From patchwork Tue Apr 9 10:55:33 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= X-Patchwork-Id: 787195 Delivered-To: patch@linaro.org Received: by 2002:adf:fdd2:0:b0:346:15ad:a2a with SMTP id i18csp154321wrs; Tue, 9 Apr 2024 03:56:23 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCUJERMS4ymwkOY5qkHFRUTiryH46hoocpq4/AdyrNAyWIlvpqN5SbxO3SyfVbw5C/RzyKEeYJEsOOscmLA9Nfte X-Google-Smtp-Source: AGHT+IFa4NWLOCGQ6V42sU16+5f1MPovvSCTez54VJYqa+UMEZ72njrjewsrZTInJ+8Wz2aBg1Ny X-Received: by 2002:a05:6808:190f:b0:3c5:eaaf:babe with SMTP id bf15-20020a056808190f00b003c5eaafbabemr9696961oib.7.1712660183383; Tue, 09 Apr 2024 03:56:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1712660183; cv=none; d=google.com; s=arc-20160816; b=z2nLjxGjokl0LzFxNIe74yCJ073SxqF+0tn3oB8qdKzNqDc9Oaxq8HpsPfnGg7iAp5 VcKyrq2Uk2LOBkZgohkktqfMlRd/DcX0hbeIIMnqaj4XjJNrRYMrJwALRISssj2Oho8+ xJNY43H30WqBkpQ2cS/vL3Z8GiqrXXwGemT2Bjt8cmV12trXLoXGRW7KtE8rZHrr64dH h9Of+i0hS+KHT3MS4GjzMdbJtslAlsZ+J7eptRd9Sl50WxVYwDYxZOLl29+9FGf9qfEk 3IuDdNfs9LH21sBLwSG0eWc2QztfRPd3HddCEiQmBD5XKBHkowBdkz7KMv1nPNes6BMQ jQ0A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:message-id:date:subject:cc:to:from:dkim-signature; bh=TTVu/2e2x7Cz/F9RoNtxdxAm3oz3O3QucZR+rExoGSU=; fh=1zoNzwI8t7QfLy5PX76S5e2vmcPHpb/V/xLic8g+aJE=; b=0ctFjV9uQrkI3tQZnIsOPBXXenEFJFZdFV6lPDkqGzQcoS9+2a6A6flGlzhd1I9Ncj 26IQcYdcJLZvmA9PMgWxjKf3wLeWfAVItnL+JWXhrN/s05Dn2EgeEgoElNekjrbFwsnv bkTWVaKcxIDa8lSiJPd+GTnuPLJgb+xDWNl04jGKt7k1vpy7qWP4Ut43cEb2n2F30dbw epqxGCDbCt3l42UmaeK7ycgc0097o8YW9Ln5gJaOaRCQTO2ZGye4zKvoIctcAWca7uX9 OPg1y2rZqgh95akOOO7jQ6yM9NGKcuByytBX9uITsGlg2Cqb9VvN4M/ju4FJ8SQFZ1xV Zrhw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Cetv9B9f; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id u10-20020a05620a022a00b0078d5e95ac4dsi6518179qkm.440.2024.04.09.03.56.23 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Tue, 09 Apr 2024 03:56:23 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Cetv9B9f; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ru98j-0001MW-4R; Tue, 09 Apr 2024 06:55:45 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ru98i-0001MM-3E for qemu-devel@nongnu.org; Tue, 09 Apr 2024 06:55:44 -0400 Received: from mail-ej1-x62a.google.com ([2a00:1450:4864:20::62a]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1ru98g-00034R-GN for qemu-devel@nongnu.org; Tue, 09 Apr 2024 06:55:43 -0400 Received: by mail-ej1-x62a.google.com with SMTP id a640c23a62f3a-a51fc011e8fso51801666b.0 for ; Tue, 09 Apr 2024 03:55:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1712660140; x=1713264940; darn=nongnu.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=TTVu/2e2x7Cz/F9RoNtxdxAm3oz3O3QucZR+rExoGSU=; b=Cetv9B9fiyd2BKkVxcKLLTNbiNncSN4dw7JsTzUfMA5KBzc6dsMm6ye4yM4HEUP8TX RzYqnijpVMq3CYBzNyWL7WdsUzKxG+DUq+TE90H13hGJjFKTDMmK1ysGXUvybQybd/xi z60VyRXoq6rQXmMup7Mzr3q2pZeoBFed8kgoenTp/D/pbBuuD1rW+fvfCsNfheQpJWVv dIFApj7zLNQ2qRE/oO7evUkPfzo2x0d2h60ysi/YgUX9EotS20OU1xoUElrzEg4xE/C/ ZNDcwkwRs7gcJ6+KoqwNrl+7Gyz0OBtekkm1GbsP039qM4FSh1MlAwOz+8tskaTYPy6L r6Eg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712660140; x=1713264940; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=TTVu/2e2x7Cz/F9RoNtxdxAm3oz3O3QucZR+rExoGSU=; b=BWx1AIUs3Wkr3cyGn0bs5TnMkUQxwYG/FTlqhBvERKlhWTx7rJJm4qTDg8j8/xYB9D 7DR5QhCZZ1midql2RTnJz1KDKb0y//ZG6B3kGFBd4YX6bS09Wf/a0vgLaiQGue8KlzP5 Jdlg5qWz7CUI9W+Q6MuOvKlzlQ8ji5pon+hvKUcBdAK+EeqEoYOrhCuL5fJaBDjogTqi MNxPGY0K5kFXxGnXVXc4bR1PagYI8ObIm6S0keQ7Otum3X0uFrDcCOczpH3zPBNxiQ3Q b8Bg5VsuKpIQbc9KUvYsIGzR90cov/D+yjVGliSdlcpotRxO8KtkAClB34+b4AumPm8O RBDQ== X-Gm-Message-State: AOJu0YycgouAvE8R6d6ac1dyUAHjQjqgAeLWJeDYdhwdapV8AI2VYeUw 4qjxWrI8t9JJSfwR3O3CFmJUa52ji6JaNRU0pnxdMUZHw+grGrVvxfkXvtdY8uqK3kmIRhAOjwQ 7 X-Received: by 2002:a17:907:2d09:b0:a51:d463:32c0 with SMTP id gs9-20020a1709072d0900b00a51d46332c0mr5423399ejc.57.1712660140487; Tue, 09 Apr 2024 03:55:40 -0700 (PDT) Received: from m1x-phil.lan ([176.176.160.134]) by smtp.gmail.com with ESMTPSA id sa2-20020a1709076d0200b00a474ef94fddsm5540435ejc.70.2024.04.09.03.55.39 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Tue, 09 Apr 2024 03:55:40 -0700 (PDT) From: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Cc: Amit Shah , Paolo Bonzini , "Gonglei (Arei)" , Laurent Vivier , Gerd Hoffmann , "Michael S. Tsirkin" , =?utf-8?q?Marc-Andr=C3=A9_Lureau?= , =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= Subject: [PATCH-for-9.0 v2 0/4] hw/virtio: Protect from more DMA re-entrancy bugs Date: Tue, 9 Apr 2024 12:55:33 +0200 Message-ID: <20240409105537.18308-1-philmd@linaro.org> X-Mailer: git-send-email 2.41.0 MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::62a; envelope-from=philmd@linaro.org; helo=mail-ej1-x62a.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org Fixes for CVE-2024-3446. Gerd suggested to use the transport guard to protect the device from DMA re-entrancy abuses. Since v1: - Take a DeviceState argument, not VirtIODevice, so it works seamlessly with CCW devices (actually the original code from Gerd). - Build and test :> I'll send a PR with these patches later today. Regards, Phil. Philippe Mathieu-Daudé (4): hw/virtio: Introduce virtio_bh_new_guarded() helper hw/display/virtio-gpu: Protect from DMA re-entrancy bugs hw/char/virtio-serial-bus: Protect from DMA re-entrancy bugs hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs include/hw/virtio/virtio.h | 7 +++++++ hw/char/virtio-serial-bus.c | 3 +-- hw/display/virtio-gpu.c | 6 ++---- hw/virtio/virtio-crypto.c | 4 ++-- hw/virtio/virtio.c | 10 ++++++++++ 5 files changed, 22 insertions(+), 8 deletions(-) Reviewed-by: Michael S. Tsirkin