Re: [Qemu-devel] [PATCH] virtio-blk: refuse SG

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] virtio-blk: refuse SG_IO requests with scsi=off

From:	Stefan Hajnoczi
Subject:	Re: [Qemu-devel] [PATCH] virtio-blk: refuse SG_IO requests with scsi=off
Date:	Fri, 30 Dec 2011 11:45:33 +0000
User-agent:	Mutt/1.5.21 (2010-09-15)

On Fri, Dec 23, 2011 at 03:39:03PM +0100, Paolo Bonzini wrote:
> QEMU does have a "scsi" option (to be used like -device
> virtio-blk-pci,drive=foo,scsi=off).  However, it only
> masks the feature bit, and does not reject the command
> if a malicious guest disregards the feature bits and
> issues a request.
> 
> Without this patch, using scsi=off does not protect you
> from CVE-2011-4127.
> 
> Signed-off-by: Paolo Bonzini <address@hidden>
> ---
>  hw/virtio-blk.c |    6 ++++++
>  1 files changed, 6 insertions(+), 0 deletions(-)

I checked that guest_features cannot have SCSI enabled when the host
wishes to prohibit SCSI.

Reviewed-by: Stefan Hajnoczi <address@hidden>

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH] virtio-blk: refuse SG_IO requests with scsi=off, Paolo Bonzini, 2011/12/23
- Re: [Qemu-devel] [PATCH] virtio-blk: refuse SG_IO requests with scsi=off, Stefan Hajnoczi <=

Prev by Date: Re: [Qemu-devel] [Bug 907994] Re: converting VDI to IMG
Next by Date: Re: [Qemu-devel] [PATCH] qmp: Add missing gcc format attribute and fix format string
Previous by thread: [Qemu-devel] [PATCH] virtio-blk: refuse SG_IO requests with scsi=off
Next by thread: [Qemu-devel] [RFC 0/2] ahci: Make ich9-ahci migratable
Index(es):
- Date
- Thread