QEMU With E2K User Support
Go to file
Igor Mammedov f8bb056564 target-i386: kvm: prevent buffer overflow if -cpu foo, [x]level is too big
Stack corruption may occur if too big 'level' or 'xlevel' values passed
on command line with KVM enabled, due to limited size of cpuid_data
in kvm_arch_init_vcpu().

reproduces with:
 qemu -enable-kvm -cpu qemu64,level=4294967295
or
 qemu -enable-kvm -cpu qemu64,xlevel=4294967295

Check if there is space in cpuid_data before passing it to cpu_x86_cpuid()
or abort() if there is not space.

Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Andreas Faerber <afaerber@suse.de>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Gleb Natapov <gleb@redhat.com>
2013-01-29 08:57:56 +02:00
audio audio: Replace non-portable asprintf in debug code by g_strdup_printf 2013-01-16 12:03:26 -06:00
backends Make all static TypeInfos const 2013-01-10 15:11:53 -06:00
block Merge remote-tracking branch 'stefanha/block' into staging 2013-01-20 11:01:10 -06:00
bsd-user misc: move include files to include/qemu/ 2012-12-19 08:32:39 +01:00
default-configs Add TEWS TPCI200 IndustryPack emulation 2013-01-14 13:26:12 -06:00
disas target-s390: Fix disassembly of cpsdr 2013-01-05 12:00:00 -08:00
docs pci,virtio 2013-01-14 10:23:50 -06:00
fpu softfloat: Implement uint64_to_float128 2013-01-05 10:12:50 +00:00
fsdev qemu-option: move standard option definitions out of qemu-config.c 2013-01-12 17:17:53 +01:00
gdb-xml
hw sysbus: Drop sysbus_from_qdev() cast macro 2013-01-21 13:52:24 -06:00
include Merge remote-tracking branch 'quintela/thread.next' into staging 2013-01-21 13:22:43 -06:00
ldscripts build: create ldscripts/ 2012-12-19 08:29:06 +01:00
libcacard build: fold trace-obj-y into libqemuutil.a 2013-01-12 18:42:51 +01:00
linux-headers Update Linux kernel headers 2013-01-18 19:06:57 +01:00
linux-user alpha-linux-user: Correct select 2013-01-16 08:15:16 -08:00
net HMP: add QDict to info callback handler 2013-01-17 10:24:52 -02:00
pc-bios seabios: update to 1.7.2 release 2013-01-21 09:17:16 +01:00
pixman@97336fad32 qapi: move include files to include/qobject/ 2012-12-19 08:31:31 +01:00
qapi build: move base QAPI files to libqemuutil.a 2013-01-12 18:42:51 +01:00
qga Replace non-portable asprintf by g_strdup_printf 2013-01-19 10:24:43 +00:00
QMP qmp: add pull_event function 2012-10-24 10:26:22 +02:00
qobject build: move qobject files to qobject/ and libqemuutil.a 2013-01-12 18:42:50 +01:00
qom qom: Make object_resolve_path_component() path argument const 2013-01-15 10:54:23 +01:00
roms seabios: update to 1.7.2 release 2013-01-21 09:17:16 +01:00
scripts vmxcap: bit 9 of VMX_PROCBASED_CTLS2 is 'virtual interrupt delivery' 2013-01-21 23:11:27 -02:00
slirp slirp: remove unused field tt 2013-01-12 12:26:16 +00:00
stubs stubs: fully replace qemu-tool.c and qemu-user.c 2013-01-12 17:19:08 +01:00
sysconfigs/target Eliminate cpus-x86_64.conf file 2012-09-21 15:12:58 +02:00
target-alpha cpu: Move cpu_index field to CPUState 2013-01-15 04:09:13 +01:00
target-arm cpu: Move cpu_index field to CPUState 2013-01-15 04:09:13 +01:00
target-cris target-cris: Drop unused cpu_cris_close() prototype 2013-01-21 13:36:55 +01:00
target-i386 target-i386: kvm: prevent buffer overflow if -cpu foo, [x]level is too big 2013-01-29 08:57:56 +02:00
target-lm32 cpu: Move cpu_index field to CPUState 2013-01-15 04:09:13 +01:00
target-m68k cpu: Move cpu_index field to CPUState 2013-01-15 04:09:13 +01:00
target-microblaze target-microblaze: Drop unused cpu_mb_close() prototype 2013-01-21 13:36:55 +01:00
target-mips exec: Return CPUState from qemu_get_cpu() 2013-01-15 04:09:14 +01:00
target-openrisc cpu: Move cpu_index field to CPUState 2013-01-15 04:09:13 +01:00
target-ppc PPC: KVM: Add support for EPR with KVM 2013-01-18 19:06:57 +01:00
target-s390x s390: Add a hypercall registration interface. 2013-01-18 19:07:47 +01:00
target-sh4 cpu: Move cpu_index field to CPUState 2013-01-15 04:09:13 +01:00
target-sparc cpu: Move cpu_index field to CPUState 2013-01-15 04:09:13 +01:00
target-unicore32 configure: allow disabling pixman if not needed 2012-12-23 14:38:52 -06:00
target-xtensa target-xtensa: fix search_pc for the last TB opcode 2012-12-22 12:09:24 +00:00
tcg tcg/target-arm: Add missing parens to assertions 2013-01-19 10:27:45 +00:00
tests aio: Fix return value of aio_poll() 2013-01-17 10:51:42 +01:00
trace build: fold trace-obj-y into libqemuutil.a 2013-01-12 18:42:51 +01:00
ui vnc: fix possible uninitialized removals 2013-01-21 13:33:12 -06:00
util Replace non-portable asprintf by g_strdup_printf 2013-01-19 10:24:43 +00:00
.exrc qemu: add .exrc 2012-09-07 09:02:44 +03:00
.gitignore Add libcacard/trace/generated-tracers.c to .gitignore 2013-01-15 10:34:54 +01:00
.gitmodules pixman: add submodule 2012-11-01 13:10:06 +01:00
.mailmap Add a .mailmap to map pre-git-conversion authors to friendly names 2011-12-12 17:06:21 -06:00
aio-posix.c aio: Fix return value of aio_poll() 2013-01-17 10:51:42 +01:00
aio-win32.c aio: Fix return value of aio_poll() 2013-01-17 10:51:42 +01:00
arch_init.c Protect migration_bitmap_sync() with the ramlist lock 2013-01-17 13:27:07 +01:00
async.c misc: move include files to include/qemu/ 2012-12-19 08:32:39 +01:00
balloon.c softmmu: move include files to include/sysemu/ 2012-12-19 08:32:45 +01:00
block-migration.c savevm: New save live migration method: pending 2012-12-20 23:09:25 +01:00
block.c block: clear dirty bitmap when discarding 2013-01-15 10:03:48 +01:00
blockdev-nbd.c softmmu: move include files to include/sysemu/ 2012-12-19 08:32:45 +01:00
blockdev.c qemu-option: move standard option definitions out of qemu-config.c 2013-01-12 17:17:53 +01:00
blockjob.c misc: move include files to include/qemu/ 2012-12-19 08:32:39 +01:00
bt-host.c softmmu: move remaining include files to include/ subdirectories 2012-12-19 08:32:46 +01:00
bt-vhci.c softmmu: move remaining include files to include/ subdirectories 2012-12-19 08:32:46 +01:00
Changelog fix some common typos 2012-05-14 07:27:24 +02:00
cmd.c misc: move include files to include/qemu/ 2012-12-19 08:32:39 +01:00
cmd.h
CODING_STYLE Replace Qemu by QEMU in internal documentation 2012-04-07 13:58:25 +00:00
configure vnc: added initial websocket protocol support 2013-01-21 13:33:12 -06:00
COPYING
COPYING.LIB
coroutine-gthread.c block: move include files to include/block/ 2012-12-19 08:31:31 +01:00
coroutine-sigaltstack.c block: move include files to include/block/ 2012-12-19 08:31:31 +01:00
coroutine-ucontext.c gcc: rename CONFIG_PRAGMA_DISABLE_UNUSED_BUT_SET to CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE 2013-01-12 12:42:53 +00:00
coroutine-win32.c block: move include files to include/block/ 2012-12-19 08:31:31 +01:00
cpu-exec.c softmmu: move include files to include/sysemu/ 2012-12-19 08:32:45 +01:00
cpus.c kvm: Pass CPUState to kvm_init_vcpu() 2013-01-15 04:09:13 +01:00
cputlb.c exec: move include files to include/exec/ 2012-12-19 08:31:31 +01:00
device_tree.c softmmu: move include files to include/sysemu/ 2012-12-19 08:32:45 +01:00
disas.c monitor: move include files to include/monitor/ 2012-12-19 08:31:32 +01:00
dma-helpers.c softmmu: move include files to include/sysemu/ 2012-12-19 08:32:45 +01:00
dump-stub.c softmmu: move include files to include/sysemu/ 2012-12-19 08:32:45 +01:00
dump.c exec: change RAM list to a TAILQ 2012-12-20 23:08:47 +01:00
exec.c Replace non-portable asprintf by g_strdup_printf 2013-01-19 10:24:43 +00:00
gdbstub.c cpu: Move cpu_index field to CPUState 2013-01-15 04:09:13 +01:00
HACKING HACKING: List areas where we may rely on impdef C behaviour 2012-12-08 14:27:40 +00:00
hmp-commands.hx HMP: add sub command table to info 2013-01-17 10:24:52 -02:00
hmp.c HMP: add QDict to info callback handler 2013-01-17 10:24:52 -02:00
hmp.h HMP: add QDict to info callback handler 2013-01-17 10:24:52 -02:00
iohandler.c misc: move include files to include/qemu/ 2012-12-19 08:32:39 +01:00
ioport.c exec: move include files to include/exec/ 2012-12-19 08:31:31 +01:00
kvm-all.c kvm: add stub for kvm_irqchip_update_msi_route 2013-01-15 18:25:05 -06:00
kvm-stub.c kvm: Pass CPUState to kvm_init_vcpu() 2013-01-15 04:09:13 +01:00
LICENSE
main-loop.c Check return values from g_poll and select 2013-01-09 11:03:05 -06:00
MAINTAINERS Merge branch 's390-reorg' of git://repo.or.cz/qemu/rth 2013-01-12 12:46:57 +00:00
Makefile Makefile: drop recursive libcacard clean 2013-01-17 07:32:54 -06:00
Makefile.objs build: fold trace-obj-y into libqemuutil.a 2013-01-12 18:42:51 +01:00
Makefile.target build: improve quiet output for .stp rules 2013-01-12 18:42:51 +01:00
memory_mapping-stub.c softmmu: move include files to include/sysemu/ 2012-12-19 08:32:45 +01:00
memory_mapping.c exec: change RAM list to a TAILQ 2012-12-20 23:08:47 +01:00
memory.c memory: introduce memory_region_test_and_clear_dirty 2012-12-20 23:09:39 +01:00
migration-exec.c migration: make writes blocking 2012-12-20 23:09:25 +01:00
migration-fd.c migration: make writes blocking 2012-12-20 23:09:25 +01:00
migration-tcp.c migration: make writes blocking 2012-12-20 23:09:25 +01:00
migration-unix.c migration: make writes blocking 2012-12-20 23:09:25 +01:00
migration.c migration: remove argument to qemu_savevm_state_cancel 2013-01-17 13:54:52 +01:00
monitor.c HMP: add sub command table to info 2013-01-17 10:24:52 -02:00
nbd.c misc: move include files to include/qemu/ 2012-12-19 08:32:39 +01:00
os-posix.c softmmu: move include files to include/sysemu/ 2012-12-19 08:32:45 +01:00
os-win32.c softmmu: move include files to include/sysemu/ 2012-12-19 08:32:45 +01:00
page_cache.c migration: move include files to include/migration/ 2012-12-19 08:31:32 +01:00
qapi-schema-test.json qapi: add struct-errors test case to test-qmp-output-visitor 2012-03-27 09:11:00 -03:00
qapi-schema.json chardev: add pty chardev support to chardev-add (qmp) 2013-01-16 06:58:54 +01:00
qdict-test-data.txt
qemu-bridge-helper.c misc: move include files to include/qemu/ 2012-12-19 08:32:39 +01:00
qemu-char.c chardev: add pty chardev support to chardev-add (qmp) 2013-01-16 06:58:54 +01:00
qemu-coroutine-io.c misc: move include files to include/qemu/ 2012-12-19 08:32:39 +01:00
qemu-coroutine-lock.c misc: move include files to include/qemu/ 2012-12-19 08:32:39 +01:00
qemu-coroutine-sleep.c misc: move include files to include/qemu/ 2012-12-19 08:32:39 +01:00
qemu-coroutine.c block: move include files to include/block/ 2012-12-19 08:31:31 +01:00
qemu-doc.texi Documentation: Update image format information 2012-11-30 11:33:24 +01:00
qemu-img-cmds.hx qemu-img: document 'info --backing-chain' 2012-10-24 10:26:19 +02:00
qemu-img.c qemu-img: report size overflow error message 2013-01-02 16:08:56 +01:00
qemu-img.texi Documentation: Update image format information 2012-11-30 11:33:24 +01:00
qemu-io.c misc: move include files to include/qemu/ 2012-12-19 08:32:39 +01:00
qemu-log.c misc: move include files to include/qemu/ 2012-12-19 08:32:39 +01:00
qemu-nbd.c block: move include files to include/block/ 2012-12-19 08:31:31 +01:00
qemu-nbd.texi Replace Qemu by QEMU in user visible documentation 2012-04-07 13:58:06 +00:00
qemu-options-wrapper.h vl.c: In qemu -h output, only print options for the arch we are running as 2011-12-19 10:27:33 -06:00
qemu-options.h vl.c: Move option generation logic into a wrapper file 2011-12-19 10:27:33 -06:00
qemu-options.hx vnc: added initial websocket protocol support 2013-01-21 13:33:12 -06:00
qemu-seccomp.c softmmu: move include files to include/sysemu/ 2012-12-19 08:32:45 +01:00
qemu-tech.texi qemu-tech.texi: update implemented xtensa features list 2012-11-29 13:00:52 -06:00
qemu-timer.c softmmu: move include files to include/sysemu/ 2012-12-19 08:32:45 +01:00
qemu.sasl
qmp-commands.hx chardev: add pty chardev support to chardev-add (qmp) 2013-01-16 06:58:54 +01:00
qmp.c softmmu: move remaining include files to include/ subdirectories 2012-12-19 08:32:46 +01:00
qtest.c softmmu: move remaining include files to include/ subdirectories 2012-12-19 08:32:46 +01:00
readline.c readline: avoid memcpy() of overlapping regions 2013-01-08 10:00:26 +01:00
README
rules.mak build: move version-obj-y to the generic LINK rule 2013-01-12 18:42:51 +01:00
savevm.c Merge remote-tracking branch 'quintela/thread.next' into staging 2013-01-21 13:22:43 -06:00
spice-qemu-char.c Merge remote-tracking branch 'bonzini/header-dirs' into staging 2012-12-19 17:15:39 -06:00
tcg-runtime.c
tci.c exec: move include files to include/exec/ 2012-12-19 08:31:31 +01:00
thread-pool.c misc: move include files to include/qemu/ 2012-12-19 08:32:39 +01:00
thunk.c exec: move include files to include/exec/ 2012-12-19 08:31:31 +01:00
TODO
trace-events fw_cfg: Use void *, size_t instead of uint8_t *, uint32_t for blobs 2013-01-19 10:22:44 +00:00
translate-all.c translate-all.c: Use tb1->phys_hash_next directly in tb_remove 2012-12-22 12:06:24 +00:00
translate-all.h exec: move TB handling to translate-all.c 2012-12-16 08:28:41 +00:00
user-exec.c Merge remote-tracking branch 'bonzini/header-dirs' into staging 2012-12-19 17:15:39 -06:00
VERSION Open up 1.4 development branch 2012-12-03 14:08:40 -06:00
version.rc
vl.c vl: Use size_t for sizes in get_boot_devices_list() 2013-01-19 10:22:48 +00:00
xen-all.c xen: Simplify halting of first CPU 2013-01-15 04:09:14 +01:00
xen-mapcache.c softmmu: move include files to include/sysemu/ 2012-12-19 08:32:45 +01:00
xen-stub.c exec: move include files to include/exec/ 2012-12-19 08:31:31 +01:00

Read the documentation in qemu-doc.html or on http://wiki.qemu.org

- QEMU team