| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <6a5cae8f-0a29-8401-34b9-d9c977d11513@redhat.com>
Date: Thu, 3 Jun 2021 10:36:47 +0800
From: Jason Wang <jasowang@...hat.com>
To: Andi Kleen <ak@...ux.intel.com>, mst@...hat.com
Cc: virtualization@...ts.linux-foundation.org, hch@....de,
m.szyprowski@...sung.com, robin.murphy@....com,
iommu@...ts.linux-foundation.org, x86@...nel.org,
sathyanarayanan.kuppuswamy@...ux.intel.com, jpoimboe@...hat.com,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v1 2/8] virtio: Add boundary checks to virtio ring
在 2021/6/3 上午10:18, Andi Kleen 写道:
>
>> It looks to me all the evils came from the fact that we depends on
>> the descriptor ring.
>>
>> So the checks in this patch could is unnecessary if we don't even
>> read from the descriptor ring which could be manipulated by the device.
>>
>> This is what my series tries to achieve:
>>
>> https://www.spinics.net/lists/kvm/msg241825.html
>
> I would argue that you should boundary check in any case. It was
> always a bug to not have boundary checks in such a data structure with
> multiple users, trust or not.
>
> But yes your patch series is interesting and definitely makes sense
> for TDX too.
>
> Best would be to have both I guess, and always check the boundaries
> everywhere.
I agree but some of the checks are unnecessary in we do this series on
top of my series.
>
> So what's the merge status of your series?
If I understand correctly from Michael, I will send a formal series and
he will try to merge it for the 5.14.
Thanks
>
> -Andi
>
>
Powered by blists - more mailing lists