[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH repost 0/4] add mitigation against buffer overflows
|
From: |
Michael S. Tsirkin |
|
Subject: |
[Qemu-devel] [PATCH repost 0/4] add mitigation against buffer overflows |
|
Date: |
Sun, 27 Sep 2015 13:14:27 +0300 |
Multiple places in QEMU map guest memory, then access it
directly. Unfortunately since we are using C, there's always
a chance that we'll miss a bounds check when we do this.
This has a potential to corrupt QEMU memory.
As a mitigation strategy against such exploits,
allocate a page in HVA space on top of each RAM chunk
with PROT_NONE protection.
Buffer overflows will now cause QEMU to crash.
This is a repost, combining separate patches into a single
series. No changes to patches themselves.
Michael S. Tsirkin (4):
oslib: rework anonimous RAM allocation
oslib: allocate PROT_NONE pages on top of RAM
exec: allocate PROT_NONE pages on top of RAM
exec: factor out duplicate mmap code
include/qemu/mmap-alloc.h | 10 +++++++++
exec.c | 19 ++++++++++++-----
util/mmap-alloc.c | 52 +++++++++++++++++++++++++++++++++++++++++++++++
util/oslib-posix.c | 20 ++++--------------
util/Makefile.objs | 2 +-
5 files changed, 81 insertions(+), 22 deletions(-)
create mode 100644 include/qemu/mmap-alloc.h
create mode 100644 util/mmap-alloc.c
--
MST
- [Qemu-devel] [PATCH repost 0/4] add mitigation against buffer overflows,
Michael S. Tsirkin <=
- [Qemu-devel] [PATCH repost 1/4] oslib: rework anonimous RAM allocation, Michael S. Tsirkin, 2015/09/27
- [Qemu-devel] [PATCH repost 2/4] oslib: allocate PROT_NONE pages on top of RAM, Michael S. Tsirkin, 2015/09/27
- [Qemu-devel] [PATCH repost 3/4] exec: allocate PROT_NONE pages on top of RAM, Michael S. Tsirkin, 2015/09/27
- [Qemu-devel] [PATCH repost 4/4] exec: factor out duplicate mmap code, Michael S. Tsirkin, 2015/09/27
- Re: [Qemu-devel] [PATCH repost 0/4] add mitigation against buffer overflows, Paolo Bonzini, 2015/09/28