[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH 0/11] Xen PCI Passthrough security fixes
Hi all, the following is a collection of QEMU security fixes for PCI Passthrough on Xen. Non-Xen usages of QEMU are unaffected. Although the CVEs have already been made public, given the large amount of changes, I decided not to send a pull request without giving a chance to the QEMU community to comment on the patches first. Each patch has a detail description of what is trying to fix. You can also cross-reference the CVE numbers. Jan Beulich (11): xen: properly gate host writes of modified PCI CFG contents xen: don't allow guest to control MSI mask register xen/MSI-X: limit error messages xen/MSI: don't open-code pass-through of enable bit modifications xen/pt: consolidate PM capability emu_mask xen/pt: correctly handle PM status bit xen/pt: split out calculation of throughable mask in PCI config space handling xen/pt: mark all PCIe capability bits read-only xen/pt: mark reserved bits in PCI config space fields xen/pt: add a few PCI config space field descriptions xen/pt: unknown PCI config space fields should be read-only hw/pci/msi.c | 4 - hw/xen/xen_pt.c | 51 +++++++++- hw/xen/xen_pt.h | 7 +- hw/xen/xen_pt_config_init.c | 235 ++++++++++++++++++++++++++++--------------- hw/xen/xen_pt_msi.c | 12 ++- include/hw/pci/pci_regs.h | 2 + 6 files changed, 217 insertions(+), 94 deletions(-) Cheers, Stefano _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |