From mboxrd@z Thu Jan  1 00:00:00 1970
From: Will Deacon <will.deacon@arm.com>
Subject: Re: [PATCH 0/7] kvmtool: fix virtio 9p vulnerabilities
Date: Tue, 8 Nov 2016 02:39:54 +0000
Message-ID: <20161108023954.GY20591@arm.com>
References: <1476806551-9646-1-git-send-email-gcampana+kvm@quarkslab.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: kvm@vger.kernel.org, andre.przywara@arm.com
To: "G. Campana" <gcampana+kvm@quarkslab.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from foss.arm.com ([217.140.101.70]:49840 "EHLO foss.arm.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1751919AbcKHCjx (ORCPT <rfc822;kvm@vger.kernel.org>);
        Mon, 7 Nov 2016 21:39:53 -0500
Content-Disposition: inline
In-Reply-To: <1476806551-9646-1-git-send-email-gcampana+kvm@quarkslab.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On Tue, Oct 18, 2016 at 06:02:31PM +0200, G. Campana wrote:
> This patch series should fix different vulnerabilities found in virtio 9p
> (http://www.spinics.net/lists/kvm/msg130505.html), but it definitely needs some
> testing. By the way, the very same path traversal vulnerability was also found
> in Qemu in August: http://www.openwall.com/lists/oss-security/2016/08/30/1
> and the path traversal fix looks quite similar.

I had a quick look through these and they're mostly ok, modulo the comments
I've made. When you send v2, please write a commit message for each patch,
as I can't merge them without that. You also need to add your Signed-off-by
to each one.

Thanks,

Will