Re: [PATCH 0/2] hw/nvme: Fix CVE-2021-3929 (DMA re-entrancy exploitation

qemu-block

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 0/2] hw/nvme: Fix CVE-2021-3929 (DMA re-entrancy exploitation

From:	Klaus Jensen
Subject:	Re: [PATCH 0/2] hw/nvme: Fix CVE-2021-3929 (DMA re-entrancy exploitation)
Date:	Thu, 16 Dec 2021 20:13:39 +0100

On Dec 16 18:55, Philippe Mathieu-Daudé wrote:
> Now that the DMA API allow passing MemTxAttrs argument and
> returning MemTxResult (with MEMTX_BUS_ERROR in particular),
> we can restrict the NVMe controller to memories (prohibitting
> accesses by the DMA engine to devices) and block yet another
> DMA re-entrancy attack.
> 
> I'll will try to get a reproducer (and authorization to commit
> it as qtest) from the reporter.
> 
> Based-on: <20211216123558.799425-1-philmd@redhat.com>
> "hw: Have DMA API take MemTxAttrs arg & propagate MemTxResult (part 2)"
> 20211216123558.799425-1-philmd@redhat.com/">https://lore.kernel.org/qemu-devel/20211216123558.799425-1-philmd@redhat.com/
> 
> Philippe Mathieu-Daudé (2):
>   hw/nvme/ctrl: Do not ignore DMA access errors
>   hw/nvme/ctrl: Prohibit DMA accesses to devices (CVE-2021-3929)
> 
>  hw/nvme/ctrl.c | 9 +++++----
>  1 file changed, 5 insertions(+), 4 deletions(-)
> 

LGTM.

Reviewed-by: Klaus Jensen <k.jensen@samsung.com>

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH 0/2] hw/nvme: Fix CVE-2021-3929 (DMA re-entrancy exploitation), Philippe Mathieu-Daudé, 2021/12/16
- [PATCH 1/2] hw/nvme/ctrl: Do not ignore DMA access errors, Philippe Mathieu-Daudé, 2021/12/16
  - Re: [PATCH 1/2] hw/nvme/ctrl: Do not ignore DMA access errors, Keith Busch, 2021/12/16
- [PATCH 2/2] hw/nvme/ctrl: Prohibit DMA accesses to devices (CVE-2021-3929), Philippe Mathieu-Daudé, 2021/12/16
  - Re: [PATCH 2/2] hw/nvme/ctrl: Prohibit DMA accesses to devices (CVE-2021-3929), Keith Busch, 2021/12/16
  - Re: [PATCH 2/2] hw/nvme/ctrl: Prohibit DMA accesses to devices (CVE-2021-3929), Mauro Matteo Cascella, 2021/12/16
- Re: [PATCH 0/2] hw/nvme: Fix CVE-2021-3929 (DMA re-entrancy exploitation), Klaus Jensen <=
  - Re: [PATCH 0/2] hw/nvme: Fix CVE-2021-3929 (DMA re-entrancy exploitation), Klaus Jensen, 2021/12/16
    - Re: [PATCH 0/2] hw/nvme: Fix CVE-2021-3929 (DMA re-entrancy exploitation), Klaus Jensen, 2021/12/20

Prev by Date: Re: [PATCH v5 22/31] block_int-common.h: assertion in the callers of BlockDriver function pointers
Next by Date: Re: [PATCH 0/8] hw: Have DMA API take MemTxAttrs arg & propagate MemTxResult (part 2)
Previous by thread: Re: [PATCH 2/2] hw/nvme/ctrl: Prohibit DMA accesses to devices (CVE-2021-3929)
Next by thread: Re: [PATCH 0/2] hw/nvme: Fix CVE-2021-3929 (DMA re-entrancy exploitation)
Index(es):
- Date
- Thread