[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 1/5] virtio-pci: ignore unaligned read/write in
|
From: |
Gerd Hoffmann |
|
Subject: |
Re: [Qemu-devel] [PATCH 1/5] virtio-pci: ignore unaligned read/write in virtio_address_space_read()/write() |
|
Date: |
Mon, 13 Jul 2015 10:39:44 +0200 |
On Mo, 2015-07-13 at 11:00 +0300, Michael S. Tsirkin wrote:
> On Mon, Jul 13, 2015 at 09:53:43AM +0200, Gerd Hoffmann wrote:
> > On Mo, 2015-07-13 at 10:36 +0300, Michael S. Tsirkin wrote:
> > > On Mon, Jul 13, 2015 at 01:46:47PM +0800, Jason Wang wrote:
> > > > We abort on unaligned read/write in
> > > > virtio_address_space_read()/write() but since len in under control of
> > > > guest so qemu will simply crash when booting a modern guest (guest is
> > > > try to read when len is zero).
> > > > read.
> > >
> > > How can len be 0? Isn't this a guest bug? Or is this
> > > a theoretical issue?
> >
> > Something dumping pci config space?
> > With pci access capability not being used before and therefore zeroed?
> > Then hitting the "data" field will trigger a zero-length read.
>
> I suspect so, yes. All this worries me: what if length was not 0
> because the capability was previously used e.g. by bios?
>
> > That assert actually triggers when booting a recent linux kernel with
> > disable-modern=off
> >
> > cheers,
> > Gerd
> >
>
> Which linux version? Doesn't seem to trigger for me ...
Fedora 22 guest with latest distro kernel (4.0.7)
cheers,
Gerd
Re: [Qemu-devel] [PATCH 1/5] virtio-pci: ignore unaligned read/write in virtio_address_space_read()/write(), Michael S. Tsirkin, 2015/07/13
Re: [Qemu-devel] [PATCH 1/5] virtio-pci: ignore unaligned read/write in virtio_address_space_read()/write(), Jason Wang, 2015/07/13