7925752085
CVE-2014-7840: insufficient parameter validation during ram load (bz #1163080)
96 lines
2.6 KiB
Diff
96 lines
2.6 KiB
Diff
From: Marcelo Tosatti <mtosatti@redhat.com>
|
|
Date: Fri, 5 Sep 2014 10:52:46 -0300
|
|
Subject: [PATCH] Introduce cpu_clean_all_dirty
|
|
|
|
Introduce cpu_clean_all_dirty, to force subsequent cpu_synchronize_all_states
|
|
to read in-kernel register state.
|
|
|
|
Cc: qemu-stable@nongnu.org
|
|
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
|
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
(cherry picked from commit de9d61e83d43be9069e6646fa9d57a3f47779d28)
|
|
|
|
Conflicts:
|
|
cpus.c
|
|
---
|
|
cpus.c | 9 +++++++++
|
|
include/sysemu/cpus.h | 1 +
|
|
include/sysemu/kvm.h | 8 ++++++++
|
|
kvm-all.c | 5 +++++
|
|
4 files changed, 23 insertions(+)
|
|
|
|
diff --git a/cpus.c b/cpus.c
|
|
index 0f65e76..ab0de51 100644
|
|
--- a/cpus.c
|
|
+++ b/cpus.c
|
|
@@ -434,6 +434,15 @@ bool cpu_is_stopped(CPUState *cpu)
|
|
return !runstate_is_running() || cpu->stopped;
|
|
}
|
|
|
|
+void cpu_clean_all_dirty(void)
|
|
+{
|
|
+ CPUState *cpu;
|
|
+
|
|
+ for (cpu = first_cpu; cpu; cpu = cpu->next_cpu) {
|
|
+ cpu_clean_state(cpu);
|
|
+ }
|
|
+}
|
|
+
|
|
static int do_vm_stop(RunState state)
|
|
{
|
|
int ret = 0;
|
|
diff --git a/include/sysemu/cpus.h b/include/sysemu/cpus.h
|
|
index 6502488..4f8a3df 100644
|
|
--- a/include/sysemu/cpus.h
|
|
+++ b/include/sysemu/cpus.h
|
|
@@ -10,6 +10,7 @@ void cpu_stop_current(void);
|
|
void cpu_synchronize_all_states(void);
|
|
void cpu_synchronize_all_post_reset(void);
|
|
void cpu_synchronize_all_post_init(void);
|
|
+void cpu_clean_all_dirty(void);
|
|
|
|
void qtest_clock_warp(int64_t dest);
|
|
|
|
diff --git a/include/sysemu/kvm.h b/include/sysemu/kvm.h
|
|
index de74411..83a107a 100644
|
|
--- a/include/sysemu/kvm.h
|
|
+++ b/include/sysemu/kvm.h
|
|
@@ -290,6 +290,7 @@ int kvm_physical_memory_addr_from_host(KVMState *s, void *ram_addr,
|
|
|
|
void kvm_cpu_synchronize_post_reset(CPUState *cpu);
|
|
void kvm_cpu_synchronize_post_init(CPUState *cpu);
|
|
+void kvm_cpu_clean_state(CPUState *cpu);
|
|
|
|
static inline void cpu_synchronize_post_reset(CPUState *cpu)
|
|
{
|
|
@@ -305,6 +306,13 @@ static inline void cpu_synchronize_post_init(CPUState *cpu)
|
|
}
|
|
}
|
|
|
|
+static inline void cpu_clean_state(CPUState *cpu)
|
|
+{
|
|
+ if (kvm_enabled()) {
|
|
+ kvm_cpu_clean_state(cpu);
|
|
+ }
|
|
+}
|
|
+
|
|
int kvm_irqchip_add_msi_route(KVMState *s, MSIMessage msg);
|
|
int kvm_irqchip_update_msi_route(KVMState *s, int virq, MSIMessage msg);
|
|
void kvm_irqchip_release_virq(KVMState *s, int virq);
|
|
diff --git a/kvm-all.c b/kvm-all.c
|
|
index 783b8ec..369c221 100644
|
|
--- a/kvm-all.c
|
|
+++ b/kvm-all.c
|
|
@@ -1625,6 +1625,11 @@ void kvm_cpu_synchronize_post_init(CPUState *cpu)
|
|
run_on_cpu(cpu, do_kvm_cpu_synchronize_post_init, cpu);
|
|
}
|
|
|
|
+void kvm_cpu_clean_state(CPUState *cpu)
|
|
+{
|
|
+ cpu->kvm_vcpu_dirty = false;
|
|
+}
|
|
+
|
|
int kvm_cpu_exec(CPUState *cpu)
|
|
{
|
|
struct kvm_run *run = cpu->kvm_run;
|