mirror of
https://github.com/Motorhead1991/qemu.git
synced 2026-01-08 23:47:44 -07:00
4aa2e497a9
- Improves documentation of SSH fingerprint checking
- Fixes SHA256 fingerprints with non-blockdev usage
- Blocks the clone3, setns, unshare & execveat syscalls
with seccomp
- Blocks process spawning via clone syscall, but allows
threads, with seccomp
- Takes over seccomp maintainer role
- Expands firmware descriptor spec to allow flash
without NVRAM
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEE2vOm/bJrYpEtDo4/vobrtBUQT98FAmIOOBkACgkQvobrtBUQ
T9/ruhAAr8jkAH8FN5ftx2/L7q8SHpjPupue1CJ0Nl/ykmYhTGc+SqC3R2nZWOk2
Ws8hHVcDVT1lhrGxPtU7o+JPC1TebJTsloimJoKQY3qfdvZadJeR/4KsOUzi2ruu
VZ6HiYvZc1c9T+NPf3QRhBo7yyascKWKWHDseUNIt/2DiefCox4QFUDDMG86HiQF
KK30xWTvwJdcPxRlbfZbWRoqA0v4OoSDK6Ftp94FQSNBkExO85kstDq3xVaApf8H
DE1QD7gf+dvz11wVuFhrf4d1EH032nU0p0kMxhABc4/kZXo5iWXohhzML3/MUEVT
pe5/9pzUdWpfXQd/2r7x2PyPgySAG7lGbkgltowY52qnRPaNw9ukwkFCFAj8wiD8
FT2ghvkYD3zLfnZ3nuuzJVjf3pXgCc5VcfXaoffT72a7gpI1LTuEqPFwo04imV4l
21fYFx26mYTGCLH1CwVw8MQ2z/dg6uorT/NHdmRA/KrYJ1Elay2K7DV3Z5jOM5MI
0Ll5HkfsUut+1rioUjNgmlQ+96k/G0P0hVUoTUIcgl3U/GDx2+ypcrNTfmEcaCLV
bOhsjtrcg/KAXsCSbvnfDe3bWf0txnscyqoilEzDahLvciWG3d6qlhczLy29LGb4
/w7iqnUcSygXc+a9/ckVo1h5fo0i9qb3W8Pw9klapvz6SGJ83g4=
=PeCY
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/berrange-gitlab/tags/misc-next-pull-request' into staging
This misc series of changes:
- Improves documentation of SSH fingerprint checking
- Fixes SHA256 fingerprints with non-blockdev usage
- Blocks the clone3, setns, unshare & execveat syscalls
with seccomp
- Blocks process spawning via clone syscall, but allows
threads, with seccomp
- Takes over seccomp maintainer role
- Expands firmware descriptor spec to allow flash
without NVRAM
# gpg: Signature made Thu 17 Feb 2022 11:57:13 GMT
# gpg: using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full]
# gpg: aka "Daniel P. Berrange <berrange@redhat.com>" [full]
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF
* remotes/berrange-gitlab/tags/misc-next-pull-request:
docs: expand firmware descriptor to allow flash without NVRAM
MAINTAINERS: take over seccomp from Eduardo Otubo
seccomp: block setns, unshare and execveat syscalls
seccomp: block use of clone3 syscall
seccomp: fix blocking of process spawning
seccomp: add unit test for seccomp filtering
seccomp: allow action to be customized per syscall
block: print the server key type and fingerprint on failure
block: support sha256 fingerprint with pre-blockdev options
block: better document SSH host key fingerprint checking
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
||
|---|---|---|
| .. | ||
| check-block-qdict.c | ||
| check-qdict.c | ||
| check-qjson.c | ||
| check-qlist.c | ||
| check-qlit.c | ||
| check-qnull.c | ||
| check-qnum.c | ||
| check-qobject.c | ||
| check-qom-interface.c | ||
| check-qom-proplist.c | ||
| check-qstring.c | ||
| crypto-tls-psk-helpers.c | ||
| crypto-tls-psk-helpers.h | ||
| crypto-tls-x509-helpers.c | ||
| crypto-tls-x509-helpers.h | ||
| io-channel-helpers.c | ||
| io-channel-helpers.h | ||
| iothread.c | ||
| iothread.h | ||
| meson.build | ||
| pkix_asn1_tab.c | ||
| ptimer-test-stubs.c | ||
| ptimer-test.c | ||
| ptimer-test.h | ||
| rcutorture.c | ||
| socket-helpers.c | ||
| socket-helpers.h | ||
| test-aio-multithread.c | ||
| test-aio.c | ||
| test-authz-list.c | ||
| test-authz-listfile.c | ||
| test-authz-pam.c | ||
| test-authz-simple.c | ||
| test-base64.c | ||
| test-bdrv-drain.c | ||
| test-bdrv-graph-mod.c | ||
| test-bitcnt.c | ||
| test-bitmap.c | ||
| test-bitops.c | ||
| test-block-backend.c | ||
| test-block-iothread.c | ||
| test-blockjob-txn.c | ||
| test-blockjob.c | ||
| test-bufferiszero.c | ||
| test-char.c | ||
| test-clone-visitor.c | ||
| test-coroutine.c | ||
| test-crypto-afsplit.c | ||
| test-crypto-block.c | ||
| test-crypto-cipher.c | ||
| test-crypto-hash.c | ||
| test-crypto-hmac.c | ||
| test-crypto-ivgen.c | ||
| test-crypto-pbkdf.c | ||
| test-crypto-secret.c | ||
| test-crypto-tlscredsx509.c | ||
| test-crypto-tlssession.c | ||
| test-crypto-xts.c | ||
| test-cutils.c | ||
| test-div128.c | ||
| test-fdmon-epoll.c | ||
| test-forward-visitor.c | ||
| test-hbitmap.c | ||
| test-image-locking.c | ||
| test-int128.c | ||
| test-io-channel-buffer.c | ||
| test-io-channel-command.c | ||
| test-io-channel-file.c | ||
| test-io-channel-socket.c | ||
| test-io-channel-tls.c | ||
| test-io-task.c | ||
| test-iov.c | ||
| test-keyval.c | ||
| test-logging.c | ||
| test-mul64.c | ||
| test-opts-visitor.c | ||
| test-qapi-util.c | ||
| test-qdev-global-props.c | ||
| test-qdist.c | ||
| test-qemu-opts.c | ||
| test-qga.c | ||
| test-qgraph.c | ||
| test-qht.c | ||
| test-qmp-cmds.c | ||
| test-qmp-event.c | ||
| test-qobject-input-visitor.c | ||
| test-qobject-output-visitor.c | ||
| test-rcu-list.c | ||
| test-rcu-simpleq.c | ||
| test-rcu-slist.c | ||
| test-rcu-tailq.c | ||
| test-replication.c | ||
| test-seccomp.c | ||
| test-shift128.c | ||
| test-smp-parse.c | ||
| test-string-input-visitor.c | ||
| test-string-output-visitor.c | ||
| test-thread-pool.c | ||
| test-throttle.c | ||
| test-timed-average.c | ||
| test-util-filemonitor.c | ||
| test-util-sockets.c | ||
| test-uuid.c | ||
| test-visitor-serialization.c | ||
| test-vmstate.c | ||
| test-write-threshold.c | ||
| test-x86-cpuid.c | ||
| test-xbzrle.c | ||
| test-yank.c | ||