[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2 0/9] hw/sd/sdcard: Fix CVE-2020-13253
From: |
Philippe Mathieu-Daudé |
Subject: |
Re: [PATCH v2 0/9] hw/sd/sdcard: Fix CVE-2020-13253 |
Date: |
Tue, 14 Jul 2020 15:37:26 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.5.0 |
On 7/13/20 8:32 PM, Philippe Mathieu-Daudé wrote:
> This series fixes CVE-2020-13253 by only allowing SD card image
> sizes power of 2, and not switching to SEND_DATA state when the
> address is invalid (out of range).
>
> Patches missing review:
> 3: boot_linux: Tag tests using a SD card with 'device:sd'
> 4: boot_linux: Expand SD card image to power of 2
> 7: hw/sd/sdcard: Do not allow invalid SD card sizes
>
> Since v1:
> Fixes issue due to image not power of 2:
> https://www.mail-archive.com/qemu-devel@nongnu.org/msg720737.html
>
> Supersedes: <20200707132116.26207-1-f4bug@amsat.org>
>
> Niek Linnenbank (1):
> docs/orangepi: Add instructions for resizing SD image to power of two
>
> Philippe Mathieu-Daudé (8):
> MAINTAINERS: Cc qemu-block mailing list
> tests/acceptance/boot_linux: Tag tests using a SD card with
> 'device:sd'
> tests/acceptance/boot_linux: Expand SD card image to power of 2
> hw/sd/sdcard: Restrict Class 6 commands to SCSD cards
> hw/sd/sdcard: Simplify realize() a bit
> hw/sd/sdcard: Do not allow invalid SD card sizes
> hw/sd/sdcard: Update coding style to make checkpatch.pl happy
> hw/sd/sdcard: Do not switch to ReceivingData if address is invalid
>
> docs/system/arm/orangepi.rst | 16 ++++-
> hw/sd/sd.c | 86 ++++++++++++++++++++------
> MAINTAINERS | 1 +
> tests/acceptance/boot_linux_console.py | 30 ++++++---
> 4 files changed, 102 insertions(+), 31 deletions(-)
Thanks for the reviews.
I addressed Cleber minor comment and will send a pull request shortly.
Phil.
- Re: [PATCH v2 4/9] tests/acceptance/boot_linux: Expand SD card image to power of 2, (continued)
- [PATCH v2 5/9] hw/sd/sdcard: Restrict Class 6 commands to SCSD cards, Philippe Mathieu-Daudé, 2020/07/13
- [PATCH v2 6/9] hw/sd/sdcard: Simplify realize() a bit, Philippe Mathieu-Daudé, 2020/07/13
- [PATCH v2 7/9] hw/sd/sdcard: Do not allow invalid SD card sizes, Philippe Mathieu-Daudé, 2020/07/13
- [PATCH v2 8/9] hw/sd/sdcard: Update coding style to make checkpatch.pl happy, Philippe Mathieu-Daudé, 2020/07/13
- [PATCH v2 9/9] hw/sd/sdcard: Do not switch to ReceivingData if address is invalid, Philippe Mathieu-Daudé, 2020/07/13
- Re: [PATCH v2 0/9] hw/sd/sdcard: Fix CVE-2020-13253,
Philippe Mathieu-Daudé <=