From ef332876f757293ab20cbe8619307868321ee929 Mon Sep 17 00:00:00 2001
From: Eduardo Habkost <ehabkost@redhat.com>
Date: Mon, 7 Dec 2009 20:38:38 -0200
Subject: [PATCH 2/4] bz#545136: whitelist host virtio networking features
RH-Author: Eduardo Habkost <ehabkost@redhat.com>
Message-id: <20091207203533.GD3422@blackpad.lan.raisama.net>
Patchwork-id: 3870
O-Subject: [RHEL-5.5 KVM PATCH] bz#545136: whitelist host virtio networking
features
Bugzilla: 545136
RH-Acked-by: Mark McLoughlin <markmc@redhat.com>
RH-Acked-by: Eugene Teo <eugene@redhat.com>
RH-Acked-by: Juan Quintela <quintela@redhat.com>
Bugzilla: https://bugzilla.redhat.com/545136
cherry-pick of upstream commit below.
It's not exactly a security bug on KVM, but it helps to mitigate a
security bug on Linux 2.6.25 guests.
Please ACK.
---------
>From: Dustin Kirkland <kirkland@canonical.com>
Date: Thu, 29 Oct 2009 15:34:15 +0000
Subject: [PATCH] whitelist host virtio networking features [was Re: qemu-kvm-0.11 regression, crashes on older ...]
whitelist host virtio networking features
This patch is a followup to 8eca6b1bc770982595db2f7207c65051572436cb,
fixing crashes when guests with 2.6.25 virtio drivers have saturated
virtio network connections.
https://bugs.edge.launchpad.net/ubuntu/+source/qemu-kvm/+bug/458521
That patch should have been whitelisting *_HOST_* rather than the the
*_GUEST_* features.
I tested this by running an Ubuntu 8.04 Hardy guest (2.6.24 kernel +
2.6.25-virtio driver). I saturated both the incoming, and outgoing
network connection with nc, seeing sustained 6MB/s up and 6MB/s down
bitrates for ~20 minutes. Previously, this crashed immediately. Now,
the guest does not crash and maintains network connectivity throughout
the test.
Signed-off-by: Dustin Kirkland <kirkland@canonical.com>
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Tested-by: Dustin Kirkland <kirkland@canonical.com>
---
qemu/hw/virtio-net.c | 8 ++++----
1 files changed, 4 insertions(+), 4 deletions(-)
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
---
qemu/hw/virtio-net.c | 8 ++++----
1 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/qemu/hw/virtio-net.c b/qemu/hw/virtio-net.c
index 5d63547..6c6eb16 100644
--- a/qemu/hw/virtio-net.c
+++ b/qemu/hw/virtio-net.c
@@ -105,10 +105,10 @@ static uint32_t virtio_net_bad_features(VirtIODevice *vdev)
/* Linux kernel 2.6.25. It understood MAC (as everyone must),
* but also these: */
features |= (1 << VIRTIO_NET_F_MAC);
- features |= (1 << VIRTIO_NET_F_GUEST_CSUM);
- features |= (1 << VIRTIO_NET_F_GUEST_TSO4);
- features |= (1 << VIRTIO_NET_F_GUEST_TSO6);
- features |= (1 << VIRTIO_NET_F_GUEST_ECN);
+ features |= (1 << VIRTIO_NET_F_CSUM);
+ features |= (1 << VIRTIO_NET_F_HOST_TSO4);
+ features |= (1 << VIRTIO_NET_F_HOST_TSO6);
+ features |= (1 << VIRTIO_NET_F_HOST_ECN);
return features & virtio_net_get_features(vdev);
}
--
1.6.3.rc4.29.g8146
distrib
>
Scientific%20Linux
>
5x
>
x86_64
>
by-pkgid
>
340e01248478ba8b78a6d4d1809b1eff
>
files
>
304
