| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 25 Aug 2021 10:00:13 +0000
From: patchwork-bot+netdevbpf@...nel.org
To: Juergen Gross <jgross@...e.com>
Cc: xen-devel@...ts.xenproject.org, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org, boris.ostrovsky@...cle.com,
sstabellini@...nel.org, davem@...emloft.net, kuba@...nel.org
Subject: Re: [PATCH v2 0/4] xen: harden netfront against malicious backends
Hello:
This series was applied to netdev/net-next.git (refs/heads/master):
On Tue, 24 Aug 2021 12:28:05 +0200 you wrote:
> Xen backends of para-virtualized devices can live in dom0 kernel, dom0
> user land, or in a driver domain. This means that a backend might
> reside in a less trusted environment than the Xen core components, so
> a backend should not be able to do harm to a Xen guest (it can still
> mess up I/O data, but it shouldn't be able to e.g. crash a guest by
> other means or cause a privilege escalation in the guest).
>
> [...]
Here is the summary with links:
- [v2,1/4] xen/netfront: read response from backend only once
https://git.kernel.org/netdev/net-next/c/8446066bf8c1
- [v2,2/4] xen/netfront: don't read data from request on the ring page
https://git.kernel.org/netdev/net-next/c/162081ec33c2
- [v2,3/4] xen/netfront: disentangle tx_skb_freelist
https://git.kernel.org/netdev/net-next/c/21631d2d741a
- [v2,4/4] xen/netfront: don't trust the backend response data blindly
https://git.kernel.org/netdev/net-next/c/a884daa61a7d
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
Powered by blists - more mailing lists