qemu/softmmu
Peter Maydell 4aa2e497a9 This misc series of changes:
- Improves documentation of SSH fingerprint checking
  - Fixes SHA256 fingerprints with non-blockdev usage
  - Blocks the clone3, setns, unshare & execveat syscalls
    with seccomp
  - Blocks process spawning via clone syscall, but allows
    threads, with seccomp
  - Takes over seccomp maintainer role
  - Expands firmware descriptor spec to allow flash
    without NVRAM
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE2vOm/bJrYpEtDo4/vobrtBUQT98FAmIOOBkACgkQvobrtBUQ
 T9/ruhAAr8jkAH8FN5ftx2/L7q8SHpjPupue1CJ0Nl/ykmYhTGc+SqC3R2nZWOk2
 Ws8hHVcDVT1lhrGxPtU7o+JPC1TebJTsloimJoKQY3qfdvZadJeR/4KsOUzi2ruu
 VZ6HiYvZc1c9T+NPf3QRhBo7yyascKWKWHDseUNIt/2DiefCox4QFUDDMG86HiQF
 KK30xWTvwJdcPxRlbfZbWRoqA0v4OoSDK6Ftp94FQSNBkExO85kstDq3xVaApf8H
 DE1QD7gf+dvz11wVuFhrf4d1EH032nU0p0kMxhABc4/kZXo5iWXohhzML3/MUEVT
 pe5/9pzUdWpfXQd/2r7x2PyPgySAG7lGbkgltowY52qnRPaNw9ukwkFCFAj8wiD8
 FT2ghvkYD3zLfnZ3nuuzJVjf3pXgCc5VcfXaoffT72a7gpI1LTuEqPFwo04imV4l
 21fYFx26mYTGCLH1CwVw8MQ2z/dg6uorT/NHdmRA/KrYJ1Elay2K7DV3Z5jOM5MI
 0Ll5HkfsUut+1rioUjNgmlQ+96k/G0P0hVUoTUIcgl3U/GDx2+ypcrNTfmEcaCLV
 bOhsjtrcg/KAXsCSbvnfDe3bWf0txnscyqoilEzDahLvciWG3d6qlhczLy29LGb4
 /w7iqnUcSygXc+a9/ckVo1h5fo0i9qb3W8Pw9klapvz6SGJ83g4=
 =PeCY
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/berrange-gitlab/tags/misc-next-pull-request' into staging

This misc series of changes:

 - Improves documentation of SSH fingerprint checking
 - Fixes SHA256 fingerprints with non-blockdev usage
 - Blocks the clone3, setns, unshare & execveat syscalls
   with seccomp
 - Blocks process spawning via clone syscall, but allows
   threads, with seccomp
 - Takes over seccomp maintainer role
 - Expands firmware descriptor spec to allow flash
   without NVRAM

# gpg: Signature made Thu 17 Feb 2022 11:57:13 GMT
# gpg:                using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full]
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>" [full]
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E  8E3F BE86 EBB4 1510 4FDF

* remotes/berrange-gitlab/tags/misc-next-pull-request:
  docs: expand firmware descriptor to allow flash without NVRAM
  MAINTAINERS: take over seccomp from Eduardo Otubo
  seccomp: block setns, unshare and execveat syscalls
  seccomp: block use of clone3 syscall
  seccomp: fix blocking of process spawning
  seccomp: add unit test for seccomp filtering
  seccomp: allow action to be customized per syscall
  block: print the server key type and fingerprint on failure
  block: support sha256 fingerprint with pre-blockdev options
  block: better document SSH host key fingerprint checking

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-02-23 09:25:05 +00:00
..
arch_init.c meson.build: Define QEMU_ARCH in config-target.h 2021-08-26 17:02:00 +01:00
balloon.c qapi: Restrict balloon-related commands to machine code 2020-09-29 15:41:35 +02:00
bootdevice.c softmmu: move more files to softmmu/ 2020-10-12 11:50:21 -04:00
cpu-throttle.c cpu-throttle: Remove timer_mod() from cpu_throttle_set() 2021-02-08 15:15:32 +01:00
cpu-timers.c icount: get rid of static variable 2021-04-01 09:40:45 +02:00
cpus.c softmmu/cpus: Check if the cpu work list is empty atomically 2022-02-09 08:55:02 +11:00
datadir.c vl: extract softmmu/datadir.c 2020-12-10 12:15:18 -05:00
device_tree.c softmmu/device_tree: Remove redundant pointer assignment 2022-01-21 15:52:56 +10:00
dma-helpers.c exec/memory: Extract address_space_set() from dma_memory_set() 2022-01-20 09:09:37 +01:00
globals.c qmp: generalize watchdog-set-action to -no-reboot/-no-shutdown 2020-12-15 12:51:57 -05:00
icount.c icount: get rid of static variable 2021-04-01 09:40:45 +02:00
ioport.c
main.c
memory_mapping.c softmmu/memory_mapping: optimize for RamDiscardManager sections 2021-10-02 08:43:22 +02:00
memory.c memory: Fix qemu crash on starting dirty log twice with stopped VM 2022-02-16 15:01:33 +01:00
meson.build configure, meson: move TPM check to meson 2022-02-21 10:35:53 +01:00
physmem.c include: Move qemu_madvise() and related #defines to new qemu/madvise.h 2022-02-21 13:30:20 +00:00
qdev-monitor.c pci,pc,virtio: bugfixes 2021-11-15 21:56:15 +01:00
qemu-seccomp.c seccomp: block setns, unshare and execveat syscalls 2022-02-16 18:52:40 +00:00
qtest.c qtest: Add missing 'hw/qdev-core.h' include 2022-02-21 10:18:06 +01:00
rtc.c rtc: Move RTC function prototypes to their own header 2022-01-28 14:29:46 +00:00
runstate-action.c runstate: cleanup reboot and panic actions 2021-01-21 13:00:41 +01:00
runstate.c exec/exec-all: Move 'qemu/log.h' include in units requiring it 2022-02-21 10:18:06 +01:00
timers-state.h qemu/atomic: Add aligned_{int64,uint64}_t types 2021-07-21 07:45:38 -10:00
tpm.c qapi: More complex uses of QAPI_LIST_APPEND 2021-01-28 08:08:45 +01:00
trace-events memory: make global_dirty_tracking a bitmask 2021-11-01 22:56:43 +01:00
trace.h
vl.c include: Move hardware version declarations to new qemu/hw-version.h 2022-02-21 13:30:20 +00:00