[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [RFC v2 0/5] state loading security issues
From: |
Michael S. Tsirkin |
Subject: |
Re: [Qemu-devel] [RFC v2 0/5] state loading security issues |
Date: |
Mon, 24 Mar 2014 18:25:27 +0200 |
On Mon, Mar 24, 2014 at 04:37:43PM +0200, Michael S. Tsirkin wrote:
> In an attempt to provide a generic solution for this
> set of issues, this adds a way to add validators
> in the middle of the structure.
>
> On failure, we assert on output (should never happen)
> and fail migration on input.
>
> The last patch in the series shows how the new
> infrastructure is used.
> I'll wait a bit for feedback, if there's none
> I'll go ahead and use this to fix the state loading CVEs.
Forgot to commit some fixes so this doesn't
really work - but this is hopefully enough for people to
get the general idea and comment before I build more
code on top of this.
Please consider this pseudo-code :)
> Michael S. Tsirkin (5):
> vmstate: reduce code duplication
> vmstate: add VMS_NONE
> vmstate: add VMS_MUST_EXIST
> vmstate: add VMSTATE_TEST
> hpet: fix buffer overrun on invalid state load
>
> include/migration/vmstate.h | 8 ++++
> hw/timer/hpet.c | 17 +++++++
> vmstate.c | 107
> +++++++++++++++++++++++++-------------------
> 3 files changed, 87 insertions(+), 45 deletions(-)
>
> --
> MST
>
- [Qemu-devel] [RFC v2 1/5] vmstate: reduce code duplication, (continued)
[Qemu-devel] [RFC v2 4/5] vmstate: add VMSTATE_TEST, Michael S. Tsirkin, 2014/03/24
[Qemu-devel] [RFC v2 5/5] hpet: fix buffer overrun on invalid state load, Michael S. Tsirkin, 2014/03/24
Re: [Qemu-devel] [RFC v2 0/5] state loading security issues,
Michael S. Tsirkin <=