From: "Michael S. Tsirkin" <mst@redhat.com>
To: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: jasowang@redhat.com, virtualization@lists.linux-foundation.org,
linux-kernel@vger.kernel.org, elena.reshetova@intel.com,
kirill.shutemov@linux.intel.com
Subject: Re: [PATCH v1 0/6] Harden a few virtio bits
Date: Fri, 20 Jan 2023 06:55:39 -0500 [thread overview]
Message-ID: <20230120065402-mutt-send-email-mst@kernel.org> (raw)
In-Reply-To: <20230119135721.83345-1-alexander.shishkin@linux.intel.com>
On Thu, Jan 19, 2023 at 03:57:15PM +0200, Alexander Shishkin wrote:
> Hi,
>
> Here are 6 patches that harden console, net and 9p drivers against
> various malicious host input as well as close a bounds check bypass
> in the split virtio ring.
Hardening against buggy devices is one thing,
Hardening against malicious devices is another.
Which is this?
If really malicious, aren't there any spectre considerations here?
I am for example surprised not to find anything addressing
spectre v1 nor any uses of array_index_nospec here.
> Changes since previous version:
> * Added Christian's R-B to 3/6
> * Added a speculation fix per Michael's comment on the cover letter
> * CC'ing lkml
>
> Alexander Shishkin (3):
> virtio console: Harden control message handling
> virtio_net: Guard against buffer length overflow in
> xdp_linearize_page()
> virtio_ring: Prevent bounds check bypass on descriptor index
>
> Andi Kleen (3):
> virtio console: Harden multiport against invalid host input
> virtio console: Harden port adding
> virtio 9p: Fix an overflow
>
> drivers/char/virtio_console.c | 19 ++++++++++++-------
> drivers/net/virtio_net.c | 4 +++-
> drivers/virtio/virtio_ring.c | 3 +++
> net/9p/trans_virtio.c | 2 +-
> 4 files changed, 19 insertions(+), 9 deletions(-)
>
> --
> 2.39.0
next prev parent reply other threads:[~2023-01-20 11:56 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-19 13:57 [PATCH v1 0/6] Harden a few virtio bits Alexander Shishkin
2023-01-19 13:57 ` [PATCH v1 1/6] virtio console: Harden multiport against invalid host input Alexander Shishkin
2023-01-19 15:17 ` Greg Kroah-Hartman
2023-01-19 18:52 ` Alexander Shishkin
2023-01-19 19:18 ` Greg Kroah-Hartman
2023-01-19 19:34 ` Alexander Shishkin
2023-01-20 13:01 ` Michael S. Tsirkin
2023-01-20 15:51 ` Alexander Shishkin
2023-01-19 13:57 ` [PATCH v1 2/6] virtio console: Harden port adding Alexander Shishkin
2023-01-19 15:20 ` Greg Kroah-Hartman
2023-01-19 17:48 ` Alexander Shishkin
2023-01-19 18:57 ` Greg Kroah-Hartman
2023-01-19 20:13 ` Alexander Shishkin
2023-01-20 7:15 ` Greg Kroah-Hartman
2023-01-27 11:02 ` Michael S. Tsirkin
2023-01-27 11:55 ` Alexander Shishkin
2023-01-27 12:12 ` Michael S. Tsirkin
2023-01-27 12:47 ` Alexander Shishkin
2023-01-27 13:31 ` Greg Kroah-Hartman
2023-01-27 14:17 ` Alexander Shishkin
2023-01-27 14:37 ` Greg Kroah-Hartman
2023-01-27 14:46 ` Michael S. Tsirkin
2023-02-02 12:02 ` Reshetova, Elena
2023-01-27 13:52 ` Michael S. Tsirkin
2023-01-20 12:59 ` Michael S. Tsirkin
2023-01-19 13:57 ` [PATCH v1 3/6] virtio 9p: Fix an overflow Alexander Shishkin
2023-01-20 12:54 ` Michael S. Tsirkin
2023-01-20 16:29 ` Alexander Shishkin
2023-01-19 13:57 ` [PATCH v1 4/6] virtio console: Harden control message handling Alexander Shishkin
2023-01-19 15:22 ` Greg Kroah-Hartman
2023-01-20 12:45 ` Michael S. Tsirkin
2023-01-20 16:41 ` Alexander Shishkin
2023-01-27 10:58 ` Michael S. Tsirkin
2023-01-27 12:04 ` Alexander Shishkin
2023-01-19 13:57 ` [PATCH v1 5/6] virtio_net: Guard against buffer length overflow in xdp_linearize_page() Alexander Shishkin
2023-01-20 13:09 ` Michael S. Tsirkin
2023-01-19 13:57 ` [PATCH v1 6/6] virtio_ring: Prevent bounds check bypass on descriptor index Alexander Shishkin
2023-01-20 12:56 ` Michael S. Tsirkin
2023-01-20 11:55 ` Michael S. Tsirkin [this message]
2023-01-20 12:32 ` [PATCH v1 0/6] Harden a few virtio bits Alexander Shishkin
2023-01-20 12:40 ` Michael S. Tsirkin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230120065402-mutt-send-email-mst@kernel.org \
--to=mst@redhat.com \
--cc=alexander.shishkin@linux.intel.com \
--cc=elena.reshetova@intel.com \
--cc=jasowang@redhat.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=virtualization@lists.linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox