| Message ID | 20221108183352.9466-1-philmd@linaro.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Tue, 8 Nov 2022 at 13:35, Philippe Mathieu-Daudé <philmd@linaro.org> wrote: > > The following changes since commit ade760a2f63804b7ab1839fbc3e5ddbf30538718: > > Merge tag 'pull-request-2022-11-08' of https://gitlab.com/thuth/qemu into staging (2022-11-08 11:34:06 -0500) > > are available in the Git repository at: > > https://github.com/philmd/qemu.git tags/memflash-20221108 > > for you to fetch changes up to cf9b3efd816518f9f210f50a0fa3e46a00b33c27: > > Revert "hw/block/pflash_cfi: Error out if dev length isn't power of 2" (2022-11-08 19:29:25 +0100) > > ---------------------------------------------------------------- > Memory/SDHCI/ParallelFlash patches queue > > - Fix wrong end address dump in 'info mtree' (Zhenzhong Duan) > - Fix in SDHCI for CVE-2022-3872 (myself) There is a CI failure: >>> G_TEST_DBUS_DAEMON=/builds/qemu-project/qemu/tests/dbus-vmstate-daemon.sh MALLOC_PERTURB_=127 QTEST_QEMU_BINARY=./qemu-system-arm QTEST_QEMU_STORAGE_DAEMON_BINARY=./storage-daemon/qemu-storage-daemon QTEST_QEMU_IMG=./qemu-img /builds/qemu-project/qemu/build/tests/qtest/npcm7xx_sdhci-test --tap -k ――――――――――――――――――――――――――――――――――――― ✀ ――――――――――――――――――――――――――――――――――――― stderr: ** Message: 19:27:52.411: /tmp/sdhci_ZD2EV1 ** ERROR:../tests/qtest/npcm7xx_sdhci-test.c:101:sdwrite_read: assertion failed: (!memcmp(rmsg, msg, len)) https://gitlab.com/qemu-project/qemu/-/jobs/3292896670 Stefan
I've dropped the SDHCI CVE fix due to the CI failure. The rest of the commits are still in the staging tree and I plan to include them in v7.2.0-rc0. Stefan
On 8/11/22 21:57, Stefan Hajnoczi wrote: > I've dropped the SDHCI CVE fix due to the CI failure. > > The rest of the commits are still in the staging tree and I plan to > include them in v7.2.0-rc0. Thank you Stefan, sorry for not catching that failure sooner.
Hi Philippe, On Wed, Nov 09, 2022 at 08:43:19AM +0100, Philippe Mathieu-Daudé wrote: > On 8/11/22 21:57, Stefan Hajnoczi wrote: > > I've dropped the SDHCI CVE fix due to the CI failure. > > > > The rest of the commits are still in the staging tree and I plan to > > include them in v7.2.0-rc0. > > Thank you Stefan, sorry for not catching that failure sooner. I was looking through some older CVE's for qemu which are tracked still unfixed in Debian and noticed CVE-2022-3872 . Do you happen to know if the fix for CVE-2022-3872, the dropped one above, was ever fixed in another way? Or did that felt trough the cracks? Regards, Salvatore
The following changes since commit ade760a2f63804b7ab1839fbc3e5ddbf30538718: Merge tag 'pull-request-2022-11-08' of https://gitlab.com/thuth/qemu into staging (2022-11-08 11:34:06 -0500) are available in the Git repository at: https://github.com/philmd/qemu.git tags/memflash-20221108 for you to fetch changes up to cf9b3efd816518f9f210f50a0fa3e46a00b33c27: Revert "hw/block/pflash_cfi: Error out if dev length isn't power of 2" (2022-11-08 19:29:25 +0100) ---------------------------------------------------------------- Memory/SDHCI/ParallelFlash patches queue - Fix wrong end address dump in 'info mtree' (Zhenzhong Duan) - Fix in SDHCI for CVE-2022-3872 (myself) - Revert latest pflash check of underlying block size (Daniel Henrique Barboza & myself) ---------------------------------------------------------------- Daniel Henrique Barboza (1): Revert "hw/block/pflash_cfi: Error out if dev length isn't power of 2" Philippe Mathieu-Daudé (1): hw/sd/sdhci: Do not set Buf Wr Ena before writing block (CVE-2022-3872) Zhenzhong Duan (1): memory: Fix wrong end address dump hw/block/pflash_cfi01.c | 8 ++------ hw/block/pflash_cfi02.c | 5 ----- hw/sd/sdhci.c | 2 +- softmmu/physmem.c | 2 +- 4 files changed, 4 insertions(+), 13 deletions(-)