virtio-blk: refuse SG_IO requests with scsi=off - bwlp/qemu.git - Experimental fork of QEMU with video encoding patches

diff options

author	Paolo Bonzini	2011-12-23 15:39:03 +0100
committer	Anthony Liguori	2012-01-13 17:20:51 +0100
commit	1ba1f2e319afdcb485963cd3f426fdffd1b725f2 (patch)
tree	55412245b45b35211f3efeaae09732311c7ba075 /hw/pl031.c
parent	vmstate: extract declarations out of hw/hw.h (diff)
download	qemu-1ba1f2e319afdcb485963cd3f426fdffd1b725f2.tar.gz qemu-1ba1f2e319afdcb485963cd3f426fdffd1b725f2.tar.xz qemu-1ba1f2e319afdcb485963cd3f426fdffd1b725f2.zip

virtio-blk: refuse SG_IO requests with scsi=off

QEMU does have a "scsi" option (to be used like -device virtio-blk-pci,drive=foo,scsi=off). However, it only masks the feature bit, and does not reject the command if a malicious guest disregards the feature bits and issues a request. Without this patch, using scsi=off does not protect you from CVE-2011-4127. Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

Diffstat (limited to 'hw/pl031.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: