218003 – pci: Unaligned config read/write overflow

Bug 218003 - pci: Unaligned config read/write overflow

Summary: pci: Unaligned config read/write overflow

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	xen
Sub Component:
Version:	5.0
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Target Release:	---
Assignee:	Rik van Riel
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2006-12-01 06:11 UTC by Herbert Xu
Modified:	2007-11-30 22:07 UTC (History)
CC List:	1 user (show)
Fixed In Version:	RC
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2007-02-08 01:10:57 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Herbert Xu 2006-12-01 06:11:08 UTC

Changesets 12586+12649 from xen-unstable.

[QEMU] pci: Unaligned config read/write overflow

The default config read/write handlers allows a 4-byte read/write at
address 255.  This can clobber the field after the config area.  This
happens to be the PCIBus pointer in the PCIDevice structure.

This patch stops this from reducing the read/write to the (largest
multiple of 2) number of bytes within the config area.

Signed-off-by: Herbert Xu <herbert.org.au>

[QEMU] Simpler workaround for guest writes to PCI config
space that extend past byte 0xff.
Signed-off-by: Keir Fraser <keir>

Comment 1 Jay Turner 2006-12-01 14:29:23 UTC

QE ack for RHEL5.

Comment 3 RHEL Program Management 2007-02-08 01:10:57 UTC

A package has been built which should help the problem described in 
this bug report. This report is therefore being closed with a resolution 
of CURRENTRELEASE. You may reopen this bug report if the solution does 
not work for you.

Note You need to log in before you can comment on or make changes to this bug.