.jpg?width=1920&height=1080&fit=bounds)
Preface: Mount a drive image emulated as an SD card with qemu-system-x86_64.
qemu-system-x86_64 -smp cores=4 -m 1024 -device sdhci-pci -device sd-card,drive=mydrive -drive id=mydrive,if=none,format=raw,file=image.bin
Background:
QEMU Integration with other virtual machines
- VirtualBox uses some QEMU virtual hardware devices and has a built-in qemudede-based Dynamic re-compiler.Same as KQEMU.
- Xen HVM has device emulation based on the QEMU project to provide I/O virtualization to the virtual machines.
- Qemu on FreeBSD as host.It runs under Windows 2000, Windows XP, GNU/Linux (RedHat, Debian) and FreeBSD “host” systems.
QEMU can simulate a variety of hardware devices
- Android and ARM: QEMU emulates the ARMv7 instruction set using the NEON extension.It simulates the Integrated System / CP board,multi-function backplane.
- In Android OS because the VM memory page allocation is not continuous,PIPE driver will pass the remote data address
to QEMU several times.
Design weakness: sdhci – While doing multi block SDMA, transfer block size may exceed the ‘s->fifo_buffer[s->buf_maxsz]’ size.
Impact: Resulting in a denial of service condition, or potentially execute arbitrary code with privileges of the QEMU process on the host.
Vulnerability details: Refer to link – https://nvd.nist.gov/vuln/detail/CVE-2020-17380