Use MachineClass->default_nic in the virt machine
      hw/xtensa: Use MachineClass->default_nic in the virt machine
      hw/arm: Use MachineClass->default_nic in the sbsa-ref machine
      tests/qtest/usb-hcd-uhci-test: Check whether "usb-storage" is available
      tests/qtest: Check for virtio-blk before using -cdrom with the arm virt machine
      tests/qtest/rtl8139-test: Check whether the rtl8139 device is available
      tests/qtest/usb-hcd-ehci-test: Check for EHCI and UHCI HCDs before using them
      lsi53c895a: disable reentrancy detection for MMIO region, too
      hw/scsi/lsi53c895a: Fix reentrancy issues in the LSI controller (CVE-2023-0330)

Volker Rümelin (1):
      tests/qtest/ac97-test: add up-/downsampling tests

 hw/alpha/dp264.c                   |  4 +++-
 hw/arm/sbsa-ref.c                  |  4 +++-
 hw/arm/virt.c                      |  4 +++-
 hw/core/machine.c                  |  8 ++++++++
 hw/hppa/machine.c                  |  4 +++-
 hw/loongarch/virt.c                |  4 +++-
 hw/mips/loongson3_virt.c           |  4 +++-
 hw/scsi/lsi53c895a.c               | 24 +++++++++++++++++------
 hw/xtensa/virt.c                   |  9 ++++++---
 tests/qtest/ac97-test.c            | 40 +++++++++++++++++++++++++++++++++++++-
 tests/qtest/bios-tables-test.c     |  2 +-
 tests/qtest/cdrom-test.c           |  6 +++++-
 tests/qtest/fuzz-lsi53c895a-test.c | 33 +++++++++++++++++++++++++++++++
 tests/qtest/rtl8139-test.c         |  4 ++++
 tests/qtest/usb-hcd-ehci-test.c    |  5 +++++
 tests/qtest/usb-hcd-uhci-test.c    |  4 +++-
 16 files changed, 140 insertions(+), 19 deletions(-)


Re: [PULL 00/15] Improve --without-default-devices testing, fix CVE-2023-0330
Posted by Richard Henderson 10 months, 4 weeks ago
On 5/26/23 02:08, Thomas Huth wrote:
> The following changes since commit a3cb6d5004ff638aefe686ecd540718a793bd1b1:
> 
>    Merge tag 'pull-tcg-20230525' ofhttps://gitlab.com/rth7680/qemu  into staging (2023-05-25 11:11:52 -0700)
> 
> are available in the Git repository at:
> 
>    https://gitlab.com/thuth/qemu.git  tags/pull-request-2023-05-26
> 
> for you to fetch changes up to b987718bbb1d0eabf95499b976212dd5f0120d75:
> 
>    hw/scsi/lsi53c895a: Fix reentrancy issues in the LSI controller (CVE-2023-0330) (2023-05-26 09:37:04 +0200)
> 
> ----------------------------------------------------------------
> * Use MachineClass->default_nic in more machines to allow running them
>    without "--nodefaults" in builds that used "--without-default-devices"
> * Improve qtests for such builds
> * Add up-/downsampling qtest
> * Avoid crash if default RAM backend name has been stolen
> * Fix reentrant DMA problem in the lsi53c895a device (CVE-2023-0330)

Applied, thanks.  Please update https://wiki.qemu.org/ChangeLog/8.1 as appropriate.


r~