Skip to content

Commit

Permalink
vmware-vga: CVE-2014-3689: turn off hw accel
Browse files Browse the repository at this point in the history 
Quick & easy stopgap for CVE-2014-3689:  We just compile out the
hardware acceleration functions which lack sanity checks.  Thankfully
we have capability bits for them (SVGA_CAP_RECT_COPY and
SVGA_CAP_RECT_FILL), so guests should deal just fine, in theory.

Subsequent patches will add the missing checks and re-enable the
hardware acceleration emulation.

Cc: qemu-stable@nongnu.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Don Koch <dkoch@verizon.com>
(cherry picked from commit 83afa38)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
  • Loading branch information
@kraxel @mdroth
kraxel authored and mdroth committed Jan 6, 2015
1 parent 8100812 commit 8bf7738
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions hw/display/vmware_vga.c
View file
Expand Up @@ -29,8 +29,10 @@
#include "hw/pci/pci.h"

#undef VERBOSE
#if 0
#define HW_RECT_ACCEL
#define HW_FILL_ACCEL
#endif
#define HW_MOUSE_ACCEL

#include "vga_int.h"
Expand Down

0 comments on commit 8bf7738

Please sign in to comment.