alwin.berger/FRET-qemu
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
FRET-qemu/tests/qtest
History
Philippe Mathieu-Daudé ef0cf1887e tests/qtest/fdc-test: Add a regression test for CVE-2021-20196 
Without the previous commit, when running 'make check-qtest-i386'
with QEMU configured with '--enable-sanitizers' we get:

  AddressSanitizer:DEADLYSIGNAL
  =================================================================
  ==287878==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000344
  ==287878==The signal is caused by a WRITE memory access.
  ==287878==Hint: address points to the zero page.
      #0 0x564b2e5bac27 in blk_inc_in_flight block/block-backend.c:1346:5
      #1 0x564b2e5bb228 in blk_pwritev_part block/block-backend.c:1317:5
      #2 0x564b2e5bcd57 in blk_pwrite block/block-backend.c:1498:11
      #3 0x564b2ca1cdd3 in fdctrl_write_data hw/block/fdc.c:2221:17
      #4 0x564b2ca1b2f7 in fdctrl_write hw/block/fdc.c:829:9
      #5 0x564b2dc49503 in portio_write softmmu/ioport.c:201:9

Add the reproducer for CVE-2021-20196.

Suggested-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20211124161536.631563-4-philmd@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
(cherry picked from commit cc20926e9b8077bff6813efc8dcdeae90d1a3b10)
Signed-off-by: Michael Roth <michael.roth@amd.com>
2021-12-14 15:05:11 -06:00
..
fuzz
fuzz: Display hexadecimal value with '0x' prefix
2021-06-21 05:50:57 +02:00
libqos
9pfs: add link to 9p developer docs
2021-07-05 13:03:16 +02:00
ac97-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
acpi-utils.c
acpi-utils.h
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
adm1272-test.c
tests/qtest: add tests for ADM1272 device model
2021-07-08 14:41:59 -05:00
ahci-test.c
tests/qtest/ahci-test.c: Calculate iso_size with 64-bit arithmetic
2021-05-14 12:28:01 +02:00
am53c974-test.c
tests/qtest: add tests for am53c974 device
2021-04-12 22:37:11 +01:00
arm-cpu-features.c
target/arm: Add cpu properties to control pauth
2021-01-19 14:38:51 +00:00
aspeed_hace-test.c
tests/qtest: Add test for Aspeed HACE
2021-05-01 10:03:51 +02:00
aspeed_smc-test.c
tests/qtest: Rename m25p80 test in aspeed_smc test
2021-05-01 10:03:52 +02:00
bios-tables-test-allowed-diff.h
tests/acpi/bios-tables-test: update DSDT blob for multifunction bridge test
2021-12-14 14:05:24 -06:00
bios-tables-test.c
tests/acpi/pcihp: add unit tests for hotplug on multifunction bridges for q35
2021-12-14 14:05:20 -06:00
boot-order-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
boot-sector.c
tests/qtest/boot-sector: Check that the guest did not panic
2021-02-19 06:29:05 +01:00
boot-sector.h
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
boot-serial-test.c
tests/boot-serial-test: Add STM32VLDISCOVERY board testcase
2021-07-09 16:09:12 +01:00
cdrom-test.c
hw/mips: Remove the 'r4k' machine
2020-11-03 16:51:13 +01:00
cmsdk-apb-dualtimer-test.c
tests: Add a simple test of the CMSDK APB dual timer
2021-01-29 15:54:42 +00:00
cmsdk-apb-timer-test.c
tests: Add a simple test of the CMSDK APB timer
2021-01-29 15:54:42 +00:00
cmsdk-apb-watchdog-test.c
tests/qtest/cmsdk-apb-watchdog-test: Test clock changes
2021-01-29 15:54:44 +00:00
cpu-plug-test.c
cphp: remove deprecated cpu-add command(s)
2020-09-29 02:14:30 -04:00
dbus-vmstate1.xml
dbus-vmstate-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
device-introspect-test.c
qtest: escape device name in device-introspect-test
2020-11-04 12:00:02 -05:00
device-plug-test.c
device-plug-test: use qtest_qmp to send the device_del command
2020-10-12 11:50:49 -04:00
display-vga-test.c
drive_del-test.c
qemu-iotests, qtest: rewrite test 067 as a qtest
2020-10-12 11:50:50 -04:00
ds1338-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
e1000-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
e1000e-test.c
tests/qtest/e1000e-test: Check qemu_recv() succeeded
2021-06-03 16:43:27 +01:00
eepro100-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
emc141x-test.c
sensor: Move hardware sensors from misc to a sensor directory
2021-06-17 07:10:32 -05:00
endianness-test.c
hw/mips: Remove the 'r4k' machine
2020-11-03 16:51:13 +01:00
es1370-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
fdc-test.c
tests/qtest/fdc-test: Add a regression test for CVE-2021-20196
2021-12-14 15:05:11 -06:00
fuzz-e1000e-test.c
net/eth: Read ip6_ext_hdr_routing buffer before accessing it
2021-03-22 17:34:31 +08:00
fuzz-megasas-test.c
tests/qtest: Only run fuzz-megasas-test if megasas device is available
2021-03-16 14:19:54 -04:00
fuzz-sb16-test.c
hw/audio/sb16: Restrict I/O sampling rate range for command 41h/42h
2021-06-24 11:42:54 +02:00
fuzz-sdcard-test.c
hw/sd/sdcard: Fix assertion accessing out-of-range addresses with CMD30
2021-08-03 19:34:51 +02:00
fuzz-virtio-scsi-test.c
tests/qtest: Only run fuzz-virtio-scsi when virtio-scsi is available
2021-03-16 14:19:54 -04:00
fw_cfg-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
hd-geo-test.c
tests/qtest/hd-geo-test: Fix checks on mkstemp() return value
2021-06-03 16:43:27 +01:00
hexloader-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
i440fx-test.c
i82801b11-test.c
ide-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
intel-hda-test.c
ioh3420-test.c
ipmi-bt-test.c
tests: Avoid side effects inside g_assert() arguments
2021-05-14 12:28:01 +02:00
ipmi-kcs-test.c
tests: Avoid side effects inside g_assert() arguments
2021-05-14 12:28:01 +02:00
ipoctal232-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
ivshmem-test.c
ivshmem-test: do not use short-form boolean option
2020-11-04 12:00:02 -05:00
libqtest-single.h
qtest: Update references to parse_escape() in comments
2020-11-10 08:51:30 +01:00
libqtest.c
libqtest: refuse QTEST_QEMU_BINARY=qemu-kvm
2021-05-14 12:28:01 +02:00
lpc-ich9-test.c
tests/qtest: cleanup the testcase for bug 1878642
2021-03-19 10:37:46 -04:00
m48t59-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
machine-none-test.c
Drop the deprecated unicore32 target
2021-05-12 18:20:52 +02:00
max34451-test.c
tests/qtest: add tests for MAX34451 device model
2021-07-08 14:42:00 -05:00
megasas-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
meson.build
storage-daemon: Add missing build dependency to the vhost-user-blk-test
2021-08-11 13:39:50 +02:00
microbit-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
migration-helpers.c
tests/migration: fix memleak in wait_command/wait_command_fd
2020-10-24 07:23:19 +02:00
migration-helpers.h
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
migration-test.c
tests: Fix migration-test build failure for sparc
2021-07-29 08:07:28 +02:00
modules-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
ne2000-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
npcm7xx_adc-test.c
npcm7xx_adc-test: Fix memleak in adc_qom_set
2021-01-19 15:45:14 +00:00
npcm7xx_emc-test.c
net/npcm7xx_emc.c: Fix handling of receiving packets when RSDR not set
2021-03-30 14:05:33 +01:00
npcm7xx_gpio-test.c
hw/gpio: Add GPIO model for Nuvoton NPCM7xx
2020-10-27 11:10:32 +00:00
npcm7xx_pwm-test.c
tests/qtest/npcm7xx_pwm-test.c: Avoid g_assert_true() for non-test assertions
2021-05-14 12:28:01 +02:00
npcm7xx_rng-test.c
tests/qtest/npcm7xx_rng-test: dump random data on failure
2020-12-10 11:30:44 +00:00
npcm7xx_smbus-test.c
sensor: Move hardware sensors from misc to a sensor directory
2021-06-17 07:10:32 -05:00
npcm7xx_timer-test.c
tests/qtest: variable defined by g_autofree need to be initialized
2020-11-20 13:34:22 +01:00
npcm7xx_watchdog_timer-test.c
tests/qtest: fix memleak in npcm7xx_watchdog_timer-test
2020-11-20 13:35:33 +01:00
numa-test.c
machine: add smp compound property
2021-07-06 08:33:51 +02:00
nvme-test.c
tests/qtest/nvme-test: add mmio read test
2021-07-26 21:09:39 +02:00
pca9552-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
pci-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
pcnet-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
pflash-cfi02-test.c
tests/qtest/pflash-cfi02-test: Avoid potential integer overflow
2021-06-03 16:43:27 +01:00
pnv-xscom-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
prom-env-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
pvpanic-pci-test.c
tests/qtest: add a test case for pvpanic-pci
2021-01-29 10:47:28 +00:00
pvpanic-test.c
qtest/pvpanic: Test panic option that allows VM to continue
2020-12-15 12:51:59 -05:00
pxe-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
q35-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
qmp-cmd-test.c
tests: Drop 'props' from object-add calls
2021-03-19 10:15:06 +01:00
qmp-test.c
machine: remove 'query-cpus' QMP command
2021-03-18 09:22:55 +00:00
qom-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
qos-test.c
tests/qtest/qos-test: dump QEMU command if verbose
2021-02-16 17:15:39 +01:00
rtas-test.c
spapr: Implement Open Firmware client interface
2021-07-09 10:38:19 +10:00
rtc-test.c
tests/qtest/rtc-test: Remove pointless NULL check
2021-05-14 12:28:01 +02:00
rtl8139-test.c
sdhci-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
spapr-phb-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
sse-timer-test.c
tests/qtest/sse-timer-test: Test counter scaling changes
2021-03-08 17:20:03 +00:00
tco-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
test-arm-mptimer.c
test-filter-mirror.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
test-filter-redirector.c
treewide: do not use short-form boolean options
2020-12-10 12:15:11 -05:00
test-hmp.c
migrate: remove QMP/HMP commands for speed, downtime and cache size
2021-03-18 09:22:55 +00:00
test-netfilter.c
tests: Drop 'props' from object-add calls
2021-03-19 10:15:06 +01:00
test-x86-cpuid-compat.c
machine: remove 'query-cpus' QMP command
2021-03-18 09:22:55 +00:00
tmp105-test.c
sensor: Move hardware sensors from misc to a sensor directory
2021-06-17 07:10:32 -05:00
tpm-crb-swtpm-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
tpm-crb-test.c
test: tpm-tis: Get prepared to share tests between ISA and sysbus devices
2020-03-05 12:18:39 -05:00
tpm-emu.c
tpm: Move backend code under the 'backends/' directory
2020-06-19 07:25:55 -04:00
tpm-emu.h
test/tpm-emu: include sockets and channel headers in tpm-emu header
2020-06-09 14:18:04 -04:00
tpm-tests.c
tests/qtest/tpm-tests: Remove unnecessary NULL checks
2021-06-03 16:43:27 +01:00
tpm-tests.h
test: tpm: pass optional machine options to swtpm test functions
2020-03-05 12:18:33 -05:00
tpm-tis-device-swtpm-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
tpm-tis-device-test.c
test: tpm-tis: Add Sysbus TPM-TIS device test
2020-03-05 12:18:47 -05:00
tpm-tis-swtpm-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
tpm-tis-test.c
test: tpm-tis: Get prepared to share tests between ISA and sysbus devices
2020-03-05 12:18:39 -05:00
tpm-tis-util.c
test: tpm-tis: Get prepared to share tests between ISA and sysbus devices
2020-03-05 12:18:39 -05:00
tpm-tis-util.h
test: tpm-tis: Get prepared to share tests between ISA and sysbus devices
2020-03-05 12:18:39 -05:00
tpm-util.c
tests/qtest/tpm-util.c: Free memory with correct free function
2021-05-14 12:28:01 +02:00
tpm-util.h
test: tpm-tis: Get prepared to share tests between ISA and sysbus devices
2020-03-05 12:18:39 -05:00
tulip-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
usb-hcd-ehci-test.c
libqos: usb-hcd-ehci: use 32-bit write for config register
2020-06-26 06:45:29 -04:00
usb-hcd-ohci-test.c
usb-hcd-uhci-test.c
usb-hcd-xhci-test.c
vhost-user-blk-test.c
tests/qtest/vhost-user-blk-test: Check whether qemu-storage-daemon is available
2021-08-11 13:40:01 +02:00
vhost-user-test.c
migrate: remove QMP/HMP commands for speed, downtime and cache size
2021-03-18 09:22:55 +00:00
virtio-9p-test.c
9pfs: add link to 9p developer docs
2021-07-05 13:03:16 +02:00
virtio-blk-test.c
virtio-ccw-test.c
virtio-net-test.c
virtio-rng-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
virtio-scsi-test.c
tests/qtest/virtio-scsi-test: add unmap large LBA with 4k blocks test
2021-06-04 13:47:08 +02:00
virtio-serial-test.c
virtio-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
vmgenid-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
vmxnet3-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
wdt_ib700-test.c
meson: convert tests/qtest to meson
2020-08-21 06:30:20 -04:00
xlnx-can-test.c
arm: rename xlnx-zcu102.canbusN properties
2021-01-29 10:47:28 +00:00