Stefan Hajnoczi <stefa...@redhat.com> writes: > Gaudenz Steinlin <gaud...@debian.org> reported that virtqueue_pop() terminates > QEMU because the virtqueue size is exceeded following the CVE-2016-5403 fix. > I > have been unable to reproduce this or understand the root cause by code > inspection. Along the way I did discover a few bugs in virtio-balloon and > virtio code. > > Please see the individual patches for details. > > Gaudenz: If you can reproduce the bug you reported, please try again with > these > patches applied.
As mentioned in the original thread I only tested on QEMU 2.0.0 so far. I tried to apply your patches to this version, but did not succeed. I could not apply the first patch in the series because the code changed too much and with only the others applied QEMU failed to compile. I gave up at that point. Does it make sense at all to test these patches on 2.0.0? Ubuntu reverted the problematic fix in their latest package update for trusty, so my immediate problem is "solved". Is there a chance to get a fix for CVE-2016-5403 that works on QEMU 2.0.0 without breaking migrations? Best regards and thanks to all for the effort so far, Gaudenz
signature.asc
Description: PGP signature
