falso
/
qemu-irix
mirror of https://github.com/n64decomp/qemu-irix.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
qemu-irix/hw
History
Shmulik Ladkani eedeeeffd4 vmxnet3: Do not fill stats if device is inactive 
Guest OS may issue VMXNET3_CMD_GET_STATS even before device was
activated (for example in linux, after insmod but prior net-dev open).

Accessing shared descriptors prior device activation is illegal as the
VMXNET3State structures have not been fully initialized.

As a result, guest memory gets corrupted and may lead to guest OS
crashes.

Fix, by not filling the stats descriptors if device is inactive.

Reported-by: Leonid Shatz <leonid.shatz@ravellosystems.com>
Acked-by: Dmitry Fleytman <dmitry@daynix.com>
Signed-off-by: Dana Rubin <dana.rubin@ravellosystems.com>
Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
 		2015-10-27 10:30:38 +08:00
..
9pfs coroutine: move into libqemuutil.a library 2015-10-20 14:59:04 +01:00
acpi
alpha
arm
audio
block dataplane: Mark host notifiers' client type as "external" 2015-10-23 18:18:24 +02:00
bt
char escc: add to input category 2015-10-23 12:35:17 +11:00
core
cpu
cris
display vmsvga: more cursor checks 2015-10-20 09:26:36 +02:00
dma
gpio
i2c
i386 xen-platform: Replace assert() with appropriate error reporting 2015-10-26 11:32:24 +00:00
ide macio-ide: add to storage category 2015-10-23 12:35:18 +11:00
input adb: add to input category 2015-10-23 12:35:17 +11:00
intc openpic: add to misc category 2015-10-23 12:35:18 +11:00
ipack
isa hw/isa/lpc_ich9: inject the SMI on the VCPU that is writing to APM_CNT 2015-10-22 14:39:09 +03:00
lm32
m68k
mem pc-dimm: add vhost slots limit check before commiting to hotplug 2015-10-22 14:34:48 +03:00
microblaze
mips
misc ivshmem: use little-endian int64_t for the protocol 2015-10-26 10:19:53 +01:00
moxie
net vmxnet3: Do not fill stats if device is inactive 2015-10-27 10:30:38 +08:00
nvram macio-nvram: add to misc category 2015-10-23 12:35:18 +11:00
openrisc
pci msix: implement pba write (but read-only) 2015-10-24 18:03:18 +02:00
pci-bridge
pci-host uninorth: add to bridge category 2015-10-23 12:35:18 +11:00
pcmcia
ppc prep: do not use CPU_LOG_IOPORT, convert to tracepoints 2015-10-23 12:38:28 +11:00
s390x s390x/cmma: clean up cmma reset 2015-10-21 12:21:30 +02:00
scsi dataplane: Mark host notifiers' client type as "external" 2015-10-23 18:18:24 +02:00
sd
sh4
smbios
sparc
sparc64
ssi
timer
tpm
tricore
unicore32
usb hw/usb-storage: Check whether BB is inserted 2015-10-23 18:18:23 +02:00
vfio
virtio vhost: build fix 2015-10-23 10:24:08 +01:00
watchdog
xen Qemu/Xen: Fix early freeing MSIX MMIO memory region 2015-10-26 11:32:18 +00:00
xenpv
xtensa target-xtensa: xtfpga: attach FLASH to system IO 2015-10-21 21:28:33 +03:00
Makefile.objs