From: Amit Shah <amit.shah@redhat.com>
To: "Michael S. Tsirkin" <mst@redhat.com>
Cc: qemu-devel@nongnu.org, dgilbert@redhat.com, quintela@redhat.com
Subject: Re: [Qemu-devel] [PATCH 0/4] migration: fix CVE-2014-7840
Date: Tue, 18 Nov 2014 14:33:51 +0530 [thread overview]
Message-ID: <20141118090351.GC9190@grmbl.mre> (raw)
In-Reply-To: <20141117123645.GA10868@redhat.com>
On (Mon) 17 Nov 2014 [14:36:45], Michael S. Tsirkin wrote:
> On Mon, Nov 17, 2014 at 05:50:34PM +0530, Amit Shah wrote:
> > On (Mon) 17 Nov 2014 [13:48:58], Michael S. Tsirkin wrote:
> > > On Mon, Nov 17, 2014 at 04:37:50PM +0530, Amit Shah wrote:
> > > > On (Mon) 17 Nov 2014 [12:52:59], Michael S. Tsirkin wrote:
> > > > > On Mon, Nov 17, 2014 at 04:08:58PM +0530, Amit Shah wrote:
> > > > > > On (Mon) 17 Nov 2014 [12:32:57], Michael S. Tsirkin wrote:
> > > > > > > On Mon, Nov 17, 2014 at 12:06:38PM +0530, Amit Shah wrote:
> > > > > > > > On (Wed) 12 Nov 2014 [11:44:35], Michael S. Tsirkin wrote:
> > > > > > > > > This patchset fixes CVE-2014-7840: invalid
> > > > > > > > > migration stream can cause arbitrary qemu memory
> > > > > > > > > overwrite.
> > > > > > > > > First patch includes the minimal fix for the issue.
> > > > > > > > > Follow-up patches on top add extra checking to reduce the
> > > > > > > > > chance this kind of bug recurs.
> > > > > > > > >
> > > > > > > > > Note: these are already (tentatively-pending review)
> > > > > > > > > queued in my tree, so only review/ack
> > > > > > > > > is necessary.
> > > > > > > >
> > > > > > > > Why not let this go in via the migration tree?
> > > > > > >
> > > > > > > Well I Cc'd Juan and David, so if they had a problem with this, I expect
> > > > > > > they'd complain. David acked so I assume it's ok. Since I wasted time
> > > > > > > testing this and have it on my tree already, might as well just merge.
> > > > > >
> > > > > > IMO asking as a courtesy would've been better than just stating it.
> > > > >
> > > > > Right, thanks for reminding me.
> > > > >
> > > > > BTW, there is actually a good reason to special-case it: it's a CVE fix,
> > > > > which I handle. So they stay on my private queue and are passed
> > > > > to vendors so vendors can fix downstreams, until making fix public is
> > > > > cleared with all reporters and vendors.
> > > > > After reporting is cleared, I try to collect acks but don't normally route
> > > > > patches through separate queues - that would make it harder to
> > > > > track the status which we need for CVEs.
> > > >
> > > > Patch is public, so all of this doesn't really matter.
> > > >
> > > > But: involving maintainers in their areas, even if the patch is
> > > > embargoed, should be a pre-requisite. I'm not sure if we're doing
> > > > that, but please do that so patches get a proper review from the
> > > > maintainers.
> > >
> > > Involving more people means more back and forth with reporters which
> > > must approve any disclosure. If the issue isn't clear, I do involve
> > > maintainers. I send patches on list and try to merge them only after
> > > they get ack from relevant people. I'm sorry, but this is as far as I
> > > have the time to go.
> >
> > The other aspect of the thing is sub-optimal, or patches with bugs,
> > get pushed in, because the maintainers didn't get involved.
>
> Patches don't get merged before they are on list for a while.
> I typically ping people if I don't get acks.
BTW I was talking about embargoed bugs / patches. That's not relevant
for this discussion. I'll create a new thread to discuss qemu's
security policy for embargoed bugs.
Amit
next prev parent reply other threads:[~2014-11-18 9:04 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-11-12 9:44 [Qemu-devel] [PATCH 0/4] migration: fix CVE-2014-7840 Michael S. Tsirkin
2014-11-12 9:44 ` [Qemu-devel] [PATCH 1/4] migration: fix parameter validation on ram load Michael S. Tsirkin
2014-11-12 9:49 ` Paolo Bonzini
2014-11-12 9:44 ` [Qemu-devel] [PATCH 2/4] exec: add wrapper for host pointer access Michael S. Tsirkin
2014-11-17 10:58 ` Dr. David Alan Gilbert
2014-11-17 11:36 ` Michael S. Tsirkin
2014-11-17 12:59 ` Dr. David Alan Gilbert
2014-11-17 16:16 ` Michael S. Tsirkin
2014-11-12 9:44 ` [Qemu-devel] [PATCH 3/4] cpu: assert host pointer offset within block Michael S. Tsirkin
2014-11-12 9:44 ` [Qemu-devel] [PATCH 4/4] cpu: verify that block->host is set Michael S. Tsirkin
2014-11-17 6:36 ` [Qemu-devel] [PATCH 0/4] migration: fix CVE-2014-7840 Amit Shah
2014-11-17 10:32 ` Michael S. Tsirkin
2014-11-17 10:38 ` Amit Shah
2014-11-17 10:52 ` Michael S. Tsirkin
2014-11-17 11:07 ` Amit Shah
2014-11-17 11:48 ` Michael S. Tsirkin
2014-11-17 12:20 ` Amit Shah
2014-11-17 12:36 ` Michael S. Tsirkin
2014-11-18 9:03 ` Amit Shah [this message]
2014-11-18 9:01 ` Amit Shah
2014-11-18 9:11 ` Dr. David Alan Gilbert
2014-11-18 9:27 ` Michael S. Tsirkin
2014-11-18 9:32 ` Dr. David Alan Gilbert
2014-12-08 23:32 ` Amos Kong
2014-12-10 2:55 ` Amit Shah
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20141118090351.GC9190@grmbl.mre \
--to=amit.shah@redhat.com \
--cc=dgilbert@redhat.com \
--cc=mst@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=quintela@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).