46f3a5c276
CVE-2014-3640 qemu: slirp: NULL pointer (bz #1144821, bz #1144818)
45 lines
2.0 KiB
Diff
45 lines
2.0 KiB
Diff
From a9862ff2c205aa289b62abcb7ddd03c7630f5c7a Mon Sep 17 00:00:00 2001
|
|
From: "Michael S. Tsirkin" <mst@redhat.com>
|
|
Date: Thu, 11 Sep 2014 18:45:33 +0200
|
|
Subject: [PATCH] virtio-pci: enable bus master for old guests
|
|
|
|
commit cc943c36faa192cd4b32af8fe5edb31894017d35
|
|
pci: Use bus master address space for delivering MSI/MSI-X messages
|
|
breaks virtio-net for rhel6.[56] x86 guests because they don't
|
|
enable bus mastering for virtio PCI devices. For the same reason,
|
|
rhel6.[56] ppc64 guests cannot boot on a virtio-blk disk anymore.
|
|
|
|
Old guests forgot to enable bus mastering, enable it automatically on
|
|
DRIVER (guests use some devices before DRIVER_OK).
|
|
|
|
Reported-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
|
|
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
|
|
Tested-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
|
|
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
|
|
(cherry picked from commit e43c0b2ea5574efb0bedebf6a7d05916eefeba52)
|
|
---
|
|
hw/virtio/virtio-pci.c | 10 ++++++++++
|
|
1 file changed, 10 insertions(+)
|
|
|
|
diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
|
|
index 3007319..58ebbcf 100644
|
|
--- a/hw/virtio/virtio-pci.c
|
|
+++ b/hw/virtio/virtio-pci.c
|
|
@@ -314,6 +314,16 @@ static void virtio_ioport_write(void *opaque, uint32_t addr, uint32_t val)
|
|
msix_unuse_all_vectors(&proxy->pci_dev);
|
|
}
|
|
|
|
+ /* Linux before 2.6.34 drives the device without enabling
|
|
+ the PCI device bus master bit. Enable it automatically
|
|
+ for the guest. This is a PCI spec violation but so is
|
|
+ initiating DMA with bus master bit clear. */
|
|
+ if (val == (VIRTIO_CONFIG_S_ACKNOWLEDGE | VIRTIO_CONFIG_S_DRIVER)) {
|
|
+ pci_default_write_config(&proxy->pci_dev, PCI_COMMAND,
|
|
+ proxy->pci_dev.config[PCI_COMMAND] |
|
|
+ PCI_COMMAND_MASTER, 1);
|
|
+ }
|
|
+
|
|
/* Linux before 2.6.34 sets the device as OK without enabling
|
|
the PCI device bus master bit. In this case we need to disable
|
|
some safety checks. */
|