Re: [PATCH v2] hw/nvme: fix CVE-2021-3929

qemu-block

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2] hw/nvme: fix CVE-2021-3929

From:	Philippe Mathieu-Daudé
Subject:	Re: [PATCH v2] hw/nvme: fix CVE-2021-3929
Date:	Sat, 22 Jan 2022 10:39:33 +0100
User-agent:	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.5.0

On 21/1/22 07:32, Klaus Jensen wrote:

From: Klaus Jensen <k.jensen@samsung.com>

This fixes CVE-2021-3929 "locally" by denying DMA to the iomem of the
device itself. This still allows DMA to MMIO regions of other devices
(e.g. doing P2P DMA to the controller memory buffer of another NVMe
device).

Fixes: CVE-2021-3929
Reported-by: Qiuhao Li <Qiuhao.Li@outlook.com>
Reviewed-by: Keith Busch <kbusch@kernel.org>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
---
  hw/nvme/ctrl.c | 22 ++++++++++++++++++++++
  1 file changed, 22 insertions(+)


Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH v2] hw/nvme: fix CVE-2021-3929, Klaus Jensen, 2022/01/21
- Re: [PATCH v2] hw/nvme: fix CVE-2021-3929, Philippe Mathieu-Daudé <=
- Re: [PATCH v2] hw/nvme: fix CVE-2021-3929, Klaus Jensen, 2022/01/24

Prev by Date: Re: [PATCH v2] ide: Increment BB in-flight counter for TRIM BH
Next by Date: [RFC PATCH] block/export/fuse: Fix build failure on FreeBSD
Previous by thread: [PATCH v2] hw/nvme: fix CVE-2021-3929
Next by thread: Re: [PATCH v2] hw/nvme: fix CVE-2021-3929
Index(es):
- Date
- Thread