On Fri, Dec 23, 2011 at 03:39:03PM +0100, Paolo Bonzini wrote: > QEMU does have a "scsi" option (to be used like -device > virtio-blk-pci,drive=foo,scsi=off). However, it only > masks the feature bit, and does not reject the command > if a malicious guest disregards the feature bits and > issues a request. > > Without this patch, using scsi=off does not protect you > from CVE-2011-4127. > > Signed-off-by: Paolo Bonzini <pbonz...@redhat.com> > --- > hw/virtio-blk.c | 6 ++++++ > 1 files changed, 6 insertions(+), 0 deletions(-)
I checked that guest_features cannot have SCSI enabled when the host wishes to prohibit SCSI. Reviewed-by: Stefan Hajnoczi <stefa...@linux.vnet.ibm.com>
