Re: [PATCH] whitelist host virtio networking features [was Re: qemu-kvm-0.11 regression, crashes on older ...]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2009-10-30 at 16:15 -0500, Dustin Kirkland wrote:
> On Thu, Oct 29, 2009 at 10:34 AM, Dustin Kirkland
> <kirkland@xxxxxxxxxxxxx> wrote:
> > whitelist host virtio networking features
> >
> > This patch is a followup to 8eca6b1bc770982595db2f7207c65051572436cb,
> > fixing crashes when guests with 2.6.25 virtio drivers have saturated
> > virtio network connections.
> >
> > https://bugs.edge.launchpad.net/ubuntu/+source/qemu-kvm/+bug/458521
> >
> > That patch should have been whitelisting *_HOST_* rather than the the
> > *_GUEST_* features.
> >
> > I tested this by running an Ubuntu 8.04 Hardy guest (2.6.24 kernel +
> > 2.6.25-virtio driver).  I saturated both the incoming, and outgoing
> > network connection with nc, seeing sustained 6MB/s up and 6MB/s down
> > bitrates for ~20 minutes.  Previously, this crashed immediately.  Now,
> > the guest does not crash and maintains network connectivity throughout
> > the test.
> <snip>
> 
> FYI...

Thanks for the notice

> Canonical's Ubuntu Security Team will be filing a CVE on this issue,
> since there is a bit of an attack vector here, and since
> qemu-kvm-0.11.0 is generally available as an official release (and now
> part of Ubuntu 9.10).
> 
> Guests running linux <= 2.6.25 virtio-net (e.g Ubuntu 8.04 hardy) on
> top of qemu-kvm-0.11.0 can be remotely crashed by a non-privileged
> network user flooding an open port on the guest.  The crash happens in
> a manner that abruptly terminates the guest's execution (ie, without
> shutting down cleanly).  This may affect the guest filesystem's
> general happiness.

IMHO, the CVE should be against the 2.6.25 virtio drivers - the bug is
in the guest and the issue we're discussing here is just a hacky
workaround for the guest bug.

Cheers,
Mark.

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]
  Powered by Linux