QEMU development tree https://git.zx2c4.com/qemu/atom/fsdev?h=master 2023-12-31T08:11:29Z 2023-12-31T08:11:29Z Paolo Bonzini pbonzini@redhat.com 2023-11-03T08:17:48Z urn:sha1:d0cda6f461fd33c5f9b063781c63c1ce5fd3fa3b This variable is about the host OS, not the target. It is used a lot more since the Meson conversion, but the original sin dates back to 2003. Time to fix it. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> 2023-12-31T08:11:28Z Paolo Bonzini pbonzini@redhat.com 2023-08-31T09:18:24Z urn:sha1:0d66549cf5b76bde9870af0d09a46d6d6c306e53 CONFIG_ALL is tricky to use and was ported over to Meson from the recursive processing of Makefile variables. Meson sourcesets however have all_sources() and all_dependencies() methods that remove the need for it. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> 2023-12-31T08:11:28Z Paolo Bonzini pbonzini@redhat.com 2023-05-26T10:20:39Z urn:sha1:53e8868d69c195b6b57ccc6847057043c26df1b6 CONFIG_DARWIN, CONFIG_LINUX and CONFIG_BSD are used in some rules, but only CONFIG_LINUX has substantial use. Convert them all to if...endif. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> 2023-08-29T08:49:24Z zhenwei pi pizhenwei@bytedance.com 2023-07-28T02:20:05Z urn:sha1:00ea69f50345258d1ff6262f24516abea5548d3a 'bool is_write' style is obsolete from throttle framework, adapt fsdev to the new style. Cc: Greg Kurz <groug@kaod.org> Reviewed-by: Hanna Czenczek <hreitz@redhat.com> Signed-off-by: zhenwei pi <pizhenwei@bytedance.com> Message-Id: <20230728022006.1098509-9-pizhenwei@bytedance.com> Reviewed-by: Greg Kurz <groug@kaod.org> Signed-off-by: Hanna Czenczek <hreitz@redhat.com> 2023-08-29T08:49:24Z zhenwei pi pizhenwei@bytedance.com 2023-07-28T02:20:03Z urn:sha1:e76f201f69e76653f3e7301f2183421d9267e2f5 enum ThrottleDirection is already there, use ThrottleDirection instead of 'bool is_write' for throttle API, also modify related codes from block, fsdev, cryptodev and tests. Reviewed-by: Hanna Czenczek <hreitz@redhat.com> Signed-off-by: zhenwei pi <pizhenwei@bytedance.com> Message-Id: <20230728022006.1098509-7-pizhenwei@bytedance.com> Signed-off-by: Hanna Czenczek <hreitz@redhat.com> 2023-07-06T09:42:08Z Christian Schoenebeck qemu_oss@crudebyte.com 2023-06-26T11:49:06Z urn:sha1:71d72ececa086114df80fe4cc04d701b59002eb2 As recent CVE-2023-2861 (fixed by f6b0de53fb) once again showed, the 9p 'proxy' fs driver is in bad shape. Using the 'proxy' backend was already discouraged for safety reasons before and we recommended to use the 'local' backend (preferably in conjunction with its 'mapped' security model) instead, but now it is time to officially deprecate the 'proxy' backend. Signed-off-by: Christian Schoenebeck <qemu_oss@crudebyte.com> Reviewed-by: Greg Kurz <groug@kaod.org> Message-Id: <E1qDkmw-0007M1-8f@lizzy.crudebyte.com> 2023-06-20T08:01:30Z Philippe Mathieu-Daudé philmd@linaro.org 2023-06-13T13:33:47Z urn:sha1:de6cd7599b518f0c832cc85980196ec02c129a86 We use the user_ss[] array to hold the user emulation sources, and the softmmu_ss[] array to hold the system emulation ones. Hold the latter in the 'system_ss[]' array for parity with user emulation. Mechanical change doing: $ sed -i -e s/softmmu_ss/system_ss/g $(git grep -l softmmu_ss) Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20230613133347.82210-10-philmd@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> 2023-06-08T15:04:58Z Christian Schoenebeck qemu_oss@crudebyte.com 2023-06-07T16:29:33Z urn:sha1:f6b0de53fb87ddefed348a39284c8e2f28dc4eda The 9p protocol does not specifically define how server shall behave when client tries to open a special file, however from security POV it does make sense for 9p server to prohibit opening any special file on host side in general. A sane Linux 9p client for instance would never attempt to open a special file on host side, it would always handle those exclusively on its guest side. A malicious client however could potentially escape from the exported 9p tree by creating and opening a device file on host side. With QEMU this could only be exploited in the following unsafe setups: - Running QEMU binary as root AND 9p 'local' fs driver AND 'passthrough' security model. or - Using 9p 'proxy' fs driver (which is running its helper daemon as root). These setups were already discouraged for safety reasons before, however for obvious reasons we are now tightening behaviour on this. Fixes: CVE-2023-2861 Reported-by: Yanwu Shen <ywsPlz@gmail.com> Reported-by: Jietao Xiao <shawtao1125@gmail.com> Reported-by: Jinku Li <jkli@xidian.edu.cn> Reported-by: Wenbo Shen <shenwenbo@zju.edu.cn> Signed-off-by: Christian Schoenebeck <qemu_oss@crudebyte.com> Reviewed-by: Greg Kurz <groug@kaod.org> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Message-Id: <E1q6w7r-0000Q0-NM@lizzy.crudebyte.com> 2023-02-08T06:28:05Z Markus Armbruster armbru@redhat.com 2023-02-02T13:38:28Z urn:sha1:bfe7bf8590a74aebd572abe56927b53f4978ab42 This commit was created with scripts/clean-includes. Signed-off-by: Markus Armbruster <armbru@redhat.com> Acked-by: Christian Schoenebeck <qemu_oss@crudebyte.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Message-Id: <20230202133830.2152150-19-armbru@redhat.com> 2022-10-24T10:24:32Z Bin Meng bin.meng@windriver.com 2022-09-27T11:06:04Z urn:sha1:f723f626627fda681327075105701695d7c630e5 Use g_mkdir() to create a directory on all platforms. Signed-off-by: Bin Meng <bin.meng@windriver.com> Reviewed-by: Christian Schoenebeck <qemu_oss@crudebyte.com> Message-Id: <20220927110632.1973965-27-bmeng.cn@gmail.com> Signed-off-by: Christian Schoenebeck <qemu_oss@crudebyte.com>