From mboxrd@z Thu Jan 1 00:00:00 1970 From: Anthony Liguori Subject: Re: [PATCH] whitelist host virtio networking features [was Re: qemu-kvm-0.11 regression, crashes on older ...] Date: Mon, 02 Nov 2009 09:42:06 -0600 Message-ID: <4AEEFDCE.1000006@codemonkey.ws> References: <1256807803.10825.39.camel@blaa> <1256815818-sup-7805@xpc65.scottt> <1256818566.10825.58.camel@blaa> <4AE9A299.5060003@codemonkey.ws> <1256826351.10825.69.camel@blaa> <4AE9A90F.1060108@codemonkey.ws> <1256827719.10825.75.camel@blaa> <1256830455.25064.155.camel@x200> <1257172722.5075.7.camel@blaa> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Dustin Kirkland , Scott Tsai , qemu-devel , kvm , Rusty Russell , jdstrand@canonical.com, kees.cook@canonical.com, Marc Deslauriers To: Mark McLoughlin Return-path: Received: from mail-gx0-f212.google.com ([209.85.217.212]:36345 "EHLO mail-gx0-f212.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755324AbZKBPmF (ORCPT ); Mon, 2 Nov 2009 10:42:05 -0500 Received: by gxk4 with SMTP id 4so4294850gxk.8 for ; Mon, 02 Nov 2009 07:42:09 -0800 (PST) In-Reply-To: <1257172722.5075.7.camel@blaa> Sender: kvm-owner@vger.kernel.org List-ID: Mark McLoughlin wrote: >> Canonical's Ubuntu Security Team will be filing a CVE on this issue, >> since there is a bit of an attack vector here, and since >> qemu-kvm-0.11.0 is generally available as an official release (and now >> part of Ubuntu 9.10). >> >> Guests running linux <= 2.6.25 virtio-net (e.g Ubuntu 8.04 hardy) on >> top of qemu-kvm-0.11.0 can be remotely crashed by a non-privileged >> network user flooding an open port on the guest. The crash happens in >> a manner that abruptly terminates the guest's execution (ie, without >> shutting down cleanly). This may affect the guest filesystem's >> general happiness. >> > > IMHO, the CVE should be against the 2.6.25 virtio drivers - the bug is > in the guest and the issue we're discussing here is just a hacky > workaround for the guest bug. > Yeah, I'm inclined to agree. The guest generates bad data and we exit. exit()ing is probably not wonderful but it's a well understood behavior. The fundamental bug here is in the guest, not in qemu. Regards, Anthony Liguori > Cheers, > Mark. > > From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1N4z2w-0007GU-PX for qemu-devel@nongnu.org; Mon, 02 Nov 2009 10:42:18 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1N4z2r-0007EC-Gc for qemu-devel@nongnu.org; Mon, 02 Nov 2009 10:42:18 -0500 Received: from [199.232.76.173] (port=43286 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1N4z2r-0007Dr-0f for qemu-devel@nongnu.org; Mon, 02 Nov 2009 10:42:13 -0500 Received: from mail-yw0-f176.google.com ([209.85.211.176]:42626) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1N4z2q-0006qv-NJ for qemu-devel@nongnu.org; Mon, 02 Nov 2009 10:42:12 -0500 Received: by ywh6 with SMTP id 6so4519022ywh.4 for ; Mon, 02 Nov 2009 07:42:09 -0800 (PST) Message-ID: <4AEEFDCE.1000006@codemonkey.ws> Date: Mon, 02 Nov 2009 09:42:06 -0600 From: Anthony Liguori MIME-Version: 1.0 References: <1256807803.10825.39.camel@blaa> <1256815818-sup-7805@xpc65.scottt> <1256818566.10825.58.camel@blaa> <4AE9A299.5060003@codemonkey.ws> <1256826351.10825.69.camel@blaa> <4AE9A90F.1060108@codemonkey.ws> <1256827719.10825.75.camel@blaa> <1256830455.25064.155.camel@x200> <1257172722.5075.7.camel@blaa> In-Reply-To: <1257172722.5075.7.camel@blaa> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: [Qemu-devel] Re: [PATCH] whitelist host virtio networking features [was Re: qemu-kvm-0.11 regression, crashes on older ...] List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Mark McLoughlin Cc: Scott Tsai , kvm , Dustin Kirkland , Rusty Russell , qemu-devel , jdstrand@canonical.com, Marc Deslauriers , kees.cook@canonical.com Mark McLoughlin wrote: >> Canonical's Ubuntu Security Team will be filing a CVE on this issue, >> since there is a bit of an attack vector here, and since >> qemu-kvm-0.11.0 is generally available as an official release (and now >> part of Ubuntu 9.10). >> >> Guests running linux <= 2.6.25 virtio-net (e.g Ubuntu 8.04 hardy) on >> top of qemu-kvm-0.11.0 can be remotely crashed by a non-privileged >> network user flooding an open port on the guest. The crash happens in >> a manner that abruptly terminates the guest's execution (ie, without >> shutting down cleanly). This may affect the guest filesystem's >> general happiness. >> > > IMHO, the CVE should be against the 2.6.25 virtio drivers - the bug is > in the guest and the issue we're discussing here is just a hacky > workaround for the guest bug. > Yeah, I'm inclined to agree. The guest generates bad data and we exit. exit()ing is probably not wonderful but it's a well understood behavior. The fundamental bug here is in the guest, not in qemu. Regards, Anthony Liguori > Cheers, > Mark. > >