[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH for-2.7 0/4] virtio-balloon: fix stats vq migrat
|
From: |
Gaudenz Steinlin |
|
Subject: |
Re: [Qemu-devel] [PATCH for-2.7 0/4] virtio-balloon: fix stats vq migration |
|
Date: |
Mon, 15 Aug 2016 21:51:21 +0200 |
|
User-agent: |
Notmuch/0.22.1 (http://notmuchmail.org) Emacs/24.5.1 (x86_64-pc-linux-gnu) |
Stefan Hajnoczi <address@hidden> writes:
> Gaudenz Steinlin <address@hidden> reported that virtqueue_pop() terminates
> QEMU because the virtqueue size is exceeded following the CVE-2016-5403 fix.
> I
> have been unable to reproduce this or understand the root cause by code
> inspection. Along the way I did discover a few bugs in virtio-balloon and
> virtio code.
>
> Please see the individual patches for details.
>
> Gaudenz: If you can reproduce the bug you reported, please try again with
> these
> patches applied.
As mentioned in the original thread I only tested on QEMU 2.0.0 so far.
I tried to apply your patches to this version, but did not succeed. I
could not apply the first patch in the series because the code changed
too much and with only the others applied QEMU failed to compile. I gave
up at that point.
Does it make sense at all to test these patches on 2.0.0? Ubuntu
reverted the problematic fix in their latest package update for trusty,
so my immediate problem is "solved". Is there a chance to get a fix for
CVE-2016-5403 that works on QEMU 2.0.0 without breaking migrations?
Best regards and thanks to all for the effort so far,
Gaudenz
signature.asc
Description: PGP signature
- Re: [Qemu-devel] [PATCH for-2.7 2/4] virtio: decrement vq->inuse in virtqueue_discard(), (continued)