[PULL,00/18] Usb 20200826 patches

Message ID	20200826145239.6077-1-kraxel@redhat.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=7CaE=CE=nongnu.org=qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@kernel.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org EB470214F1 From: Gerd Hoffmann <kraxel@redhat.com> To: qemu-devel@nongnu.org Subject: [PULL 00/18] Usb 20200826 patches Date: Wed, 26 Aug 2020 16:52:21 +0200 Message-Id: <20200826145239.6077-1-kraxel@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass client-ip=205.139.110.61; envelope-from=kraxel@redhat.com; helo=us-smtp-delivery-1.mimecast.com Precedence: list Cc: Paolo Bonzini <pbonzini@redhat.com>, =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= <berrange@redhat.com>, Gerd Hoffmann <kraxel@redhat.com>, Eduardo Habkost <ehabkost@redhat.com>, Cleber Rosa <crosa@redhat.com> Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>

Message ID

20200826145239.6077-1-kraxel@redhat.com (mailing list archive)

State

New, archived

Headers

DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org EB470214F1
From: Gerd Hoffmann <kraxel@redhat.com>
To: qemu-devel@nongnu.org
Subject: [PULL 00/18] Usb 20200826 patches
Date: Wed, 26 Aug 2020 16:52:21 +0200
Message-Id: <20200826145239.6077-1-kraxel@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass client-ip=205.139.110.61; envelope-from=kraxel@redhat.com;
 helo=us-smtp-delivery-1.mimecast.com
X-Spam_score_int: -30
X-Spam_score: -3.1
X-Spam_bar: ---
X-Spam_report: (-3.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.959,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
 =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= <berrange@redhat.com>,
 Gerd Hoffmann <kraxel@redhat.com>, Eduardo Habkost <ehabkost@redhat.com>,
 Cleber Rosa <crosa@redhat.com>
Errors-To: 
 qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org
Sender: "Qemu-devel"
 <qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>

Message

Gerd Hoffmann Aug. 26, 2020, 2:52 p.m. UTC

The following changes since commit d1a2b51f868d09ca8489ee9aee9c55632ed8fb92:

  Merge remote-tracking branch 'remotes/berrange/tags/socket-next-pull-reques=
t' into staging (2020-08-25 15:01:43 +0100)

are available in the Git repository at:

  git://git.kraxel.org/qemu tags/usb-20200826-pull-request

for you to fetch changes up to 0cb60cbaf4831d859134eea39ae99ae23db79d9d:

  usb: fix setup_len init (CVE-2020-14364) (2020-08-26 14:42:00 +0200)

----------------------------------------------------------------
usb: usb_packet_map fixes for ehci and xhci.
usb: u2f key support (GSoC).
usb: setup_len fix (CVE-2020-14364).

----------------------------------------------------------------

C=C3=A9sar Belley (12):
  hw/usb: Regroup USB HID protocol values
  docs: Add USB U2F key device documentation
  hw/usb: Add U2F key base class
  hw/usb: Add U2F key base class implementation
  hw/usb: Add U2F key passthru mode
  hw/usb: Add U2F key emulated mode
  meson: Add U2F key to meson
  docs/system: Add U2F key to the USB devices examples
  docs/qdev-device-use.txt: Add USB U2F key to the QDEV devices examples
  scripts: Add u2f-setup-gen script
  hw/usb: Add U2F device check to passthru mode
  hw/usb: Add U2F device autoscan to passthru mode

Gerd Hoffmann (3):
  ehci: drop pointless warn_report for guest bugs.
  usb-host: workaround libusb bug
  usb: fix setup_len init (CVE-2020-14364)

Li Qiang (3):
  hw: xhci: check return value of 'usb_packet_map'
  hw: ehci: destroy sglist in error path
  hw: ehci: check return value of 'usb_packet_map'

 configure                |   8 +-
 docs/qdev-device-use.txt |   1 +
 docs/u2f.txt             | 110 ++++++++
 meson_options.txt        |   1 +
 scripts/u2f-setup-gen.py | 170 ++++++++++++
 hw/usb/u2f.h             |  92 +++++++
 include/hw/usb/hid.h     |  17 ++
 hw/usb/core.c            |  16 +-
 hw/usb/dev-hid.c         |  26 +-
 hw/usb/dev-wacom.c       |  12 +-
 hw/usb/hcd-ehci.c        |  12 +-
 hw/usb/hcd-xhci.c        |   5 +-
 hw/usb/host-libusb.c     |  37 ++-
 hw/usb/u2f-emulated.c    | 405 ++++++++++++++++++++++++++++
 hw/usb/u2f-passthru.c    | 551 +++++++++++++++++++++++++++++++++++++++
 hw/usb/u2f.c             | 352 +++++++++++++++++++++++++
 docs/system/usb.rst      |   3 +
 hw/usb/Kconfig           |   5 +
 hw/usb/meson.build       |   7 +
 meson.build              |   7 +
 20 files changed, 1797 insertions(+), 40 deletions(-)
 create mode 100644 docs/u2f.txt
 create mode 100755 scripts/u2f-setup-gen.py
 create mode 100644 hw/usb/u2f.h
 create mode 100644 include/hw/usb/hid.h
 create mode 100644 hw/usb/u2f-emulated.c
 create mode 100644 hw/usb/u2f-passthru.c
 create mode 100644 hw/usb/u2f.c

--=20
2.27.0

Comments

Peter Maydell Aug. 26, 2020, 4:05 p.m. UTC | #1

On Wed, 26 Aug 2020 at 15:57, Gerd Hoffmann <kraxel@redhat.com> wrote:
>
> The following changes since commit d1a2b51f868d09ca8489ee9aee9c55632ed8fb92:
>
>   Merge remote-tracking branch 'remotes/berrange/tags/socket-next-pull-reques=
> t' into staging (2020-08-25 15:01:43 +0100)
>
> are available in the Git repository at:
>
>   git://git.kraxel.org/qemu tags/usb-20200826-pull-request
>
> for you to fetch changes up to 0cb60cbaf4831d859134eea39ae99ae23db79d9d:
>
>   usb: fix setup_len init (CVE-2020-14364) (2020-08-26 14:42:00 +0200)
>
> ----------------------------------------------------------------
> usb: usb_packet_map fixes for ehci and xhci.
> usb: u2f key support (GSoC).
> usb: setup_len fix (CVE-2020-14364).
>
>
> C=C3=A9sar Belley (12):

Something has mangled the UTF-8 in César's name here, though
it looks like it's OK in the git commits.

Anyway, format string issue on 32-bit:

../../hw/usb/u2f-passthru.c: In function 'u2f_passthru_recv_from_guest':
../../hw/usb/u2f-passthru.c:348:53: error: format '%lx' expects
argument of type 'long unsigned int', but argument 3 has type
'unsigned int' [-Werror=format=]
         error_report("%s: Bad written size (req 0x%lx, val 0x%lx)",
                                                   ~~^
                                                   %x
../../hw/usb/u2f-passthru.c:348:64: error: format '%lx' expects
argument of type 'long unsigned int', but argument 4 has type 'ssize_t
{aka int}' [-Werror=format=]
         error_report("%s: Bad written size (req 0x%lx, val 0x%lx)",
                                                              ~~^
                                                              %x

thanks
-- PMM

[PULL,00/18] Usb 20200826 patches

Pull-request

Message

Comments