lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 20 Mar 2019 20:52:57 +0100
From:   Hans de Goede <hdegoede@...hat.com>
To:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:     Arnd Bergmann <arnd@...db.de>,
        Michael Thayer <michael.thayer@...cle.com>,
        "Knut St . Osmundsen" <knut.osmundsen@...cle.com>,
        linux-kernel@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [PATCH] virt: vbox: Implement passing requestor info to the host
 for VirtualBox 6.0.x

Hi,

On 20-03-19 19:19, Greg Kroah-Hartman wrote:
> On Wed, Mar 20, 2019 at 10:52:05AM +0100, Hans de Goede wrote:
>> Hi,
>>
>> On 20-03-19 10:46, Greg Kroah-Hartman wrote:
>>> On Wed, Mar 20, 2019 at 10:35:19AM +0100, Hans de Goede wrote:
>>>> VirtualBox 6.0.x has a new feature where the guest kernel driver passes
>>>> info about the origin of the request (e.g. userspace or kernelspace) to
>>>> the hypervisor.
>>>>
>>>> If we do not pass this information then when running the 6.0.x userspace
>>>> guest-additions tools on a 6.0.x host, some requests will get denied
>>>> with a VERR_VERSION_MISMATCH error, breaking vboxservice.service and
>>>> the mounting of shared folders marked to be auto-mounted.
>>>>
>>>> This commit implements passing the requestor info to the host, fixing this.
>>>>
>>>> Cc: stable@...r.kernel.org
>>>
>>> This feels like support for a "new feature", so why would this need to
>>> go to older kernels?
>>>
>>> It's not our fault that vb implemented a non-backwards-compatible change
>>> for their new release, right?  So why should we be forced to add new
>>> features to stable kernels?
>>
>>  From a technical point of view I completely agree with you and I'm unhappy
>> with this breakage after vb agreed with me to keep ABI compatibility so
>> that we could add a version of the vboxguest driver to the mainline kernel.
> 
> So they broke that agreement, ugh.  That implies they will do it again?

Well they did not really broke the ABI, they started using a reserved
field and a 6.0.x host will happily work with 5.2.x guest-extensions
(with the mainline vboxguest driver) the same way around, 5.2.x host
als works with 6.0.x guest-extensions user-space bits + mainline kernel
module.

Things break when using a 6.0.x host + 6.0.x guest-extensions userspace
parts combined with the mainline kernel module. The 6.0.x + 6.0.x combi
seems to assume that there is a 6.0.x vboxguest driver which fills in
the reserved field. I believe this is an oversight and not a deliberate
breakage. Perhaps this is even something which the VirtualBox devs can
fix in a future 6.0.x update...  Michael ?

>> OTOH this is going to bite users out there, which is why I added the Cc:
>> stable. But this is entirely your call.
> 
> Let me think about it...
> 
>>> I have no problem to add this for 5.2, but not for older stuff.
>>
>> Can we at least at it as a fix to 5.1 ? It is not very adventurous.
> 
> Sure, let me go review it now.

Thank you for the review, I will reply to it tomorrow (and prep a v2).

Regards,

Hans

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ