ppc: add host-serial and host-model machine attributes (CVE-2019-8934)

mirror of https://github.com/Motorhead1991/qemu.git synced 2025-08-04 08:13:54 -06:00

On ppc hosts, hypervisor shares following system attributes

  - /proc/device-tree/system-id
  - /proc/device-tree/model

with a guest. This could lead to information leakage and misuse.[*]
Add machine attributes to control such system information exposure
to a guest.

[*] https://wiki.openstack.org/wiki/OSSN/OSSN-0028

Reported-by: Daniel P. Berrangé <berrange@redhat.com>
Fix-suggested-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <20190218181349.23885-1-ppandit@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>

This commit is contained in:

Prasad J Pandit

2019-02-18 23:43:49 +05:30

• committed by

David Gibson

parent 6eebe6dccb

commit 27461d69a0

2 changed files with 72 additions and 6 deletions

									
										2

include/hw/ppc/spapr.h
									
										View file
										
				@ -177,6 +177,8 @@ struct sPAPRMachineState {

				    /*< public >*/

				    char *kvm_type;

				    char *host_model;

				    char *host_serial;

				    int32_t irq_map_nr;

				    unsigned long *irq_map;

Rows
Columns

ppc: add host-serial and host-model machine attributes (CVE-2019-8934)

2 include/hw/ppc/spapr.h Unescape Escape View file

2

include/hw/ppc/spapr.h

View file