Remove desc, avail, and used fields as they expose process address space information and violate ASLR. Since this is an experimental command, we can safely remove these potentially sensitive fields.
Signed-off-by: Vladimir Sementsov-Ogievskiy <[email protected]> --- hw/virtio/virtio-hmp-cmds.c | 3 --- hw/virtio/virtio-qmp.c | 3 --- qapi/virtio.json | 15 --------------- 3 files changed, 21 deletions(-) diff --git a/hw/virtio/virtio-hmp-cmds.c b/hw/virtio/virtio-hmp-cmds.c index 4bf9a3109d..a91bb7dbed 100644 --- a/hw/virtio/virtio-hmp-cmds.c +++ b/hw/virtio/virtio-hmp-cmds.c @@ -203,15 +203,12 @@ void hmp_vhost_queue_status(Monitor *mon, const QDict *qdict) monitor_printf(mon, " call: %"PRId64"\n", s->call); monitor_printf(mon, " VRing:\n"); monitor_printf(mon, " num: %"PRId64"\n", s->num); - monitor_printf(mon, " desc: 0x%016"PRIx64"\n", s->desc); monitor_printf(mon, " desc_phys: 0x%016"PRIx64"\n", s->desc_phys); monitor_printf(mon, " desc_size: %"PRId32"\n", s->desc_size); - monitor_printf(mon, " avail: 0x%016"PRIx64"\n", s->avail); monitor_printf(mon, " avail_phys: 0x%016"PRIx64"\n", s->avail_phys); monitor_printf(mon, " avail_size: %"PRId32"\n", s->avail_size); - monitor_printf(mon, " used: 0x%016"PRIx64"\n", s->used); monitor_printf(mon, " used_phys: 0x%016"PRIx64"\n", s->used_phys); monitor_printf(mon, " used_size: %"PRId32"\n", s->used_size); diff --git a/hw/virtio/virtio-qmp.c b/hw/virtio/virtio-qmp.c index f0c15ba27c..b4d0542a72 100644 --- a/hw/virtio/virtio-qmp.c +++ b/hw/virtio/virtio-qmp.c @@ -864,9 +864,6 @@ VirtVhostQueueStatus *qmp_x_query_virtio_vhost_queue_status(const char *path, status->name = g_strdup(vdev->name); status->kick = hdev->vqs[queue].kick; status->call = hdev->vqs[queue].call; - status->desc = (uintptr_t)hdev->vqs[queue].desc; - status->avail = (uintptr_t)hdev->vqs[queue].avail; - status->used = (uintptr_t)hdev->vqs[queue].used; status->num = hdev->vqs[queue].num; status->desc_phys = hdev->vqs[queue].desc_phys; status->desc_size = hdev->vqs[queue].desc_size; diff --git a/qapi/virtio.json b/qapi/virtio.json index 53ddc6b6a4..cad0388b1e 100644 --- a/qapi/virtio.json +++ b/qapi/virtio.json @@ -650,12 +650,6 @@ # # @call: vhost_virtqueue call # -# @desc: vhost_virtqueue desc -# -# @avail: vhost_virtqueue avail -# -# @used: vhost_virtqueue used -# # @num: vhost_virtqueue num # # @desc-phys: vhost_virtqueue desc_phys (descriptor area physical @@ -678,9 +672,6 @@ 'data': { 'name': 'str', 'kick': 'int', 'call': 'int', - 'desc': 'uint64', - 'avail': 'uint64', - 'used': 'uint64', 'num': 'int', 'desc-phys': 'uint64', 'desc-size': 'uint32', @@ -720,12 +711,9 @@ # "avail-size": 2054, # "desc-size": 16384, # "used-size": 8198, -# "desc": 140141447430144, # "num": 1024, # "call": 0, -# "avail": 140141447446528, # "desc-phys": 5216108544, -# "used": 140141447448640, # "kick": 0 # } # } @@ -744,12 +732,9 @@ # "avail-size": 262, # "desc-size": 2048, # "used-size": 1030, -# "desc": 140141413580800, # "num": 128, # "call": 0, -# "avail": 140141413582848, # "desc-phys": 5182259200, -# "used": 140141413583168, # "kick": 0 # } # } -- 2.52.0
