[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 1/6] net: introduce qemu_receive_packet()
From: |
Philippe Mathieu-Daudé |
Subject: |
Re: [PATCH 1/6] net: introduce qemu_receive_packet() |
Date: |
Wed, 24 Feb 2021 11:11:12 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.0 |
On 2/24/21 6:53 AM, Jason Wang wrote:
> Some NIC supports loopback mode and this is done by calling
> nc->info->receive() directly which in fact suppresses the effort of
> reentrancy check that is done in qemu_net_queue_send().
>
> Unfortunately we can use qemu_net_queue_send() here since for loop
> back there's no sender as peer, so this patch introduce a
> qemu_receive_packet() which is used for implementing loopback mode
> for a NIC with this check.
IIUC the guest could trigger an infinite loop and brick the emulated
device model. Likely exhausting the stack, so either SEGV by
corruption or some ENOMEM?
Since this is guest triggerable, shouldn't we contact qemu-security@
list and ask for a CVE for this issue, so distributions can track
the patches to backport in their stable releases? (it seems to be
within the KVM devices boundary).
>
> NIC that supports loopback mode will be converted to this helper.
>
> Signed-off-by: Jason Wang <jasowang@redhat.com>
> ---
> include/net/net.h | 5 +++++
> include/net/queue.h | 8 ++++++++
> net/net.c | 38 +++++++++++++++++++++++++++++++-------
> net/queue.c | 22 ++++++++++++++++++++++
> 4 files changed, 66 insertions(+), 7 deletions(-)
- [PATCH 0/6] Detect reentrant RX casue by loopback, Jason Wang, 2021/02/24
- [PATCH 1/6] net: introduce qemu_receive_packet(), Jason Wang, 2021/02/24
- Re: [PATCH 1/6] net: introduce qemu_receive_packet(),
Philippe Mathieu-Daudé <=
- Re: [PATCH 1/6] net: introduce qemu_receive_packet(), Jason Wang, 2021/02/24
- Re: [PATCH 1/6] net: introduce qemu_receive_packet(), Philippe Mathieu-Daudé, 2021/02/24
- Re: [PATCH 1/6] net: introduce qemu_receive_packet(), P J P, 2021/02/25
- Re: [PATCH 1/6] net: introduce qemu_receive_packet(), Alexander Bulekov, 2021/02/25
- Re: [PATCH 1/6] net: introduce qemu_receive_packet(), Alexander Bulekov, 2021/02/25
- Re: [QEMU-SECURITY] [PATCH 1/6] net: introduce qemu_receive_packet(), P J P, 2021/02/26
- Re: [QEMU-SECURITY] [PATCH 1/6] net: introduce qemu_receive_packet(), Alexander Bulekov, 2021/02/26
Re: [PATCH 1/6] net: introduce qemu_receive_packet(), Philippe Mathieu-Daudé, 2021/02/25
[PATCH 2/6] e1000: switch to use qemu_receive_packet() for loopback, Jason Wang, 2021/02/24