Merge tag 'pull-request-2024-01-16' of https://gitlab.com/thuth/qemu …

…into staging

* Improve the timeouts for some problematic qtests
* Enable some ROP mitigation compiler switches

# -----BEGIN PGP SIGNATURE-----
#
# iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmWmNDURHHRodXRoQHJl
# ZGhhdC5jb20ACgkQLtnXdP5wLbVM0w/+Nafbtnw9Q1gp633CIYQRsNDGiKiCND5H
# epLfd3DFAG2jATZm/hIIrV3dlEkGRQh916XKik572eUm2yyu3i3EqVNooTcLr0k/
# 4MI1ZzG0rnAnAr15zVdUaDCiaGdlpcSGTwLDAlQjIR4n0MdugQ/bkrfkDRU0YD/6
# mv/yDck5fHOUDm88LA7Gxep0G7U8Wi8oiQXx+WlbQpmDHfBJM7ERQSPhXobtVtFO
# 8wpceUcMwlGBecxEsRggrRhdn09CJUyuirP8UHG4rT8xMjkXpqHJVqZ+gVDyV65J
# y9y6snCk+oFyCTDSstQxVbzHg/1C4xE2gVUMaXv4Wu1TcCgBpF1WDQymXb35Buuh
# pbgAaF1ZsBGwE7rUUJIF3NBTpjmedP4NbCR2EPsiL06w08mG7IRuU/b8JStuAHef
# qUqxiHfpEwAxXY8O83XOvBb+zJ625OQHGi/MGDnaYczBfqBJAx2AKiuSmMWBAWo2
# gO4kQX25sPzov6xsLcjEwh0HcJ9W5mkGRJ/x8GSjWnvDlGBDBYWPUShJlohDKGU0
# 4+JGk4+8RKMoKE97bO8DItOp9ahh87up/qHDFkJJo+VKuDaBPdzlS6PURzc8wv0T
# QquWUkfdE6qYIPr8ShVYT00NNThIKLyn0qaN4s1mQ+2h8p8nXc4aYsWgcr2wxJFm
# sOoVvwOXzDE=
# =Yuwq
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 16 Jan 2024 07:45:57 GMT
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* tag 'pull-request-2024-01-16' of https://gitlab.com/thuth/qemu:
  meson: mitigate against use of uninitialize stack for exploits
  meson: mitigate against ROP exploits with -fzero-call-used-regs
  qtest: Bump npcm7xx_watchdog_timer-test timeout to 2 minutes
  tests/qtest/npcm7xx_watchdog_timer: Only test the corner cases by default
  tests/qtest/meson.build: Bump the boot-serial-test timeout to 4 minutes

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

meson.build

@@ -552,6 +552,22 @@ if get_option('cfi')
   add_global_link_arguments(cfi_flags, native: false, language: all_languages)
 endif
 
+# Check further flags that make QEMU more robust against malicious parties
+
+hardening_flags = [
+    # Zero out registers used during a function call
+    # upon its return. This makes it harder to assemble
+    # ROP gadgets into something usable
+    '-fzero-call-used-regs=used-gpr',
+
+    # Initialize all stack variables to zero. This makes
+    # it harder to take advantage of uninitialized stack
+    # data to drive exploits
+    '-ftrivial-auto-var-init=zero',
+]
+
+qemu_common_flags += cc.get_supported_arguments(hardening_flags)
+
 add_global_arguments(qemu_common_flags, native: false, language: all_languages)
 add_global_link_arguments(qemu_ldflags, native: false, language: all_languages)
 

tests/qtest/meson.build

@@ -4,11 +4,12 @@ slow_qtests = {
   'device-introspect-test' : 720,
   'migration-test' : 480,
   'npcm7xx_pwm-test': 300,
+  'npcm7xx_watchdog_timer-test': 120,
   'qom-test' : 900,
   'test-hmp' : 240,
   'pxe-test': 600,
   'prom-env-test': 360,
-  'boot-serial-test': 180,
+  'boot-serial-test': 240,
   'qos-test': 120,
 }
 

tests/qtest/npcm7xx_watchdog_timer-test.c

@@ -172,9 +172,10 @@ static void test_reset_action(gconstpointer watchdog)
 static void test_prescaler(gconstpointer watchdog)
 {
     const Watchdog *wd = watchdog;
+    int inc = g_test_quick() ? 3 : 1;
 
-    for (int wtclk = 0; wtclk < 4; ++wtclk) {
-        for (int wtis = 0; wtis < 4; ++wtis) {
+    for (int wtclk = 0; wtclk < 4; wtclk += inc) {
+        for (int wtis = 0; wtis < 4; wtis += inc) {
             QTestState *qts = qtest_init("-machine quanta-gsj");
 
             qtest_irq_intercept_in(qts, "/machine/soc/a9mpcore/gic");