diff options
author | Gerd Hoffmann <kraxel@redhat.com> | 2016-04-18 09:11:38 +0200 |
---|---|---|
committer | Gerd Hoffmann <kraxel@redhat.com> | 2016-04-19 08:18:27 +0200 |
commit | 1ae3f2f178087711f9591350abad133525ba93f2 (patch) | |
tree | 3823cf7dd8d30c31a7c154d067801a73cc53bcfd /version.rc | |
parent | c6c598ca5fba68fbd6612f3330c4015142f2f86a (diff) | |
download | qemu-1ae3f2f178087711f9591350abad133525ba93f2.zip qemu-1ae3f2f178087711f9591350abad133525ba93f2.tar.gz qemu-1ae3f2f178087711f9591350abad133525ba93f2.tar.bz2 |
ehci: apply limit to iTD/sidt descriptors
Commit "156a2e4 ehci: make idt processing more robust" tries to avoid a
DoS by the guest (create a circular iTD queue and let qemu ehci
emulation run in circles forever). Unfortunately this has two problems:
First it misses the case of siTDs, and second it reportedly breaks
FreeBSD.
So lets go for a different approach: just count the number of iTDs and
siTDs we have seen per frame and apply a limit. That should really
catch all cases now.
Reported-by: 杜少博 <dushaobo@360.cn>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Diffstat (limited to 'version.rc')
0 files changed, 0 insertions, 0 deletions