| Hi Jason,
Sure. No problem.
Dmitry.
On 10/18/2015 03:16 PM, Dmitry Fleytman wrote: ACK
Hi Dmitry: Thanks a lot for the reviewing. As I want to add your "Acked-by" in the patch, could you pls add a formal one in the future? (Which can make my life a little bit easier). On 15 Oct 2015, at 13:54 PM, Dana Rubin <address@hidden> wrote:
From: Shmulik Ladkani <address@hidden>
Guest OS may issue VMXNET3_CMD_GET_STATS even before device was
activated (for example in linux, after insmod but prior net-dev open).
Accessing shared descriptors prior device activation is illegal as the
VMXNET3State structures have not been fully initialized.
As a result, guest memory gets corrupted and may lead to guest OS
crashes.
Fix, by not filling the stats descriptors if device is inactive.
Reported-by: Leonid Shatz <address@hidden>
Signed-off-by: Dana Rubin <address@hidden>
Signed-off-by: Shmulik Ladkani <address@hidden>
---
hw/net/vmxnet3.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
index 3c5e10d..5e3a233 100644
--- a/hw/net/vmxnet3.c
+++ b/hw/net/vmxnet3.c
@@ -1289,6 +1289,10 @@ static uint32_t vmxnet3_get_interrupt_config(VMXNET3State *s)
static void vmxnet3_fill_stats(VMXNET3State *s)
{
int i;
+
+ if (!s->device_active)
+ return;
+
for (i = 0; i < s->txq_num; i++) {
cpu_physical_memory_write(s->txq_descr[i].tx_stats_pa,
&s->txq_descr[i].txq_stats,
--
1.9.1
|