[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-stable] [Qemu-block] [QEMU-SECURITY] ide: fix assertion in ide
|
From: |
Kevin Wolf |
|
Subject: |
Re: [Qemu-stable] [Qemu-block] [QEMU-SECURITY] ide: fix assertion in ide_dma_cb() to prevent qemu DoS from quest |
|
Date: |
Tue, 16 Jul 2019 13:25:35 +0200 |
|
User-agent: |
Mutt/1.11.3 (2019-02-01) |
Am 15.07.2019 um 13:24 hat Alexander Popov geschrieben:
> On 05.07.2019 17:07, Alexander Popov wrote:
> > This assertion was introduced in the commit a718978ed58a in July 2015.
> > It implies that the size of successful DMA transfers handled in
> > ide_dma_cb() should be multiple of 512 (the size of a sector).
> >
> > But guest systems can initiate DMA transfers that don't fit this
> > requirement. Let's improve the assertion to prevent qemu DoS from quests.
>
> Hello!
>
> Just a friendly ping.
>
> Could you have a look at this patch?
John, I think this is for you.
I haven't reviewed this yet, but if we put an assertion there that the
request is aligned, we probably rely on this fact somewhere in the code.
So I suspect that just changing the assertion without changing other
code, too, might not be enough.
Kevin