xemu/hw/rdma
Yuval Shaia a2efa1fac4 hw/pvrdma: Protect against buggy or malicious guest driver
Guest driver might execute HW commands when shared buffers are not yet
allocated.
This could happen on purpose (malicious guest) or because of some other
guest/host address mapping error.
We need to protect againts such case.

Fixes: CVE-2022-1050

Reported-by: Raven <wxhusst@gmail.com>
Signed-off-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
Message-Id: <20220403095234.2210-1-yuval.shaia.ml@gmail.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
(cherry picked from commit 31c4b6fb0293e359f9ef8a61892667e76eea4c99)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2023-03-30 12:19:04 +03:00
..
vmw hw/pvrdma: Protect against buggy or malicious guest driver 2023-03-30 12:19:04 +03:00
Kconfig kconfig: add dependencies on CONFIG_MSI_NONBROKEN 2019-03-18 09:39:57 +01:00
meson.build meson: convert hw/rdma 2020-08-21 06:30:29 -04:00
rdma_backend_defs.h hw/rdma: Replace QList by GQueue 2020-12-19 10:38:43 +01:00
rdma_backend.c hw/rdma: Replace QList by GQueue 2020-12-19 10:38:43 +01:00
rdma_backend.h hw/rdma: Skip data-path mr_id translation 2020-03-21 19:16:38 +02:00
rdma_rm_defs.h hw/rdma: Modify create/destroy QP to support SRQ 2019-05-04 15:55:56 +03:00
rdma_rm.c qapi: introduce x-query-rdma QMP command 2021-11-02 15:55:14 +00:00
rdma_rm.h qapi: introduce x-query-rdma QMP command 2021-11-02 15:55:14 +00:00
rdma_utils.c hw/dma: Use dma_addr_t type definition when relevant 2022-01-18 12:56:29 +01:00
rdma_utils.h hw/rdma/rdma_utils: Rename rdma_pci_dma_map 'len' argument 2022-01-18 12:56:07 +01:00
rdma.c {hmp, hw/pvrdma}: Expose device internals via monitor interface 2019-03-16 15:52:44 +02:00
trace-events hw/dma: Fix format string issues using dma_addr_t 2022-01-18 12:56:29 +01:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00