qemu/include/hw/ppc
David Gibson 0a794529bd spapr: Simplify handling of host-serial and host-model values
27461d69a0 "ppc: add host-serial and host-model machine attributes
(CVE-2019-8934)" introduced 'host-serial' and 'host-model' machine
properties for spapr to explicitly control the values advertised to the
guest in device tree properties with the same names.

The previous behaviour on KVM was to unconditionally populate the device
tree with the real host serial number and model, which leaks possibly
sensitive information about the host to the guest.

To maintain compatibility for old machine types, we allowed those props
to be set to "passthrough" to take the value from the host as before.  Or
they could be set to "none" to explicitly omit the device tree items.

Special casing specific values on what's otherwise a user supplied string
is very ugly.  So, this patch simplifies things by implementing the
backwards compatibility in a different way: we have a machine class flag
set for the older machines, and we only load the host values into the
device tree if A) they're not set by the user and B) we have that flag set.

This does mean that the "passthrough" functionality is no longer available
with the current machine type.  That's ok though: if a user or management
layer really wants the information passed through they can read it
themselves (OpenStack Nova already does something similar for x86).

It also means the user can't explicitly ask for the values to be omitted
on the old machine types.  I think that's an acceptable trade-off: if you
care enough about not leaking the host information you can either move to
the new machine type, or use a dummy value for the properties.

For the new machine type, this also removes an odd inconsistency
between running on a POWER and non-POWER (or non-Linux) hosts: if the
host information couldn't be read from where we expect (in the host's
device tree as exposed by Linux), we'd fallback to omitting the guest
device tree items.

While we're there, improve some poorly worded comments, and the help text
for the properties.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
Tested-by: Greg Kurz <groug@kaod.org>
2019-03-29 10:25:50 +11:00
..
fdt.h target/ppc: Pass cpu instead of env to ppc_create_page_sizes_prop() 2018-04-27 18:05:22 +10:00
mac_dbdma.h mac_dbdma: remove DBDMA_init() function 2017-09-27 13:05:41 +10:00
openpic_kvm.h openpic: move KVM-specific declarations into separate openpic_kvm.h file 2018-03-06 13:16:29 +11:00
openpic.h mac_newworld: simplify IRQ wiring 2018-12-21 09:24:23 +11:00
pnv_core.h ppc/pnv: POWER9 XSCOM quad support 2019-03-12 14:33:04 +11:00
pnv_lpc.h ppc/pnv: add SerIRQ routing registers 2019-03-12 14:33:04 +11:00
pnv_occ.h ppc/pnv: add a OCC model for POWER9 2019-03-12 14:33:04 +11:00
pnv_psi.h ppc/pnv: add a PSI bridge model for POWER9 2019-03-12 14:33:04 +11:00
pnv_xive.h ppc/pnv: add a XIVE interrupt controller model for POWER9 2019-03-12 14:33:04 +11:00
pnv_xscom.h ppc/pnv: POWER9 XSCOM quad support 2019-03-12 14:33:04 +11:00
pnv.h ppc/pnv: POWER9 XSCOM quad support 2019-03-12 14:33:04 +11:00
ppc4xx.h ppc4xx: Use ram_addr_t in ppc4xx_sdram_adjust() 2019-02-04 18:44:17 +11:00
ppc_e500.h intc/openpic: Build openpic only once 2013-07-09 21:33:02 +02:00
ppc.h ppc: externalize ppc_get_vcpu_by_pir() 2019-03-12 14:33:04 +11:00
spapr_cpu_core.h spapr: Use CamelCase properly 2019-03-12 14:33:05 +11:00
spapr_drc.h spapr: Use CamelCase properly 2019-03-12 14:33:05 +11:00
spapr_irq.h spapr: Use CamelCase properly 2019-03-12 14:33:05 +11:00
spapr_ovec.h spapr: Use CamelCase properly 2019-03-12 14:33:05 +11:00
spapr_rtas.h tests: add RTAS command in the protocol 2016-09-23 10:29:40 +10:00
spapr_vio.h spapr: Use CamelCase properly 2019-03-12 14:33:05 +11:00
spapr_xive.h spapr: Use CamelCase properly 2019-03-12 14:33:05 +11:00
spapr.h spapr: Simplify handling of host-serial and host-model values 2019-03-29 10:25:50 +11:00
xics_spapr.h spapr: Use CamelCase properly 2019-03-12 14:33:05 +11:00
xics.h xics: Write source state to KVM at claim time 2019-02-26 09:21:25 +11:00
xive_regs.h ppc/xive: introduce a simplified XIVE presenter 2018-12-21 09:37:04 +11:00
xive.h ppc/pnv: export the xive_router_notify() routine 2019-03-12 14:33:04 +11:00