On Fri, 2009-10-30 at 16:15 -0500, Dustin Kirkland wrote: > On Thu, Oct 29, 2009 at 10:34 AM, Dustin Kirkland > <kirkland@xxxxxxxxxxxxx> wrote: > > whitelist host virtio networking features > > > > This patch is a followup to 8eca6b1bc770982595db2f7207c65051572436cb, > > fixing crashes when guests with 2.6.25 virtio drivers have saturated > > virtio network connections. > > > > https://bugs.edge.launchpad.net/ubuntu/+source/qemu-kvm/+bug/458521 > > > > That patch should have been whitelisting *_HOST_* rather than the the > > *_GUEST_* features. > > > > I tested this by running an Ubuntu 8.04 Hardy guest (2.6.24 kernel + > > 2.6.25-virtio driver). I saturated both the incoming, and outgoing > > network connection with nc, seeing sustained 6MB/s up and 6MB/s down > > bitrates for ~20 minutes. Previously, this crashed immediately. Now, > > the guest does not crash and maintains network connectivity throughout > > the test. > <snip> > > FYI... Thanks for the notice > Canonical's Ubuntu Security Team will be filing a CVE on this issue, > since there is a bit of an attack vector here, and since > qemu-kvm-0.11.0 is generally available as an official release (and now > part of Ubuntu 9.10). > > Guests running linux <= 2.6.25 virtio-net (e.g Ubuntu 8.04 hardy) on > top of qemu-kvm-0.11.0 can be remotely crashed by a non-privileged > network user flooding an open port on the guest. The crash happens in > a manner that abruptly terminates the guest's execution (ie, without > shutting down cleanly). This may affect the guest filesystem's > general happiness. IMHO, the CVE should be against the 2.6.25 virtio drivers - the bug is in the guest and the issue we're discussing here is just a hacky workaround for the guest bug. Cheers, Mark. -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html