| commit | 27461d69a0f108dea756419251acc3ea65198f1b | |
| author | Prasad J Pandit <pjp@fedoraproject.org> | |
| Mon, 18 Feb 2019 18:13:49 +0000 (18 23:43 +0530) | ||
| committer | David Gibson <david@gibson.dropbear.id.au> | |
| Mon, 25 Feb 2019 22:21:25 +0000 (26 09:21 +1100) | ||
| tree | 5abffa710ae46c150069f83f70add39389281101 | treesnapshot (tar.gz zip) |
| parent | 6eebe6dccb343f46ee2331e4173016b0feb0ab1d | commitdiff |
ppc: add host-serial and host-model machine attributes (CVE-2019-8934)
On ppc hosts, hypervisor shares following system attributes
- /proc/device-tree/system-id
- /proc/device-tree/model
with a guest. This could lead to information leakage and misuse.[*]
Add machine attributes to control such system information exposure
to a guest.
[*] https://wiki.openstack.org/wiki/OSSN/OSSN-0028
Reported-by: Daniel P. Berrangé <berrange@redhat.com>
Fix-suggested-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <20190218181349.23885-1-ppandit@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
On ppc hosts, hypervisor shares following system attributes
- /proc/device-tree/system-id
- /proc/device-tree/model
with a guest. This could lead to information leakage and misuse.[*]
Add machine attributes to control such system information exposure
to a guest.
[*] https://wiki.openstack.org/wiki/OSSN/OSSN-0028
Reported-by: Daniel P. Berrangé <berrange@redhat.com>
Fix-suggested-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <20190218181349.23885-1-ppandit@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
| hw/ppc/spapr.c | diffblobblamehistory | |
| include/hw/ppc/spapr.h | diffblobblamehistory |