From: Paolo Bonzini <pbonzini@redhat.com>
To: "Andreas Färber" <afaerber@suse.de>, qemu-devel@nongnu.org
Cc: Peter Maydell <peter.maydell@linaro.org>,
Sebastian Krahmer <krahmer@suse.com>,
"Michael S. Tsirkin" <mst@redhat.com>,
David Marchand <david.marchand@6wind.com>,
Bruce Rogers <brogers@suse.com>,
Sebastian Krahmer <krahmer@suse.de>,
Gerd Hoffmann <kraxel@redhat.com>,
Stefan Hajnoczi <stefanha@redhat.com>,
Cam Macdonell <cam@cs.ualberta.ca>
Subject: Re: [Qemu-devel] [PATCH v3 0/4] ivshmem security fixes
Date: Fri, 31 Oct 2014 17:03:04 +0100 [thread overview]
Message-ID: <5453B2B8.8060709@redhat.com> (raw)
In-Reply-To: <1410799208-3250-1-git-send-email-afaerber@suse.de>
On 15/09/2014 18:40, Andreas Färber wrote:
> Hello,
>
> This series tightens security on incoming data for ivshmem, originally sparked
> by SUSE's security team (Sebastian Krahmer). I've combined them and tackled
> remaining review feedback.
>
> Regards,
> Andreas
>
> Changes from Sebastian's #2:
> * Rebased onto Stefan's patches
> * Dropped g_realloc() check (Stefan)
> * Fixed fd leak and appended a patch fixing another one (Stefan)
> * Simplified comment (Stefan)
>
> Changes from Stefan's series:
> * Modified to handle partial reads (Peter/Gerd)
> * Changed check from > to >= (Peter)
>
> Cc: Cam Macdonell <cam@cs.ualberta.ca>
> Cc: Stefan Hajnoczi <stefanha@redhat.com>
> Cc: Michael S. Tsirkin <mst@redhat.com>
> Cc: Sebastian Krahmer <krahmer@suse.de>
> Cc: Peter Maydell <peter.maydell@linaro.org>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Cc: David Marchand <david.marchand@6wind.com>
>
> Andreas Färber (1):
> ivshmem: Fix fd leak on error
>
> Sebastian Krahmer (1):
> ivshmem: Fix potential OOB r/w access
>
> Stefan Hajnoczi (2):
> ivshmem: Check ivshmem_read() size argument
> ivshmem: validate incoming_posn value from server
>
> hw/misc/ivshmem.c | 66 ++++++++++++++++++++++++++++++++++++++++++++++++++-----
> 1 file changed, 60 insertions(+), 6 deletions(-)
>
These seem to have falled on the floor, and they're a dependency for
Andrew's error_report cleanup, so I picked them up.
Paolo
prev parent reply other threads:[~2014-10-31 16:03 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-15 16:40 [Qemu-devel] [PATCH v3 0/4] ivshmem security fixes Andreas Färber
2014-09-15 16:40 ` [Qemu-devel] [PATCH v3 1/4] ivshmem: Check ivshmem_read() size argument Andreas Färber
2014-09-22 11:21 ` Michael S. Tsirkin
2014-09-15 16:40 ` [Qemu-devel] [PATCH v3 2/4] ivshmem: validate incoming_posn value from server Andreas Färber
2014-09-22 11:21 ` Michael S. Tsirkin
2014-09-15 16:40 ` [Qemu-devel] [PATCH v3 3/4] ivshmem: Fix potential OOB r/w access Andreas Färber
2014-09-22 11:21 ` Michael S. Tsirkin
2014-09-15 16:40 ` [Qemu-devel] [PATCH v3 4/4] ivshmem: Fix fd leak on error Andreas Färber
2014-09-22 11:22 ` Michael S. Tsirkin
2014-10-31 16:03 ` Paolo Bonzini [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5453B2B8.8060709@redhat.com \
--to=pbonzini@redhat.com \
--cc=afaerber@suse.de \
--cc=brogers@suse.com \
--cc=cam@cs.ualberta.ca \
--cc=david.marchand@6wind.com \
--cc=krahmer@suse.com \
--cc=krahmer@suse.de \
--cc=kraxel@redhat.com \
--cc=mst@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.