diff options
author | Prasad J Pandit <pjp@fedoraproject.org> | 2019-02-18 23:43:49 +0530 |
---|---|---|
committer | David Gibson <david@gibson.dropbear.id.au> | 2019-02-26 09:21:25 +1100 |
commit | 27461d69a0f108dea756419251acc3ea65198f1b (patch) | |
tree | 5abffa710ae46c150069f83f70add39389281101 /include/hw/ppc | |
parent | 6eebe6dccb343f46ee2331e4173016b0feb0ab1d (diff) |
ppc: add host-serial and host-model machine attributes (CVE-2019-8934)
On ppc hosts, hypervisor shares following system attributes
- /proc/device-tree/system-id
- /proc/device-tree/model
with a guest. This could lead to information leakage and misuse.[*]
Add machine attributes to control such system information exposure
to a guest.
[*] https://wiki.openstack.org/wiki/OSSN/OSSN-0028
Reported-by: Daniel P. Berrangé <berrange@redhat.com>
Fix-suggested-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <20190218181349.23885-1-ppandit@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Diffstat (limited to 'include/hw/ppc')
-rw-r--r-- | include/hw/ppc/spapr.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h index 631fc5103b..fec0f26f49 100644 --- a/include/hw/ppc/spapr.h +++ b/include/hw/ppc/spapr.h @@ -177,6 +177,8 @@ struct sPAPRMachineState { /*< public >*/ char *kvm_type; + char *host_model; + char *host_serial; int32_t irq_map_nr; unsigned long *irq_map; |