| commit | eedeeeffd419ab149e0b0ad5fc4b7cf5e1db6274 | |
| author | Shmulik Ladkani <shmulik.ladkani@ravellosystems.com> | |
| Thu, 15 Oct 2015 10:54:30 +0000 (15 13:54 +0300) | ||
| committer | Jason Wang <jasowang@redhat.com> | |
| Tue, 27 Oct 2015 02:30:38 +0000 (27 10:30 +0800) | ||
| tree | 3214b3c8d13808a77f5b68438df25a6120e27e22 | treesnapshot (tar.gz zip) |
| parent | d3e0c032f52f4fb855f9bd2892ebd175a9d975a1 | commitdiff |
vmxnet3: Do not fill stats if device is inactive
Guest OS may issue VMXNET3_CMD_GET_STATS even before device was
activated (for example in linux, after insmod but prior net-dev open).
Accessing shared descriptors prior device activation is illegal as the
VMXNET3State structures have not been fully initialized.
As a result, guest memory gets corrupted and may lead to guest OS
crashes.
Fix, by not filling the stats descriptors if device is inactive.
Reported-by: Leonid Shatz <leonid.shatz@ravellosystems.com>
Acked-by: Dmitry Fleytman <dmitry@daynix.com>
Signed-off-by: Dana Rubin <dana.rubin@ravellosystems.com>
Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Guest OS may issue VMXNET3_CMD_GET_STATS even before device was
activated (for example in linux, after insmod but prior net-dev open).
Accessing shared descriptors prior device activation is illegal as the
VMXNET3State structures have not been fully initialized.
As a result, guest memory gets corrupted and may lead to guest OS
crashes.
Fix, by not filling the stats descriptors if device is inactive.
Reported-by: Leonid Shatz <leonid.shatz@ravellosystems.com>
Acked-by: Dmitry Fleytman <dmitry@daynix.com>
Signed-off-by: Dana Rubin <dana.rubin@ravellosystems.com>
Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
| hw/net/vmxnet3.c | diffblobblamehistory |