| commit | f4729ec39ad97a42ceaa7b5697f84f440ea6e5dc | |
| author | Philippe Mathieu-Daudé <philmd@linaro.org> | |
| Thu, 4 Apr 2024 18:56:41 +0000 (4 20:56 +0200) | ||
| committer | Philippe Mathieu-Daudé <philmd@linaro.org> | |
| Wed, 10 Apr 2024 07:09:33 +0000 (10 09:09 +0200) | ||
| tree | 09a197ef5a6db52863e028b815eb665159b83ee2 | treesnapshot (tar.gz zip) |
| parent | b4295bff25f7b50de1d9cc94a9c6effd40056bca | commitdiff |
hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs
Replace qemu_bh_new_guarded() by virtio_bh_new_guarded()
so the bus and device use the same guard. Otherwise the
DMA-reentrancy protection can be bypassed.
Fixes: CVE-2024-3446
Cc: qemu-stable@nongnu.org
Suggested-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Message-Id: <20240409105537.18308-5-philmd@linaro.org>
Replace qemu_bh_new_guarded() by virtio_bh_new_guarded()
so the bus and device use the same guard. Otherwise the
DMA-reentrancy protection can be bypassed.
Fixes: CVE-2024-3446
Cc: qemu-stable@nongnu.org
Suggested-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Message-Id: <20240409105537.18308-5-philmd@linaro.org>
| hw/virtio/virtio-crypto.c | diffblobblamehistory |