]> git.ipfire.org Git - thirdparty/qemu.git/commit
projects / thirdparty / qemu.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 48033ad) | patch
hw/nvme: fix CVE-2021-3929
authorKlaus Jensen <k.jensen@samsung.com>
Fri, 17 Dec 2021 09:44:01 +0000 (10:44 +0100)
committerKlaus Jensen <k.jensen@samsung.com>
Mon, 14 Feb 2022 07:58:29 +0000 (08:58 +0100)
commit736b01642d85be832385063f278fe7cd4ffb5221
tree59a771011265be7081cc7f14d56c0f540f82482etree
parent48033ad678ae2def43bf0d543a2c4c3d2a93feafcommit | diff
hw/nvme: fix CVE-2021-3929

This fixes CVE-2021-3929 "locally" by denying DMA to the iomem of the
device itself. This still allows DMA to MMIO regions of other devices
(e.g. doing P2P DMA to the controller memory buffer of another NVMe
device).

Fixes: CVE-2021-3929
Reported-by: Qiuhao Li <Qiuhao.Li@outlook.com>
Reviewed-by: Keith Busch <kbusch@kernel.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
hw/nvme/ctrl.c diff | blob | blame | history
Mirror of https://git.qemu.org/git/qemu.git