Yuval Shaia 31c4b6fb02 hw/pvrdma: Protect against buggy or malicious guest driver ...

Guest driver might execute HW commands when shared buffers are not yet
allocated.
This could happen on purpose (malicious guest) or because of some other
guest/host address mapping error.
We need to protect againts such case.

Fixes: CVE-2022-1050

Reported-by: Raven <wxhusst@gmail.com>
Signed-off-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
Message-Id: <20220403095234.2210-1-yuval.shaia.ml@gmail.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>

2023-01-16 18:49:38 +01:00

..

vmw

hw/pvrdma: Protect against buggy or malicious guest driver

2023-01-16 18:49:38 +01:00

Kconfig

kconfig: add dependencies on CONFIG_MSI_NONBROKEN

2019-03-18 09:39:57 +01:00

meson.build

meson: convert hw/rdma

2020-08-21 06:30:29 -04:00

rdma_backend_defs.h

hw/rdma: Replace QList by GQueue

2020-12-19 10:38:43 +01:00

rdma_backend.c

hw/rdma: Replace QList by GQueue

2020-12-19 10:38:43 +01:00

rdma_backend.h

hw/rdma: Skip data-path mr_id translation

2020-03-21 19:16:38 +02:00

rdma_rm_defs.h

hw/rdma: Modify create/destroy QP to support SRQ

2019-05-04 15:55:56 +03:00

rdma_rm.c

qapi: introduce x-query-rdma QMP command

2021-11-02 15:55:14 +00:00

rdma_rm.h

qapi: introduce x-query-rdma QMP command

2021-11-02 15:55:14 +00:00

rdma_utils.c

include/hw/pci: Split pci_device.h off pci.h

2023-01-08 01:54:22 -05:00

rdma_utils.h

include/hw/pci: Break inclusion loop pci_bridge.h and cxl.h

2023-01-08 01:54:22 -05:00

rdma.c

…

trace-events

hw/dma: Fix format string issues using dma_addr_t

2022-01-18 12:56:29 +01:00

trace.h

trace: switch position of headers to what Meson requires

2020-08-21 06:18:24 -04:00