From: Greg KH <gregkh@linuxfoundation.org>
To: Xianting Tian <xianting.tian@linux.alibaba.com>
Cc: virtualization@lists.linux-foundation.org,
linux-kernel@vger.kernel.org, arnd@arndb.de, amit@kernel.org
Subject: Re: [RESEND][PATCH] virtio_console: protect max_nr_ports to avoid invalid value
Date: Fri, 27 Aug 2021 11:00:21 +0200 [thread overview]
Message-ID: <YSippdinb67QYU6K@kroah.com> (raw)
In-Reply-To: <20210820075219.202404-1-xianting.tian@linux.alibaba.com>
On Fri, Aug 20, 2021 at 03:52:19PM +0800, Xianting Tian wrote:
> In theory untrusted remote host can pass a big or overflow value
> of max_nr_ports to guest, it may cause guest system consumes
> a lot of memory when create vqs and other impacts.
How can you have a untrusted host? Can't they do a lot worse things
than just this?
>
> Add the protection to guarantee max_nr_ports to get a safe value.
>
> Signed-off-by: Xianting Tian <xianting.tian@linux.alibaba.com>
> ---
> drivers/char/virtio_console.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/drivers/char/virtio_console.c b/drivers/char/virtio_console.c
> index 7eaf303a7..bba985c81 100644
> --- a/drivers/char/virtio_console.c
> +++ b/drivers/char/virtio_console.c
> @@ -29,6 +29,8 @@
>
> #define is_rproc_enabled IS_ENABLED(CONFIG_REMOTEPROC)
>
> +#define MAX_NR_PORTS MAX_NR_HVC_CONSOLES
How was this value picked?
thanks,
greg k-h
_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
WARNING: multiple messages have this Message-ID (diff)
From: Greg KH <gregkh@linuxfoundation.org>
To: Xianting Tian <xianting.tian@linux.alibaba.com>
Cc: amit@kernel.org, arnd@arndb.de,
virtualization@lists.linux-foundation.org,
linux-kernel@vger.kernel.org
Subject: Re: [RESEND][PATCH] virtio_console: protect max_nr_ports to avoid invalid value
Date: Fri, 27 Aug 2021 11:00:21 +0200 [thread overview]
Message-ID: <YSippdinb67QYU6K@kroah.com> (raw)
In-Reply-To: <20210820075219.202404-1-xianting.tian@linux.alibaba.com>
On Fri, Aug 20, 2021 at 03:52:19PM +0800, Xianting Tian wrote:
> In theory untrusted remote host can pass a big or overflow value
> of max_nr_ports to guest, it may cause guest system consumes
> a lot of memory when create vqs and other impacts.
How can you have a untrusted host? Can't they do a lot worse things
than just this?
>
> Add the protection to guarantee max_nr_ports to get a safe value.
>
> Signed-off-by: Xianting Tian <xianting.tian@linux.alibaba.com>
> ---
> drivers/char/virtio_console.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/drivers/char/virtio_console.c b/drivers/char/virtio_console.c
> index 7eaf303a7..bba985c81 100644
> --- a/drivers/char/virtio_console.c
> +++ b/drivers/char/virtio_console.c
> @@ -29,6 +29,8 @@
>
> #define is_rproc_enabled IS_ENABLED(CONFIG_REMOTEPROC)
>
> +#define MAX_NR_PORTS MAX_NR_HVC_CONSOLES
How was this value picked?
thanks,
greg k-h
next prev parent reply other threads:[~2021-08-27 9:00 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-20 7:52 [RESEND][PATCH] virtio_console: protect max_nr_ports to avoid invalid value Xianting Tian
2021-08-23 11:55 ` Xianting TIan
2021-08-27 9:00 ` Greg KH [this message]
2021-08-27 9:00 ` Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YSippdinb67QYU6K@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=amit@kernel.org \
--cc=arnd@arndb.de \
--cc=linux-kernel@vger.kernel.org \
--cc=virtualization@lists.linux-foundation.org \
--cc=xianting.tian@linux.alibaba.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.