qemu/tests/qtest
Peter Maydell b7a3a705b6 * Fix stack-overflow due to recursive DMA in intel-hda (CVE-2021-3611)
* Fix heap overflow due to recursive DMA in sdhci code
 -----BEGIN PGP SIGNATURE-----
 
 iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmI4pGwRHHRodXRoQHJl
 ZGhhdC5jb20ACgkQLtnXdP5wLbXF5xAAq4rPbi4f0eQ1AkEgfnUgnbgg48UoHvkQ
 8de1QoVO8Jo88MJgDF0hPirW7SQUpiTrxGpGIBdQOqqq9E41Sz1UEyaNM3SLoGpX
 N+Dbt+70H/yro0E0XiPmoUEOlKPIqENaS5dzLm6xVI/zA05vAw5JFXgQ6KvcYK2X
 YQvUyYoPmKMah6TSJrXbtgieKjkutnhoNIkLawulBP8BRuROhKYFDRsBFMAKlqmT
 m/FHGmkrLEVUVG3Uj5nqR+IKjLrPjFWLUuLLMATm8N5+umQwffTFeUw7ZrjDQ700
 T8ciLwO/zRLXvkOeAGXhP1uEmShlflRyN9pK+Cgl2DkdilMB0aMwRQEnLFbnCCzy
 6O2lfoo4tXwJAJ/uoOP7auT/RO0hX554s4da2T7SjI42XZwaZszihMKdoC0BFi06
 jwrmomLFSdPz4eDdxFg7zl2ugcoBlmAif1aRXfFs1AquTVwTkicD/n2Av9hj8eyF
 8vDkqJHzgoCWU+5Intuv32KgkUcZPK/Qqp8u8xRKUrwekeb/Iovh9qGO3iHKMAh3
 aAi//QByhtEBjgDEVq6E/OMjfvOD3QbJv9PzDTTdUyRGx0e4/3iOTspzpA3gl/zB
 q4tFtTiisbRIgBCVl4/R0El76FsGTr56vGwsncsJskx7BLLZuSIb48Hqb7euUdO9
 SHFcvADZKAI=
 =/FY+
 -----END PGP SIGNATURE-----

Merge tag 'pull-request-2022-03-21' of https://gitlab.com/thuth/qemu into staging

* Fix stack-overflow due to recursive DMA in intel-hda (CVE-2021-3611)
* Fix heap overflow due to recursive DMA in sdhci code

# gpg: Signature made Mon 21 Mar 2022 16:14:36 GMT
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* tag 'pull-request-2022-03-21' of https://gitlab.com/thuth/qemu:
  tests/qtest/fuzz-sdcard-test: Add reproducer for OSS-Fuzz (Issue 29225)
  hw/sd/sdhci: Prohibit DMA accesses to devices
  hw/sd/sdhci: Honor failed DMA transactions
  tests/qtest/intel-hda-test: Add reproducer for issue #542
  hw/audio/intel-hda: Restrict DMA engine to memories (not MMIO devices)
  hw/audio/intel-hda: Do not ignore DMA overrun errors
  softmmu/physmem: Introduce MemTxAttrs::memory field and MEMTX_ACCESS_ERROR
  softmmu/physmem: Simplify flatview_write and address_space_access_valid

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2022-03-22 20:45:30 +00:00
..
fuzz configure, meson: move fuzzing configuration to Meson 2021-10-14 09:50:56 +02:00
libqos Replace GCC_FMT_ATTR with G_GNUC_PRINTF 2022-03-22 14:40:51 +04:00
ac97-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
acpi-utils.c tests: acpi: dump table with failed checksum 2021-10-20 04:37:55 -04:00
acpi-utils.h meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
adm1272-test.c tests/qtest: add tests for ADM1272 device model 2021-07-08 14:41:59 -05:00
ahci-test.c tests/qtest/ahci-test.c: Calculate iso_size with 64-bit arithmetic 2021-05-14 12:28:01 +02:00
am53c974-test.c qtest/am53c974-test: add test for reset before transfer 2021-11-19 10:14:30 +01:00
arm-cpu-features.c tests: arm-cpu-features: use qtest_has_kvm() API 2021-10-20 04:37:55 -04:00
aspeed_hace-test.c tests/qtest: Add test for Aspeed HACE 2021-05-01 10:03:51 +02:00
aspeed_smc-test.c tests/qtest: Rename m25p80 test in aspeed_smc test 2021-05-01 10:03:52 +02:00
bios-tables-test-allowed-diff.h tests/acpi: i386: update FACP table differences 2022-03-06 16:06:16 -05:00
bios-tables-test.c ACPI ERST: bios-tables-test testcase 2022-02-06 04:33:50 -05:00
boot-order-test.c tests/qtest/boot-order-test: Check whether machines are available 2021-12-22 08:13:05 +01:00
boot-sector.c tests/qtest/boot-sector: Check that the guest did not panic 2021-02-19 06:29:05 +01:00
boot-sector.h meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
boot-serial-test.c tests/qtest/boot-serial-test: Silence the warning about deprecated sga device 2021-12-22 08:13:05 +01:00
cdrom-test.c hw/i386: Add the possibility to disable the 'isapc' machine 2022-02-04 09:07:43 -05:00
cmsdk-apb-dualtimer-test.c tests: Add a simple test of the CMSDK APB dual timer 2021-01-29 15:54:42 +00:00
cmsdk-apb-timer-test.c tests: Add a simple test of the CMSDK APB timer 2021-01-29 15:54:42 +00:00
cmsdk-apb-watchdog-test.c tests/qtest/cmsdk-apb-watchdog-test: Test clock changes 2021-01-29 15:54:44 +00:00
cpu-plug-test.c cphp: remove deprecated cpu-add command(s) 2020-09-29 02:14:30 -04:00
dbus-display-test.c tests: start dbus-display-test 2021-12-21 10:50:22 +04:00
dbus-vmstate-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
device-introspect-test.c qtest: escape device name in device-introspect-test 2020-11-04 12:00:02 -05:00
device-plug-test.c tests/x86: Use 'pc' machine type for hotplug tests 2022-02-21 10:13:23 +01:00
display-vga-test.c
drive_del-test.c tests/x86: Use 'pc' machine type for hotplug tests 2022-02-21 10:13:23 +01:00
ds1338-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
e1000-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
e1000e-test.c Drop qemu_foo() socket API wrapper 2022-03-22 14:40:51 +04:00
eepro100-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
emc141x-test.c sensor: Move hardware sensors from misc to a sensor directory 2021-06-17 07:10:32 -05:00
endianness-test.c tests/qtest: Improve endianness-test to work with missing machines and devices 2021-12-22 08:13:05 +01:00
erst-test.c erst: drop cast to long long 2022-02-21 10:13:23 +01:00
es1370-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
fdc-test.c tests/x86: Use 'pc' machine type for old hardware tests 2022-02-21 10:13:23 +01:00
fuzz-e1000e-test.c net/eth: Read ip6_ext_hdr_routing buffer before accessing it 2021-03-22 17:34:31 +08:00
fuzz-lsi53c895a-test.c tests/qtest: Add fuzz-lsi53c895a-test 2021-11-30 22:25:58 +01:00
fuzz-megasas-test.c tests/qtest/fuzz-megasas-test: Add test for GitLab issue #521 2021-12-18 10:57:37 +01:00
fuzz-sb16-test.c hw/audio/sb16: Restrict I/O sampling rate range for command 41h/42h 2021-06-24 11:42:54 +02:00
fuzz-sdcard-test.c tests/qtest/fuzz-sdcard-test: Add reproducer for OSS-Fuzz (Issue 29225) 2022-03-21 14:05:42 +01:00
fuzz-virtio-scsi-test.c tests/qtest: Only run fuzz-virtio-scsi when virtio-scsi is available 2021-03-16 14:19:54 -04:00
fuzz-xlnx-dp-test.c hw/display/xlnx_dp: fix an out-of-bounds read in xlnx_dp_read 2021-08-31 14:34:36 +02:00
fw_cfg-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
hd-geo-test.c tests/x86: Use 'pc' machine type for hotplug tests 2022-02-21 10:13:23 +01:00
hexloader-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
i440fx-test.c tests/x86: Use 'pc' machine type for old hardware tests 2022-02-21 10:13:23 +01:00
i82801b11-test.c
ide-test.c tests/qtest/ide-test: Remove bad retry_isa test 2022-02-21 10:13:23 +01:00
intel-hda-test.c tests/qtest/intel-hda-test: Add reproducer for issue #542 2022-03-21 10:25:21 +01:00
ioh3420-test.c
ipmi-bt-test.c tests/qtest/ipmi-bt-test: Zero-initialize sockaddr struct 2021-08-26 17:02:00 +01:00
ipmi-kcs-test.c tests: Avoid side effects inside g_assert() arguments 2021-05-14 12:28:01 +02:00
ipoctal232-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
isl_pmbus_vr-test.c hw/sensor: add Renesas raa228000 device 2022-03-08 18:46:48 +01:00
ivshmem-test.c tests/x86: Use 'pc' machine type for hotplug tests 2022-02-21 10:13:23 +01:00
libqtest-single.h Replace GCC_FMT_ATTR with G_GNUC_PRINTF 2022-03-22 14:40:51 +04:00
libqtest.c Replace GCC_FMT_ATTR with G_GNUC_PRINTF 2022-03-22 14:40:51 +04:00
lpc-ich9-test.c tests/qtest: cleanup the testcase for bug 1878642 2021-03-19 10:37:46 -04:00
lsm303dlhc-mag-test.c hw/sensor: Add lsm303dlhc magnetometer device 2022-02-08 10:56:29 +00:00
m48t59-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
machine-none-test.c Drop the deprecated unicore32 target 2021-05-12 18:20:52 +02:00
max34451-test.c tests/qtest: add tests for MAX34451 device model 2021-07-08 14:42:00 -05:00
megasas-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
meson.build qtest/meson.build: check CONFIG_TCG for boot-serial-test in qtests_ppc 2022-03-14 15:57:17 +01:00
microbit-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
migration-helpers.c tests/migration: fix memleak in wait_command/wait_command_fd 2020-10-24 07:23:19 +02:00
migration-helpers.h Replace GCC_FMT_ATTR with G_GNUC_PRINTF 2022-03-22 14:40:51 +04:00
migration-test.c tests: Pass in MigrateStart** into test_migrate_start() 2022-03-02 18:20:45 +00:00
modules-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
ne2000-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
npcm7xx_adc-test.c npcm7xx_adc-test: Fix memleak in adc_qom_set 2021-01-19 15:45:14 +00:00
npcm7xx_emc-test.c Drop qemu_foo() socket API wrapper 2022-03-22 14:40:51 +04:00
npcm7xx_gpio-test.c hw/gpio: Add GPIO model for Nuvoton NPCM7xx 2020-10-27 11:10:32 +00:00
npcm7xx_pwm-test.c tests/qtest/npcm7xx_pwm-test.c: Avoid g_assert_true() for non-test assertions 2021-05-14 12:28:01 +02:00
npcm7xx_rng-test.c tests/qtest/npcm7xx_rng-test: dump random data on failure 2020-12-10 11:30:44 +00:00
npcm7xx_sdhci-test.c tests/qtest: add qtests for npcm7xx sdhci 2022-03-02 19:27:36 +00:00
npcm7xx_smbus-test.c sensor: Move hardware sensors from misc to a sensor directory 2021-06-17 07:10:32 -05:00
npcm7xx_timer-test.c tests/qtest: variable defined by g_autofree need to be initialized 2020-11-20 13:34:22 +01:00
npcm7xx_watchdog_timer-test.c tests/qtest: fix memleak in npcm7xx_watchdog_timer-test 2020-11-20 13:35:33 +01:00
numa-test.c qtest/numa-test: Use detailed -smp CLIs in test_def_cpu_split 2021-10-01 15:27:56 +02:00
nvme-test.c tests/qtest/nvme-test: add mmio read test 2021-07-26 21:09:39 +02:00
pca9552-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
pci-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
pcnet-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
pflash-cfi02-test.c tests/qtest/pflash-cfi02-test: Avoid potential integer overflow 2021-06-03 16:43:27 +01:00
pnv-xscom-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
prom-env-test.c tests/qtest: Add a function to check whether a machine is available 2021-12-15 08:08:59 +01:00
pvpanic-pci-test.c tests/qtest: add a test case for pvpanic-pci 2021-01-29 10:47:28 +00:00
pvpanic-test.c qtest/pvpanic: Test panic option that allows VM to continue 2020-12-15 12:51:59 -05:00
pxe-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
q35-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
qmp-cmd-test.c qapi: introduce x-query-opcount QMP command 2021-11-02 15:57:20 +00:00
qmp-test.c machine: remove 'query-cpus' QMP command 2021-03-18 09:22:55 +00:00
qom-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
qos-test.c tests/qtest/qos-test: dump QEMU command if verbose 2021-02-16 17:15:39 +01:00
rtas-test.c spapr: Implement Open Firmware client interface 2021-07-09 10:38:19 +10:00
rtc-test.c tests/qtest/rtc-test: Remove pointless NULL check 2021-05-14 12:28:01 +02:00
rtl8139-test.c
sdhci-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
spapr-phb-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
sse-timer-test.c tests/qtest/sse-timer-test: Test counter scaling changes 2021-03-08 17:20:03 +00:00
tco-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
test-arm-mptimer.c
test-filter-mirror.c Drop qemu_foo() socket API wrapper 2022-03-22 14:40:51 +04:00
test-filter-redirector.c Drop qemu_foo() socket API wrapper 2022-03-22 14:40:51 +04:00
test-hmp.c migrate: remove QMP/HMP commands for speed, downtime and cache size 2021-03-18 09:22:55 +00:00
test-netfilter.c tests/qtest: Make the filter tests independent from a specific NIC 2021-12-22 08:13:05 +01:00
test-x86-cpuid-compat.c tests/qtest/test-x86-cpuid-compat: Check for machines before using them 2022-01-05 11:10:03 +01:00
tmp105-test.c sensor: Move hardware sensors from misc to a sensor directory 2021-06-17 07:10:32 -05:00
tpm-crb-swtpm-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
tpm-crb-test.c tests: Add tpm_version field to TPMTestState and fill it 2021-08-31 17:33:11 -04:00
tpm-emu.c tests: Use QMP to check whether a TPM device model is available 2021-08-31 17:33:12 -04:00
tpm-emu.h tests: Use QMP to check whether a TPM device model is available 2021-08-31 17:33:12 -04:00
tpm-tests.c tests/qtest/tpm-tests: Remove unnecessary NULL checks 2021-06-03 16:43:27 +01:00
tpm-tests.h test: tpm: pass optional machine options to swtpm test functions 2020-03-05 12:18:33 -05:00
tpm-tis-device-swtpm-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
tpm-tis-device-test.c tests: Add tpm_version field to TPMTestState and fill it 2021-08-31 17:33:11 -04:00
tpm-tis-swtpm-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
tpm-tis-test.c tests: Add tpm_version field to TPMTestState and fill it 2021-08-31 17:33:11 -04:00
tpm-tis-util.c tests: Rename TestState to TPMTestState 2021-08-31 17:33:10 -04:00
tpm-tis-util.h test: tpm-tis: Get prepared to share tests between ISA and sysbus devices 2020-03-05 12:18:39 -05:00
tpm-util.c tests/qtest/tpm-util.c: Free memory with correct free function 2021-05-14 12:28:01 +02:00
tpm-util.h test: tpm-tis: Get prepared to share tests between ISA and sysbus devices 2020-03-05 12:18:39 -05:00
tulip-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
usb-hcd-ehci-test.c libqos: usb-hcd-ehci: use 32-bit write for config register 2020-06-26 06:45:29 -04:00
usb-hcd-ohci-test.c
usb-hcd-uhci-test.c
usb-hcd-xhci-test.c
vhost-user-blk-test.c vhost-user-blk-test: pass vhost-user socket fds to QSD 2021-10-20 04:37:55 -04:00
vhost-user-test.c tests/qtest/vhost-user-test.c: Use vhostforce=on 2022-02-21 10:13:23 +01:00
virtio-9p-test.c 9pfs: Use g_new() & friends where that makes obvious sense 2022-03-21 15:44:44 +01:00
virtio-blk-test.c
virtio-ccw-test.c
virtio-iommu-test.c tests/qtest/virtio-iommu-test: Check bypass config 2022-03-06 05:08:23 -05:00
virtio-net-failover.c tests/qtest: failover: migration abort test with failover off 2022-02-21 10:15:55 +01:00
virtio-net-test.c Drop qemu_foo() socket API wrapper 2022-03-22 14:40:51 +04:00
virtio-rng-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
virtio-scsi-test.c tests/qtest/virtio-scsi-test: add unmap large LBA with 4k blocks test 2021-06-04 13:47:08 +02:00
virtio-serial-test.c
virtio-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
vmgenid-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
vmxnet3-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
wdt_ib700-test.c meson: convert tests/qtest to meson 2020-08-21 06:30:20 -04:00
xlnx-can-test.c arm: rename xlnx-zcu102.canbusN properties 2021-01-29 10:47:28 +00:00