lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CACGkMEsLm=si3a8PiuAnkXxOud719_unNtQ7gbjAVD1ZVquf=A@mail.gmail.com>
Date:   Fri, 1 Jul 2022 09:07:48 +0800
From:   Jason Wang <jasowang@...hat.com>
To:     "Michael S. Tsirkin" <mst@...hat.com>
Cc:     linux-kernel <linux-kernel@...r.kernel.org>,
        Cornelia Huck <cohuck@...hat.com>,
        virtualization <virtualization@...ts.linux-foundation.org>
Subject: Re: [PATCH] virtio: VIRTIO_HARDEN_NOTIFICATION is broken

On Fri, Jul 1, 2022 at 3:16 AM Michael S. Tsirkin <mst@...hat.com> wrote:
>
> This option doesn't really work and breaks too many drivers.
> Not yet sure what's the right thing to do, for now
> let's make sure randconfig isn't broken by this.
>
> Fixes: c346dae4f3fb ("virtio: disable notification hardening by default")
> Cc: "Jason Wang" <jasowang@...hat.com>
> Signed-off-by: Michael S. Tsirkin <mst@...hat.com>

Acked-by: Jason Wang <jasowang@...hat.com>

> ---
>  drivers/virtio/Kconfig | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/virtio/Kconfig b/drivers/virtio/Kconfig
> index e1556d2a355a..afb9051e0125 100644
> --- a/drivers/virtio/Kconfig
> +++ b/drivers/virtio/Kconfig
> @@ -31,11 +31,12 @@ if VIRTIO_MENU
>
>  config VIRTIO_HARDEN_NOTIFICATION
>          bool "Harden virtio notification"
> +        depends on BROKEN
>          help
>            Enable this to harden the device notifications and suppress
>            those that happen at a time where notifications are illegal.
>
> -          Experimental: Note that several drivers still have bugs that
> +          Experimental: Note that several drivers still have issues that
>            may cause crashes or hangs when correct handling of
>            notifications is enforced; depending on the subset of
>            drivers and devices you use, this may or may not work.
> --
> MST
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ