1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
From 520f26fc6d17b71a43eaf620e834b3bdf316f3d3 Mon Sep 17 00:00:00 2001
From: Prasad J Pandit <pjp@fedoraproject.org>
Date: Tue, 11 Aug 2020 17:11:25 +0530
Subject: [PATCH] hw/pci-host: add pci-intack write method
Add pci-intack mmio write method to avoid NULL pointer dereference
issue.
Reported-by: Lei Sun <slei.casper@gmail.com>
Reviewed-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <20200811114133.672647-2-ppandit@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
CVE: CVE-2020-15469
Upstream-Status: Backport [import from ubuntu
https://git.launchpad.net/ubuntu/+source/qemu/tree/debian/patches/CVE-2020-15469-1.patch?h=ubuntu/focal-security
Upstream commit https://github.com/qemu/qemu/commit/520f26fc6d17b71a43eaf620e834b3bdf316f3d3 ]
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
---
hw/pci-host/prep.c | 8 ++++++++
1 file changed, 8 insertions(+)
--- a/hw/pci-host/prep.c
+++ b/hw/pci-host/prep.c
@@ -26,6 +26,7 @@
#include "qemu/osdep.h"
#include "qemu-common.h"
#include "qemu/units.h"
+#include "qemu/log.h"
#include "qapi/error.h"
#include "hw/pci/pci.h"
#include "hw/pci/pci_bus.h"
@@ -119,8 +120,15 @@ static uint64_t raven_intack_read(void *
return pic_read_irq(isa_pic);
}
+static void raven_intack_write(void *opaque, hwaddr addr,
+ uint64_t data, unsigned size)
+{
+ qemu_log_mask(LOG_UNIMP, "%s not implemented\n", __func__);
+}
+
static const MemoryRegionOps raven_intack_ops = {
.read = raven_intack_read,
+ .write = raven_intack_write,
.valid = {
.max_access_size = 1,
},
|
