[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH for-2.10-rc4?] acpi: pcihp: fix use-after-free f
From: |
Igor Mammedov |
Subject: |
Re: [Qemu-devel] [PATCH for-2.10-rc4?] acpi: pcihp: fix use-after-free for machines previous pc-1.7 compat |
Date: |
Wed, 23 Aug 2017 10:35:17 +0200 |
On Wed, 23 Aug 2017 08:04:06 +0200
Thomas Huth <address@hidden> wrote:
> On 23.08.2017 07:40, Thomas Huth wrote:
> > On 23.08.2017 02:10, Philippe Mathieu-Daudé wrote:
> >> On 08/22/2017 07:42 PM, Michael S. Tsirkin wrote:
> >>> On Tue, Aug 22, 2017 at 06:43:43PM -0300, Philippe Mathieu-Daudé wrote:
> >>>> 9e047b982452 "piix4: add acpi pci hotplug support" introduced a new
> >>>> property
> >>>> 'use_acpi_pci_hotplug' for pc-1.7 and older machines.
> >>>> c24d5e0b91d1 "convert ACPI PCI hotplug to use hotplug-handler API"
> >>>> added the
> >>>> qbus hotplug handlers but forgot to check for the 'use_acpi_pci_hotplug'
> >>>> property.
> >>>>
> >>>> Check for use_acpi_pci_hotplug before calling
> >>>> acpi_pcihp_device_[un]plug_cb().
> > [...]
> >>>> Reported-by: Thomas Huth <address@hidden>
> >>>> Message-Id: <address@hidden>
> >>>> Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
> >>>
> >>> Looks like this is a very old bug, isn't it?
> >>> Objections to merging this after the release?
> >>
> >> Yes, I'm also inclined to delay it so we can release 2.10, I tagged
> >> "2.10-rc4" since Thomas sent it as a bug within the 2.10 window so I'll
> >> let him decide if it is worth crying wolf :) It's very likely no-one but
> >> him used pre-pc-i440fx-1.7 the last 3 years, not even thinking about hot
> >> plugging AHCI devices :D
> >
> > I'm fine if this gets included in 2.11 - it's quite unlikely that a user
> > tries hot-plug ahci on such an old machine type, I think. But we maybe
question is should be ahci device by hotpluggable at all?
Re: [Qemu-devel] [PATCH for-2.10-rc4?] acpi: pcihp: fix use-after-free for machines previous pc-1.7 compat, Igor Mammedov, 2017/08/23