| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 20 Jan 2023 06:55:39 -0500
From: "Michael S. Tsirkin" <mst@...hat.com>
To: Alexander Shishkin <alexander.shishkin@...ux.intel.com>
Cc: jasowang@...hat.com, virtualization@...ts.linux-foundation.org,
linux-kernel@...r.kernel.org, elena.reshetova@...el.com,
kirill.shutemov@...ux.intel.com
Subject: Re: [PATCH v1 0/6] Harden a few virtio bits
On Thu, Jan 19, 2023 at 03:57:15PM +0200, Alexander Shishkin wrote:
> Hi,
>
> Here are 6 patches that harden console, net and 9p drivers against
> various malicious host input as well as close a bounds check bypass
> in the split virtio ring.
Hardening against buggy devices is one thing,
Hardening against malicious devices is another.
Which is this?
If really malicious, aren't there any spectre considerations here?
I am for example surprised not to find anything addressing
spectre v1 nor any uses of array_index_nospec here.
> Changes since previous version:
> * Added Christian's R-B to 3/6
> * Added a speculation fix per Michael's comment on the cover letter
> * CC'ing lkml
>
> Alexander Shishkin (3):
> virtio console: Harden control message handling
> virtio_net: Guard against buffer length overflow in
> xdp_linearize_page()
> virtio_ring: Prevent bounds check bypass on descriptor index
>
> Andi Kleen (3):
> virtio console: Harden multiport against invalid host input
> virtio console: Harden port adding
> virtio 9p: Fix an overflow
>
> drivers/char/virtio_console.c | 19 ++++++++++++-------
> drivers/net/virtio_net.c | 4 +++-
> drivers/virtio/virtio_ring.c | 3 +++
> net/9p/trans_virtio.c | 2 +-
> 4 files changed, 19 insertions(+), 9 deletions(-)
>
> --
> 2.39.0
Powered by blists - more mailing lists