From mboxrd@z Thu Jan  1 00:00:00 1970
From: Stefan Hajnoczi <stefanha@redhat.com>
Subject: [PATCH 0/8] vhost: input validation enhancements
Date: Mon,  5 Feb 2018 12:16:34 +0000
Message-ID: <20180205121642.26428-1-stefanha@redhat.com>
Cc: Maxime Coquelin <maxime.coquelin@redhat.com>,
 Yuanhan Liu <yliu@fridaylinux.org>, Stefan Hajnoczi <stefanha@redhat.com>
To: dev@dpdk.org
Return-path: <dev-bounces@dpdk.org>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
 by dpdk.org (Postfix) with ESMTP id CACD91B2FC
 for <dev@dpdk.org>; Mon,  5 Feb 2018 13:16:51 +0100 (CET)
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

This patch series addresses missing input validation that I came across when
reviewing vhost_user.c.

The first patch explains the security model and the rest fixes places with
missing checks.

Now is a good time to discuss the security model if anyone disagrees or has
questions about what Patch 1 says.

Stefan Hajnoczi (8):
  vhost: add security model documentation to vhost_user.c
  vhost: avoid enum fields in VhostUserMsg
  vhost: validate untrusted memory.nregions field
  vhost: clear out unused SCM_RIGHTS file descriptors
  vhost: reject invalid log base mmap_offset values
  vhost: fix msg->payload union typo in vhost_user_set_vring_addr()
  vhost: validate virtqueue size
  vhost: check for memory_size + mmap_offset overflow

 lib/librte_vhost/vhost_user.h |  4 +--
 lib/librte_vhost/socket.c     |  8 +++++-
 lib/librte_vhost/vhost_user.c | 57 +++++++++++++++++++++++++++++++++++++++++--
 3 files changed, 64 insertions(+), 5 deletions(-)

-- 
2.14.3