On Mon, 4 Jul 2016 09:14:43 +0200
Igor Mammedov <imamm...@redhat.com> wrote:
> On Sat, 02 Jul 2016 00:41:40 +0200
> Greg Kurz <gr...@kaod.org> wrote:
>
> > The machine code currently uses the same cpu_ppc_init() function to
> > create cpus as the user mode. Th
On Mon, 4 Jul 2016 08:32:04 +0200
Greg Kurz <gr...@kaod.org> wrote:
> On Mon, 4 Jul 2016 13:54:55 +1000
> David Gibson <da...@gibson.dropbear.id.au> wrote:
>
> > On Sat, Jul 02, 2016 at 10:33:33AM +0200, Greg Kurz wrote:
> > > On Sat, 2 Jul 2016 13:3
On Mon, 4 Jul 2016 13:54:55 +1000
David Gibson <da...@gibson.dropbear.id.au> wrote:
> On Sat, Jul 02, 2016 at 10:33:33AM +0200, Greg Kurz wrote:
> > On Sat, 2 Jul 2016 13:36:22 +0530
> > Bharata B Rao <bhar...@linux.vnet.ibm.com> wrote:
> >
> > > On S
always
realized in the correct order.
Future TODO: CPU DT nodes are per-core properties and we should
ideally base the creation of CPU DT nodes on core objects rather than
the thread objects.
Signed-off-by: Bharata B Rao <bhar...@linux.vnet.ibm.com>
Reviewed-by: Greg Kurz <gr...@kaod.org>
S
in the array.
The only exception is pseries-2.7 which supports hotplug of cpu
cores and already open codes the cpu creation. Its case will be
covered in follow-up patch.
Suggested-by: Igor Mammedov <imamm...@redhat.com>
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/ppc/e500.c
logic (it is required by the future powernv machine type for
example).
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/ppc/ppc.c| 28 +++-
target-ppc/translate_init.c | 30 --
2 files changed, 27 insertions(+), 31 del
If we want to generate cpu_dt_id in the machine code, this must occur
before the cpu gets realized. We must open code the cpu creation to be
able to do this.
This patch just does that. It borrows some lines from previous work
from Bharata to handle the feature parsing.
Signed-off-by: Greg Kurz
On Tue, 7 Feb 2017 00:15:33 +0100
Greg Kurz <gr...@kaod.org> wrote:
> On Mon, 6 Feb 2017 13:36:43 -0600
> Eric Blake <ebl...@redhat.com> wrote:
>
> > On 02/03/2017 05:57 AM, Pradeep Jagadeesh wrote:
> > > This patchset adds the throttle support fo
ndré Lureau <marcandre.lur...@redhat.com>
> ---
Reviewed-by: Greg Kurz <gr...@kaod.org>
> tests/test-io-channel-command.c | 6 ++
> 1 file changed, 2 insertions(+), 4 deletions(-)
>
> diff --git a/tests/test-io-channel-command.c b/tests/test-io-channel-command.c
> index
Cc'ing Stefan who reviewed patch 2/2.
On Tue, 7 Feb 2017 09:56:08 -0600
Eric Blake <ebl...@redhat.com> wrote:
> On 02/07/2017 04:32 AM, Greg Kurz wrote:
> >>
> >> I'm not aware of anything related to fsdev in QMP... and libvirt seems to
> >> only pars
On Tue, 7 Feb 2017 17:52:03 +0400
Marc-André Lureau <marcandre.lur...@redhat.com> wrote:
> Spotted by ASAN.
>
> Cc: Paolo Bonzini <pbonz...@redhat.com>
> Signed-off-by: Marc-André Lureau <marcandre.lur...@redhat.com>
> ---
Reviewed-by: Greg Kurz <gr...@ka
; Signed-off-by: Marc-André Lureau <marcandre.lur...@redhat.com>
> ---
Reviewed-by: Greg Kurz <gr...@kaod.org>
> include/qemu/timer.h | 5 -
> qemu-timer.c | 5 -
> 2 files changed, 4 insertions(+), 6 deletions(-)
>
> diff --git a/include/qemu/time
On Tue, 7 Feb 2017 17:52:04 +0400
Marc-André Lureau <marcandre.lur...@redhat.com> wrote:
> Spotted by ASAN.
>
> Cc: "Aneesh Kumar K.V" <aneesh.ku...@linux.vnet.ibm.com>
> Cc: Greg Kurz <gr...@kaod.org>
> Signed-off-by: Marc-André Lureau <marcandre.
On Fri, 3 Feb 2017 06:57:23 -0500
Pradeep Jagadeesh wrote:
> This patch removes the redundant throttle code that was present in
> block and fsdev device files. Now the common code is moved
> to a single file.
>
> Signed-off-by: Pradeep Jagadeesh
checking the return value of proxy_unmarshal().
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-proxy.c | 22 +++---
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/hw/9pfs/9p-proxy.c b/hw/9pfs/9p-proxy.c
index f4aa7a9d70f8..4ad42a1ad158 100644
--
On Mon, 6 Feb 2017 13:36:43 -0600
Eric Blake wrote:
> On 02/03/2017 05:57 AM, Pradeep Jagadeesh wrote:
> > This patchset adds the throttle support for the 9p-local driver.
> > For now this functionality can be enabled only through qemu cli options.
> > QMP interface and
On Mon, 6 Feb 2017 14:07:24 -0700
Rebecca Cran wrote:
> Building commit 7d2c6c95511e42dffe2b263275e09957723d0ff4 is causing
> pollution of the parent directory: e.g. ~/workspace/qemu/.. contains the
> following extra directories:
>
> audio backends block chardev crypto
On Fri, 3 Feb 2017 10:41:33 +0100
Pradeep Jagadeesh wrote:
> On 2/1/2017 3:44 PM, Alberto Garcia wrote:
> > On Tue 24 Jan 2017 10:24:06 AM CET, Pradeep Jagadeesh
> > wrote:
> >
> >> Pradeep Jagadeesh (2):
> >> fsdev: add IO throttle
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c |3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index 845675e7a1bb..7de07e1ba67f 100644
--- a/hw/9pfs/9p-local.c
+++ b/hw/9pfs/9p-local.c
@@ -436,8 +436,7 @@
On Mon, 23 Jan 2017 04:19:55 -0500
Pradeep Jagadeesh wrote:
> This will allow other subsystems (i.e. fsdev) to implement throttling
> without duplicating the command line options.
>
> Signed-off-by: Pradeep Jagadeesh
> ---
This patch
ottle_configure_iolimits function
> -Checking throttle structure validity before initializing other structures
> in fsdev_throttle_configure_iolimits
>
> -Addressed following comments by Greg Kurz
> -Moved the code from 9pfs directory to fsdev directory, because the
> throttling
>
On Mon, 23 Jan 2017 10:38:21 +0100
Pradeep Kiruvale <pradeepkiruv...@gmail.com> wrote:
> On 23 January 2017 at 10:32, Greg Kurz <gr...@kaod.org> wrote:
>
> > On Thu, 12 Jan 2017 11:57:25 -0500
> > Pradeep Jagadeesh <pradeepkiruv...@gmail.com> wrote:
> &
the whole of it. Moreover, this is consistent with the other
places where v9fs_init_qiov_from_pdu() is called.
This fixes commit "bcb8998fac16 9pfs: call v9fs_init_qiov_from_pdu
before v9fs_pack".
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p.c |4 ++--
1 file chang
On Mon, 23 Jan 2017 10:58:19 +0100
Pradeep Jagadeesh <pradeep.jagade...@huawei.com> wrote:
> On 1/23/2017 10:47 AM, Greg Kurz wrote:
> > On Mon, 23 Jan 2017 04:19:55 -0500
> > Pradeep Jagadeesh <pradeepkiruv...@gmail.com> wrote:
> >
> >> Th
On Mon, 23 Jan 2017 08:03:18 -0800 (PST)
no-re...@patchew.org wrote:
> Hi,
>
> Your series seems to have some coding style problems. See output below for
> more information:
>
Pradeep,
One should usually take patchew's findings into account. See below.
> Type: series
> Subject: [Qemu-devel]
On Mon, 23 Jan 2017 17:30:13 +0100
Pradeep Jagadeesh <pradeep.jagade...@huawei.com> wrote:
> On 1/23/2017 5:22 PM, Greg Kurz wrote:
> > On Mon, 23 Jan 2017 08:03:18 -0800 (PST)
> > no-re...@patchew.org wrote:
> >> Hi,
> >>
> >> Your series seem
On Mon, 23 Jan 2017 14:02:33 +
Pradeep Jagadeesh <pradeep.jagade...@huawei.com> wrote:
> -Original Message-
> From: Greg Kurz [mailto:gr...@kaod.org]
> Sent: Monday, January 23, 2017 11:28 AM
> To: Pradeep Jagadeesh
> Cc: Pradeep Jagadeesh; Alberto Garcia;
On Mon, 23 Jan 2017 12:20:57 -0800 (PST)
Stefano Stabellini <sstabell...@kernel.org> wrote:
> On Sat, 21 Jan 2017, Greg Kurz wrote:
> > The current code tries to copy `read_count' bytes starting at offset
> > `offset' from a `read_count`-sized iovec. This causes v9
On Thu, 26 Jan 2017 11:07:05 +0100
Paolo Bonzini wrote:
> In this case, we are marshaling an error status instead of the errno value.
> Reorganize the out and out_nofid labels to look like all the other cases.
> Coverity reports this because the "err = -ENOENT" and "err =
-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 38 --
1 file changed, 36 insertions(+), 2 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index d3c6ccf30b53..8a1d52cd6c2a 100644
--- a/hw/9pfs/9p-local.c
+++ b/hw/9pfs/9p-l
This fixes CVE-2016-9602 for the "passthrough" and "mapped" security models.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 28 +++-
1 file changed, 23 insertions(+), 5 deletions(-)
diff --git a/hw/9pfs/9p-local.c
This fixes CVE-2016-9602 for the "passthrough" security model.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 128
1 file changed, 59 insertions(+), 69 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw
Having all security models implemented in one monolithic function is
cumbersome. Especially when the need arises to fix something in the
shared code, as it forces to change all the paths at the same time.
This doesn't fix any bug, it is just preparatory cleanup.
Signed-off-by: Greg Kurz <
Having all security models implemented in one monolithic function is
cumbersome. Especially when the need arises to fix something in the
shared code, as it forces to change all the paths at the same time.
This doesn't fix any bug, it is just preparatory cleanup.
Signed-off-by: Greg Kurz <
Having all security models implemented in one monolithic function is
cumbersome. Especially when the need arises to fix something in the
shared code, as it forces to change all the paths at the same time.
This doesn't fix any bug, it is just preparatory cleanup.
Signed-off-by: Greg Kurz <
This fixes CVE-2016-9602 for all security models.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 15 ---
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index 1f9239de07e5..4377aa6524c2 100644
--- a/h
Having all security models implemented in one monolithic function is
cumbersome. Especially when the need arises to fix something in the
shared code, as it forces to change all the paths at the same time.
This doesn't fix any bug, it is just preparatory cleanup.
Signed-off-by: Greg Kurz <
When using the mapped-file security model, we also have to create a link
for the metadata file if it exists. In case of failuire, we should rollback.
That's what this patch does.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 26 +++---
1 file c
Having all security models implemented in one monolithic function is
cumbersome. Especially when the need arises to fix something in the
shared code, as it forces to change all the paths at the same time.
This doesn't fix any bug, it is just preparatory cleanup.
Signed-off-by: Greg Kurz <
The rename operation is really the same for the passthrough and mapped
security models. This patch simply moves the mapped-file bits to a
separate function. This will make future modifications easier.
This doesn't fix any bug, it is just preparatory cleanup.
Signed-off-by: Greg Kurz <
This fixes CVE-2016-9602 for the "passthrough" and "mapped" security models.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 40 ++--
1 file changed, 22 insertions(+), 18 deletions(-)
diff --git a/hw/9pfs/9p-lo
This fixes CVE-2016-9602 for the "passthrough" security model.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 13 +++--
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index 48d46b6abd28..9df
This fixes CVE-2016-9602 for all security models.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-posix-acl.c | 16 ++--
hw/9pfs/9p-xattr-user.c |8 +---
hw/9pfs/9p-xattr.c |8 +---
3 files changed, 4 insertions(+), 28 deletions(-)
diff --gi
This fixes CVE-2016-9602 for all security models.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-xattr.c | 30 --
1 file changed, 24 insertions(+), 6 deletions(-)
diff --git a/hw/9pfs/9p-xattr.c b/hw/9pfs/9p-xattr.c
index 29f4f940a23f..08df02e0bab2
Having all security models implemented in one monolithic function is
cumbersome. Especially when the need arises to fix something in the
shared code, as it forces to change all the paths at the same time.
This doesn't fix any bug, it is just preparatory cleanup.
Signed-off-by: Greg Kurz <
These functions are always called indirectly. It really doesn't make sense
for them to sit in a header file.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-xattr.c | 61
hw/9pfs/9p-xattr.h
The link operation is really the same for the passthrough and mapped
security models. This patch simply moves the mapped-file bits to a
separate function. This will make future modifications easier.
This doesn't fix any bug, it is just preparatory cleanup.
Signed-off-by: Greg Kurz <
This fixes CVE-2016-9602 for all security models.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 13 ++---
1 file changed, 6 insertions(+), 7 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index 4377aa6524c2..dbc56b16979c 100644
--- a/hw/9
This fixes CVE-2016-9602 for all security models.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-posix-acl.c | 14 --
hw/9pfs/9p-xattr-user.c | 12 +++-
hw/9pfs/9p-xattr.c |8 +---
3 files changed, 8 insertions(+), 26 deletions(-)
diff --gi
This fixes CVE-2016-9602 for the "passthrough" security model.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 20 ++--
1 file changed, 14 insertions(+), 6 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index bbc0818456
When using the mapped-file security model, we also have to rename the
metadata file if it exists. In case of failure, we should rollback.
To achieve that, this patch moves the renaming of the main file before
the renaming of the metadata file.
Signed-off-by: Greg Kurz <gr...@kaod.org>
-
This fixes CVE-2016-9602 for all security models.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 37 +++--
1 file changed, 27 insertions(+), 10 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index a1fff0
If these functions fail, they should not change *fs. Let's use local
variables to fix this. While here, let's also do some cosmetic fixes
on the function args.
This doesn't fix any bug, it is just preparatory cleanup.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c
If this function fails, it should not modify *ctx.
This doesn't fix any bug, it is just preparatory cleanup.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 37 +++--
1 file changed, 19 insertions(+), 18 deletions(-)
diff --git a/hw/9
This fixes CVE-2016-9602 for all security models.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-posix-acl.c | 18 --
hw/9pfs/9p-xattr-user.c |8 +---
hw/9pfs/9p-xattr.c |8 +---
3 files changed, 6 insertions(+), 28 deletions(-)
diff --gi
aratory patches to split the code. This allows to have
patches of reasonable size, that don't affect too many code paths.
TODO:
- the accesses to metadata files of the "mapped-file" security mode also need
to be converted
---
Greg Kurz (36):
9pfs: local: move xattr security ops to
This fixes CVE-2016-9602 for all security models.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 31 +--
hw/9pfs/9p-local.h | 20
2 files changed, 41 insertions(+), 10 deletions(-)
create mode 100644 hw/9pfs/9p-l
This fixes CVE-2016-9602 for the "passthrough" and "mapped" security models.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 18 --
1 file changed, 8 insertions(+), 10 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-
The remove operation is really the same for the passthrough and mapped
security models. This patch simply moves the mapped-file bits to a
separate function. This will make future modifications easier.
This doesn't fix any bug, it is just preparatory cleanup.
Signed-off-by: Greg Kurz <
introduces a variant of the openat() syscall that successively
opens each path element with O_NOFOLLOW. It will be used by subsequent
patches to implement symlink-safe path walk for any access to the backend.
Suggested-by: Jann Horn <ja...@google.com>
Signed-off-by: Greg Kurz <gr...@kaod.org>
This fixes CVE-2016-9602 for all security models.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 37 ++---
hw/9pfs/9p-local.h |2 ++
2 files changed, 32 insertions(+), 7 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-l
This fixes CVE-2016-9602 for the "passthrough" and "mapped" security models.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 44 +++-
1 file changed, 31 insertions(+), 13 deletions(-)
diff --git a/hw/9p
This fixes CVE-2016-9602 for the "passthrough" and "mapped" security models.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 36
1 file changed, 24 insertions(+), 12 deletions(-)
diff --git a/hw/9pfs/9p-local.c
There are no "at" variants for xattr syscalls. This patch implement them
using a separate process.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-xattr.c | 156
hw/9pfs/9p-xattr.h | 11
2 files changed
The unlinkat operation is really the same for the passthrough and
mapped security models. This patch simply moves the mapped-file bits
to a separate function. This will make future modifications easier.
This doesn't fix any bug, it is just preparatory cleanup.
Signed-off-by: Greg Kurz <
This fixes CVE-2016-9602 for the "passthrough" security model.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 26 ++
1 file changed, 10 insertions(+), 16 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
in
On Thu, 26 Jan 2017 14:46:52 +0530
Ashijeet Acharya wrote:
> Migration of a "none" machine with no RAM crashes abruptly as
> bitmap_new() fails and thus aborts. Instead, place a check for
> last_ram_offset() being '0' at the start of ram_save_setup() and
> error out
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index 845675e7a1bb..7de07e1ba67f 100644
--- a/hw/9pfs/9p-local.c
+++ b/hw/9pfs/9p-local.c
@@ -436,8 +436,7 @@
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
tests/virtio-9p-test.c | 24 +++-
1 file changed, 19 insertions(+), 5 deletions(-)
diff --git a/tests/virtio-9p-test.c b/tests/virtio-9p-test.c
index 060407b20e39..9556291567a4 100644
--- a/tests/virtio-9p-test.c
+++ b
init loop.
Reported-by: Tuomas Tynkkynen <tuo...@tuxera.com>
Suggested-by: Al Viro <v...@zeniv.linux.org.uk>
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
index 58310ca8d5a5..
. Other patches are minor enhancements.
Greg Kurz (5):
9pfs: add missing coroutine_fn annotations
tests: virtio-9p: improve error reporting
9pfs: fix off-by-one error in PDU free list
9pfs: local: trivial
the whole of it. Moreover, this is consistent with the other
places where v9fs_init_qiov_from_pdu() is called.
This fixes commit "bcb8998fac16 9pfs: call v9fs_init_qiov_from_pdu
before v9fs_pack".
Signed-off-by: Greg Kurz <gr...@kaod.org>
Reviewed-by: Stefano Stabellini <sst
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
index fa58877570f6..58310ca8d5a5 100644
--- a/hw/9pfs/9p.c
+++ b/hw/9pfs/9p.c
@@ -1571,7 +1571,7 @@ out_nofid:
v9fs_strin
the whole of it. Moreover, this is consistent with the other
places where v9fs_init_qiov_from_pdu() is called.
This fixes commit "bcb8998fac16 9pfs: call v9fs_init_qiov_from_pdu
before v9fs_pack".
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
v2: - pass size + skip to the init
On Tue, 24 Jan 2017 14:24:23 -0800 (PST)
Stefano Stabellini <sstabell...@kernel.org> wrote:
> On Tue, 24 Jan 2017, Greg Kurz wrote:
> > On Mon, 23 Jan 2017 12:20:57 -0800 (PST)
> > Stefano Stabellini <sstabell...@kernel.org> wrote:
> >
> >
On Sun, 29 Jan 2017 01:06:47 +0530
Ashijeet Acharya <ashijeetacha...@gmail.com> wrote:
> On Sun, Jan 29, 2017 at 12:11 AM, Greg Kurz <gr...@kaod.org> wrote:
> > On Thu, 26 Jan 2017 14:46:52 +0530
> > Ashijeet Acharya <ashijeetacha...@gmail.com> wrote:
> &g
From: Greg Kurz <gk...@linux.vnet.ibm.com>
Since commit 1d2d974244c6 "spapr_pci: enumerate and add PCI device tree", QEMU
populates the PCI device tree in the opposite order compared to SLOF.
Before 1d2d974244c6:
Populating /pci@8002000
00
<stefa...@redhat.com> wrote:
> On Tue, Feb 07, 2017 at 05:29:33PM +0100, Greg Kurz wrote:
> > Cc'ing Stefan who reviewed patch 2/2.
> >
> > On Tue, 7 Feb 2017 09:56:08 -0600
> > Eric Blake <ebl...@redhat.com> wrote:
> >
> > > On 02/07/2
e descriptor pointing to a path which is beneath the trusted directory.
This will be used by subsequent patches to implement symlink-safe path walk
for any access to the backend.
Suggested-by: Jann Horn <ja...@google.com>
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-util
If this function fails, it should not modify *ctx.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 37 +++--
1 file changed, 19 insertions(+), 18 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index 7de07e
n a separate process.
The extended attributes code spreads over several files: all helpers
are hence declared with external linkage in 9p-xattr.h.
Note that the listxattr-based code is fully contained in 9p-xattr.c: the
flistxattrat_nofollow() helper is added in a subsequent patch.
Signed-off-by: Greg
-2016-9602.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-xattr.c | 30 --
1 file changed, 24 insertions(+), 6 deletions(-)
diff --git a/hw/9pfs/9p-xattr.c b/hw/9pfs/9p-xattr.c
index 4c3c0046bd47..803d4bbbc50b 100644
--- a/hw/9pfs/9p-xattr.c
+++ b/h
als and file modes are stored. While
here, we also make that explicit by sharing the call to mkdirat().
This partly fixes CVE-2016-9602.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 55 +++-
1 file changed, 20 insertio
Now that the all callbacks have been converted to use "at" syscalls, we
can drop this code.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 198
1 file changed, 198 deletions(-)
diff --git a/hw/9pfs/9p-loca
-9602.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-posix-acl.c | 18 --
hw/9pfs/9p-xattr-user.c |8 +---
hw/9pfs/9p-xattr.c |8 +---
3 files changed, 6 insertions(+), 28 deletions(-)
diff --git a/hw/9pfs/9p-posix-acl.c b/hw/9pfs/9p-posix
The local_statfs() callback is vulnerable to symlink attacks because it
calls statfs() which follows symbolic links in all path elements.
This patch converts local_statfs() to rely on open_nofollow() and fstatfs()
instead.
This partly fixes CVE-2016-9602.
Signed-off-by: Greg Kurz <
use the "at" versions.
This partly fixes CVE-2016-9602.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 163
1 file changed, 150 insertions(+), 13 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
E-2016-9602.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 19 +--
1 file changed, 13 insertions(+), 6 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index c6f4c8d95442..7f3d9dd9a499 100644
--- a/hw/9pfs/9p-local.c
+++ b/hw/9pf
use it instead of opening a new one.
The mapped and mapped-file security modes are supposed to be identical,
except for the place where credentials and file modes are stored. While
here, we also make that explicit by sharing the call to openat().
This partly fixes CVE-2016-9602.
Signed-off-by: G
() to rely on opendir_nofollow(),
fstatat(AT_SYMLINK_NOFOLLOW) to fix (1) and unlinkat() to fix (2).
This partly fixes CVE-2016-9602.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 64 +---
1 file changed, 21 insertions(
The local_renameat() callback is currently a wrapper around local_rename()
which is vulnerable to symlink attacks.
This patch rewrites local_renameat() to have its own implementation, based
on local_opendir_nofollow() and renameat().
This partly fixes CVE-2016-9602.
Signed-off-by: Greg Kurz <
to use new helpers based on
openat_nofollow() to only open files and directories if they are
below the virtfs shared folder
This partly fixes CVE-2016-9602.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 31 +--
hw/9pfs/9p-local.h
up with some numbers later.
Stefan and Daniel, I've Cc'ed you because we talked about the issue
on irc already. Feel free to comment/review if you have some spare
cycles, it will be appreciated (but of course, I'll understand if
you don't :)
---
Greg Kurz (29):
9pfs: local: move xattr secu
This patch opens the shared folder and caches the file descriptor, so that
it can be used to do symlink-safe path walk.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 30 --
1 file changed, 28 insertions(+), 2 deletions(-)
diff --git a/h
-9602.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-posix-acl.c | 16 ++--
hw/9pfs/9p-xattr-user.c |8 +---
hw/9pfs/9p-xattr.c |8 +---
3 files changed, 4 insertions(+), 28 deletions(-)
diff --git a/hw/9pfs/9p-posix-acl.c b/hw/9pfs/9p-posix
fixes CVE-2016-9602.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-posix-acl.c | 10 ++
hw/9pfs/9p-xattr-user.c |8 +---
hw/9pfs/9p-xattr.c |8 +---
3 files changed, 4 insertions(+), 22 deletions(-)
diff --git a/hw/9pfs/9p-posix-acl.c b/hw/9pfs/9p
The local_truncate() callback is vulnerable to symlink attacks because
it calls truncate() which follows symbolic links in all path elements.
This patch converts local_truncate() to rely on open_nofollow() and
ftruncate() instead.
This partly fixes CVE-2016-9602.
Signed-off-by: Greg Kurz <
tch converts local_link() to rely on opendir_nofollow() and linkat()
to fix (1), mkdirat() to fix (2).
This partly fixes CVE-2016-9602.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 86 ++--
1 file changed, 57 insertio
-2016-9602.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local.c | 57 +---
1 file changed, 27 insertions(+), 30 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index 07b7110d87d7..15e746ede86a 100644
--- a/hw/9
low() and
symlinkat() to fix (1), openat(O_NOFOLLOW) to fix (2), as well as
local_set_xattrat() and local_set_mapped_file_attrat() to fix (3) and
(4) respectively.
This partly fixes CVE-2016-9602.
Signed-off-by: Greg Kurz <gr...@kaod.org>
---
hw/9pfs/9p-local
901 - 1000 of 5451 matches
Mail list logo