Re: [PATCH] hw/nvme: fix CVE-2021-3929

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] hw/nvme: fix CVE-2021-3929

From:	Klaus Jensen
Subject:	Re: [PATCH] hw/nvme: fix CVE-2021-3929
Date:	Thu, 20 Jan 2022 21:13:11 +0100

On Jan 20 07:10, Keith Busch wrote:
> On Thu, Jan 20, 2022 at 09:01:55AM +0100, Klaus Jensen wrote:
> > +static inline bool nvme_addr_is_iomem(NvmeCtrl *n, hwaddr addr)
> > +{
> > +    hwaddr hi, lo;
> > +
> > +    lo = n->bar0.addr;
> > +    hi = lo + int128_get64(n->bar0.size);
> > +
> > +    return addr >= lo && addr < hi;
> 
> Looks fine considering this implementation always puts CMB in an
> exclusive BAR. From a spec consideration though, you can put a CMB at a
> BAR0 offset. I don't think that's going to happen anytime soon here, but
> may be worth a comment to notify this function needs to be updated if
> that assumption ever changes.
> 
> Reviewed-by: Keith Busch <kbusch@kernel.org>

Nice catch Keith. A comment would be wise!

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH] hw/nvme: fix CVE-2021-3929, Klaus Jensen, 2022/01/20
- Re: [PATCH] hw/nvme: fix CVE-2021-3929, Keith Busch, 2022/01/20
  - Re: [PATCH] hw/nvme: fix CVE-2021-3929, Klaus Jensen <=

Prev by Date: [RFC 4/5] target/riscv: Add *envcfg* CSRs support
Next by Date: Re: [PULL v2 00/38] target-arm queue
Previous by thread: Re: [PATCH] hw/nvme: fix CVE-2021-3929
Next by thread: [PULL 0/3] M68k for 7.0 patches
Index(es):
- Date
- Thread