OpenE2K
/
qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
qemu-e2k/hw
History
Stefan Hajnoczi 8080747748 virtio-crypto: don't modify elem->in/out_sg 
A number of iov_discard_front/back() operations are made by
virtio-crypto. The elem->in/out_sg iovec arrays are modified by these
operations, resulting virtqueue_unmap_sg() calls on different addresses
than were originally mapped.

This is problematic because dirty memory may not be logged correctly,
MemoryRegion refcounts may be leaked, and the non-RAM bounce buffer can
be leaked.

Take a copy of the elem->in/out_sg arrays so that the originals are
preserved. The iov_discard_undo() API could be used instead (with better
performance) but requires careful auditing of the code, so do the simple
thing instead.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Li Qiang <liq3ea@gmail.com>
Message-Id: <20200917094455.822379-4-stefanha@redhat.com>
 		2020-09-23 13:41:58 +01:00
..
9pfs Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
acpi Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
adc meson: convert hw/adc 2020-08-21 06:30:32 -04:00
alpha Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
arm Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
audio Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
avr Use DECLARE_*CHECKER* macros 2020-09-09 09:27:09 -04:00
block virtio-blk: undo destructive iov_discard_*() operations 2020-09-23 13:41:58 +01:00
char Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
core Use DECLARE_*CHECKER* macros 2020-09-09 09:27:09 -04:00
cpu Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
cris meson: convert hw/arch* 2020-08-21 06:30:33 -04:00
display Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
dma Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
gpio Pull request trivial patches 20200919 2020-09-22 15:42:23 +01:00
hppa Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
hyperv Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
i2c Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
i386 Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
ide Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
input Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
intc Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
ipack Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
ipmi Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
isa Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
lm32 hw/sd/milkymist: Do not create SD card within the SD host controller 2020-08-21 16:22:43 +02:00
m68k Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
mem hw/mem: Stubbed out NPCM7xx Memory Controller model 2020-09-14 14:24:59 +01:00
microblaze Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
mips Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
misc Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
moxie meson: convert hw/arch* 2020-08-21 06:30:33 -04:00
net Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
nios2 meson: convert hw/arch* 2020-08-21 06:30:33 -04:00
nubus meson: convert hw/nubus 2020-08-21 06:30:25 -04:00
nvram Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
openrisc meson: convert hw/arch* 2020-08-21 06:30:33 -04:00
pci meson: convert hw/pci 2020-08-21 06:30:28 -04:00
pci-bridge Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
pci-host Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
pcmcia pxa2xx: Move QOM macros to header 2020-08-27 14:04:55 -04:00
ppc Pull request trivial patches 20200919 2020-09-22 15:42:23 +01:00
rdma Use DECLARE_*CHECKER* macros 2020-09-09 09:27:09 -04:00
riscv sifive_u: Rename memmap enum constants 2020-09-18 13:49:48 -04:00
rtc Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
rx Use DECLARE_*CHECKER* macros 2020-09-09 09:27:09 -04:00
s390x virtio: add vhost-user-fs-ccw device 2020-09-23 13:41:58 +01:00
scsi Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
sd Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
semihosting meson: convert hw/semihosting 2020-08-21 06:30:25 -04:00
sh4 Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
smbios hw/smbios: add options for type 4 max-speed and current-speed 2020-08-27 08:29:13 -04:00
sparc Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
sparc64 Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
ssi Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
timer Pull request trivial patches 20200919 2020-09-22 15:42:23 +01:00
tpm Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
tricore meson: convert hw/arch* 2020-08-21 06:30:33 -04:00
unicore32 meson: convert hw/arch* 2020-08-21 06:30:33 -04:00
usb usb: fix u2f build 2020-09-22 16:40:56 +01:00
vfio Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
virtio virtio-crypto: don't modify elem->in/out_sg 2020-09-23 13:41:58 +01:00
watchdog Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
xen Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
xenpv meson: convert hw/arch* 2020-08-21 06:30:33 -04:00
xtensa target/xtensa: implement NMI support 2020-08-21 12:48:14 -07:00
Kconfig hw/avr: Add limited support for some Arduino boards 2020-07-11 11:02:05 +02:00
meson.build meson: convert hw/arch* 2020-08-21 06:30:33 -04:00