[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v2 0/9] hw/sd/sdcard: Fix CVE-2020-13253
|
From: |
Philippe Mathieu-Daudé |
|
Subject: |
[PATCH v2 0/9] hw/sd/sdcard: Fix CVE-2020-13253 |
|
Date: |
Mon, 13 Jul 2020 20:32:00 +0200 |
This series fixes CVE-2020-13253 by only allowing SD card image
sizes power of 2, and not switching to SEND_DATA state when the
address is invalid (out of range).
Patches missing review:
3: boot_linux: Tag tests using a SD card with 'device:sd'
4: boot_linux: Expand SD card image to power of 2
7: hw/sd/sdcard: Do not allow invalid SD card sizes
Since v1:
Fixes issue due to image not power of 2:
https://www.mail-archive.com/qemu-devel@nongnu.org/msg720737.html
Supersedes: <20200707132116.26207-1-f4bug@amsat.org>
Niek Linnenbank (1):
docs/orangepi: Add instructions for resizing SD image to power of two
Philippe Mathieu-Daudé (8):
MAINTAINERS: Cc qemu-block mailing list
tests/acceptance/boot_linux: Tag tests using a SD card with
'device:sd'
tests/acceptance/boot_linux: Expand SD card image to power of 2
hw/sd/sdcard: Restrict Class 6 commands to SCSD cards
hw/sd/sdcard: Simplify realize() a bit
hw/sd/sdcard: Do not allow invalid SD card sizes
hw/sd/sdcard: Update coding style to make checkpatch.pl happy
hw/sd/sdcard: Do not switch to ReceivingData if address is invalid
docs/system/arm/orangepi.rst | 16 ++++-
hw/sd/sd.c | 86 ++++++++++++++++++++------
MAINTAINERS | 1 +
tests/acceptance/boot_linux_console.py | 30 ++++++---
4 files changed, 102 insertions(+), 31 deletions(-)
--
2.21.3
- [PATCH v2 0/9] hw/sd/sdcard: Fix CVE-2020-13253,
Philippe Mathieu-Daudé <=