From: Mark McLoughlin <markmc@redhat.com> To: Dustin Kirkland <kirkland@canonical.com> Cc: Anthony Liguori <anthony@codemonkey.ws>, Scott Tsai <scottt.tw@gmail.com>, qemu-devel <qemu-devel@nongnu.org>, kvm <kvm@vger.kernel.org>, Rusty Russell <rusty@rustcorp.com.au>, jdstrand@canonical.com, kees.cook@canonical.com, Marc Deslauriers <marc.deslauriers@canonical.com> Subject: Re: [PATCH] whitelist host virtio networking features [was Re: qemu-kvm-0.11 regression, crashes on older ...] Date: Mon, 02 Nov 2009 09:38:42 -0500 [thread overview] Message-ID: <1257172722.5075.7.camel@blaa> (raw) In-Reply-To: <d9c105ea0910301415n74efc9f2i3f8b2646217f44cb@mail.gmail.com> On Fri, 2009-10-30 at 16:15 -0500, Dustin Kirkland wrote: > On Thu, Oct 29, 2009 at 10:34 AM, Dustin Kirkland > <kirkland@canonical.com> wrote: > > whitelist host virtio networking features > > > > This patch is a followup to 8eca6b1bc770982595db2f7207c65051572436cb, > > fixing crashes when guests with 2.6.25 virtio drivers have saturated > > virtio network connections. > > > > https://bugs.edge.launchpad.net/ubuntu/+source/qemu-kvm/+bug/458521 > > > > That patch should have been whitelisting *_HOST_* rather than the the > > *_GUEST_* features. > > > > I tested this by running an Ubuntu 8.04 Hardy guest (2.6.24 kernel + > > 2.6.25-virtio driver). I saturated both the incoming, and outgoing > > network connection with nc, seeing sustained 6MB/s up and 6MB/s down > > bitrates for ~20 minutes. Previously, this crashed immediately. Now, > > the guest does not crash and maintains network connectivity throughout > > the test. > <snip> > > FYI... Thanks for the notice > Canonical's Ubuntu Security Team will be filing a CVE on this issue, > since there is a bit of an attack vector here, and since > qemu-kvm-0.11.0 is generally available as an official release (and now > part of Ubuntu 9.10). > > Guests running linux <= 2.6.25 virtio-net (e.g Ubuntu 8.04 hardy) on > top of qemu-kvm-0.11.0 can be remotely crashed by a non-privileged > network user flooding an open port on the guest. The crash happens in > a manner that abruptly terminates the guest's execution (ie, without > shutting down cleanly). This may affect the guest filesystem's > general happiness. IMHO, the CVE should be against the 2.6.25 virtio drivers - the bug is in the guest and the issue we're discussing here is just a hacky workaround for the guest bug. Cheers, Mark.
WARNING: multiple messages have this Message-ID (diff)
From: Mark McLoughlin <markmc@redhat.com> To: Dustin Kirkland <kirkland@canonical.com> Cc: Scott Tsai <scottt.tw@gmail.com>, kvm <kvm@vger.kernel.org>, Rusty Russell <rusty@rustcorp.com.au>, qemu-devel <qemu-devel@nongnu.org>, jdstrand@canonical.com, Marc Deslauriers <marc.deslauriers@canonical.com>, kees.cook@canonical.com Subject: [Qemu-devel] Re: [PATCH] whitelist host virtio networking features [was Re: qemu-kvm-0.11 regression, crashes on older ...] Date: Mon, 02 Nov 2009 09:38:42 -0500 [thread overview] Message-ID: <1257172722.5075.7.camel@blaa> (raw) In-Reply-To: <d9c105ea0910301415n74efc9f2i3f8b2646217f44cb@mail.gmail.com> On Fri, 2009-10-30 at 16:15 -0500, Dustin Kirkland wrote: > On Thu, Oct 29, 2009 at 10:34 AM, Dustin Kirkland > <kirkland@canonical.com> wrote: > > whitelist host virtio networking features > > > > This patch is a followup to 8eca6b1bc770982595db2f7207c65051572436cb, > > fixing crashes when guests with 2.6.25 virtio drivers have saturated > > virtio network connections. > > > > https://bugs.edge.launchpad.net/ubuntu/+source/qemu-kvm/+bug/458521 > > > > That patch should have been whitelisting *_HOST_* rather than the the > > *_GUEST_* features. > > > > I tested this by running an Ubuntu 8.04 Hardy guest (2.6.24 kernel + > > 2.6.25-virtio driver). I saturated both the incoming, and outgoing > > network connection with nc, seeing sustained 6MB/s up and 6MB/s down > > bitrates for ~20 minutes. Previously, this crashed immediately. Now, > > the guest does not crash and maintains network connectivity throughout > > the test. > <snip> > > FYI... Thanks for the notice > Canonical's Ubuntu Security Team will be filing a CVE on this issue, > since there is a bit of an attack vector here, and since > qemu-kvm-0.11.0 is generally available as an official release (and now > part of Ubuntu 9.10). > > Guests running linux <= 2.6.25 virtio-net (e.g Ubuntu 8.04 hardy) on > top of qemu-kvm-0.11.0 can be remotely crashed by a non-privileged > network user flooding an open port on the guest. The crash happens in > a manner that abruptly terminates the guest's execution (ie, without > shutting down cleanly). This may affect the guest filesystem's > general happiness. IMHO, the CVE should be against the 2.6.25 virtio drivers - the bug is in the guest and the issue we're discussing here is just a hacky workaround for the guest bug. Cheers, Mark.
next prev parent reply other threads:[~2009-11-02 14:41 UTC|newest] Thread overview: 70+ messages / expand[flat|nested] mbox.gz Atom feed top 2009-10-28 19:22 qemu-kvm-0.11 regression, crashes on older guests with virtio network Dustin Kirkland 2009-10-28 19:22 ` [Qemu-devel] " Dustin Kirkland 2009-10-28 19:29 ` Dustin Kirkland 2009-10-28 19:29 ` [Qemu-devel] " Dustin Kirkland 2009-10-29 3:12 ` [Qemu-devel] " Scott Tsai 2009-10-29 3:12 ` Scott Tsai 2009-10-29 9:16 ` Mark McLoughlin 2009-10-29 9:16 ` Mark McLoughlin 2009-10-29 12:00 ` Scott Tsai 2009-10-29 12:00 ` Scott Tsai 2009-10-29 12:16 ` Mark McLoughlin 2009-10-29 12:16 ` Mark McLoughlin 2009-10-29 12:21 ` Scott Tsai 2009-10-29 12:21 ` Scott Tsai 2009-10-29 14:11 ` Anthony Liguori 2009-10-29 14:11 ` Anthony Liguori 2009-10-29 14:25 ` Mark McLoughlin 2009-10-29 14:25 ` Mark McLoughlin 2009-10-29 14:34 ` Dustin Kirkland 2009-10-29 14:34 ` Dustin Kirkland 2009-10-29 14:46 ` Dustin Kirkland 2009-10-29 14:46 ` Dustin Kirkland 2009-10-29 14:50 ` Mark McLoughlin 2009-10-29 14:50 ` Mark McLoughlin 2009-10-29 14:39 ` Anthony Liguori 2009-10-29 14:39 ` Anthony Liguori 2009-10-29 14:48 ` Mark McLoughlin 2009-10-29 14:48 ` Mark McLoughlin 2009-10-29 15:01 ` Dustin Kirkland 2009-10-29 15:01 ` Dustin Kirkland 2009-10-29 15:01 ` Mark McLoughlin 2009-10-29 15:01 ` Mark McLoughlin 2009-10-29 15:13 ` Dustin Kirkland 2009-10-29 15:13 ` Dustin Kirkland 2009-10-29 15:15 ` Mark McLoughlin 2009-10-29 15:15 ` Mark McLoughlin 2009-10-29 15:34 ` [PATCH] whitelist host virtio networking features [was Re: qemu-kvm-0.11 regression, crashes on older ...] Dustin Kirkland 2009-10-29 15:34 ` [Qemu-devel] " Dustin Kirkland 2009-10-30 21:15 ` Dustin Kirkland 2009-10-30 21:15 ` [Qemu-devel] " Dustin Kirkland 2009-11-02 14:38 ` Mark McLoughlin [this message] 2009-11-02 14:38 ` Mark McLoughlin 2009-11-02 15:42 ` Anthony Liguori 2009-11-02 15:42 ` [Qemu-devel] " Anthony Liguori 2009-11-02 15:52 ` Jamie Lokier 2009-11-02 18:20 ` Michael Tokarev 2009-11-02 18:20 ` Michael Tokarev 2009-11-02 19:39 ` Jamie Lokier 2009-11-02 19:39 ` Jamie Lokier 2009-11-02 18:55 ` Anthony Liguori 2009-11-02 19:25 ` Dustin Kirkland 2009-11-02 19:25 ` Dustin Kirkland 2009-11-02 20:50 ` Anthony Liguori 2009-11-02 20:50 ` Anthony Liguori 2009-11-05 5:06 ` Jamie Lokier 2009-11-05 5:06 ` Jamie Lokier 2009-11-02 16:58 ` Dustin Kirkland 2009-11-02 16:58 ` [Qemu-devel] " Dustin Kirkland 2009-10-29 14:39 ` [Qemu-devel] qemu-kvm-0.11 regression, crashes on older guests with virtio network Dustin Kirkland 2009-10-29 14:39 ` Dustin Kirkland 2009-10-29 23:22 ` Scott Tsai 2009-10-29 23:22 ` Scott Tsai 2009-10-29 12:23 ` Michael S. Tsirkin 2009-10-29 12:23 ` [Qemu-devel] " Michael S. Tsirkin 2009-10-29 14:38 ` Avi Kivity 2009-10-29 14:38 ` [Qemu-devel] " Avi Kivity 2009-10-29 15:03 ` Michael S. Tsirkin 2009-10-29 15:03 ` [Qemu-devel] " Michael S. Tsirkin 2009-10-29 14:43 ` [Qemu-devel] " Dustin Kirkland 2009-10-29 14:43 ` Dustin Kirkland
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=1257172722.5075.7.camel@blaa \ --to=markmc@redhat.com \ --cc=anthony@codemonkey.ws \ --cc=jdstrand@canonical.com \ --cc=kees.cook@canonical.com \ --cc=kirkland@canonical.com \ --cc=kvm@vger.kernel.org \ --cc=marc.deslauriers@canonical.com \ --cc=qemu-devel@nongnu.org \ --cc=rusty@rustcorp.com.au \ --cc=scottt.tw@gmail.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.