On Wed, Apr 10, 2013 at 11:23:08AM +0800, Asias He wrote:
Asias He (3):
tcm_vhost: Fix tv_cmd leak in vhost_scsi_handle_vq
tcm_vhost: Add vhost_scsi_send_bad_target() helper
tcm_vhost: Send bad target to guest when cmd fails
drivers/vhost/tcm_vhost.c | 44
v2:
- Fix the order of out and head parameter.
Asias He (4):
tcm_vhost: Remove double check of response
tcm_vhost: Fix tv_cmd leak in vhost_scsi_handle_vq
tcm_vhost: Add vhost_scsi_send_bad_target() helper
tcm_vhost: Send bad target to guest when cmd fails
drivers/vhost/tcm_vhost.c | 53
If we fail to submit the allocated tv_vmd to tcm_vhost_submission_work,
we will leak the tv_vmd. Free tv_vmd on fail path.
Signed-off-by: Asias He as...@redhat.com
---
drivers/vhost/tcm_vhost.c | 9 +++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/drivers/vhost/tcm_vhost.c
Share the send bad target code with other use cases.
Signed-off-by: Asias He as...@redhat.com
---
drivers/vhost/tcm_vhost.c | 31 ++-
1 file changed, 18 insertions(+), 13 deletions(-)
diff --git a/drivers/vhost/tcm_vhost.c b/drivers/vhost/tcm_vhost.c
index
Send bad target to guest in case:
1) we can not allocate the cmd
2) fail to submit the cmd
Signed-off-by: Asias He as...@redhat.com
---
drivers/vhost/tcm_vhost.c | 10 ++
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/drivers/vhost/tcm_vhost.c b/drivers/vhost/tcm_vhost.c
* Kees Cook keesc...@chromium.org wrote:
That's the area in which we just map 1:1 to memory. Anything allocated
with
e.g. kmalloc() ends up with those addresses.
Ah-ha! Yes, I see now when comparing the debug/kernel_page_tables reports.
It's
just the High Kernel Mapping that we
On 10.04.13 at 02:43, H. Peter Anvin h...@zytor.com wrote:
OK, thinking about the GDT here.
The GDT is quite small -- 256 bytes on i386, 128 bytes on x86-64. As
such, we probably don't want to allocate a full page to it for only
that. This means that in order to create a readonly mapping
* H. Peter Anvin h...@zytor.com wrote:
On 04/09/2013 11:22 AM, Kees Cook wrote:
Can we create a RO fixed per-cpu area?
Fixed and percpu are mutually exclusive...
There's a fixmap area that holds kmap_atomic() percpu mappings:
FIX_KMAP_BEGIN, /* reserved pte's for temporary
* Eric W. Biederman ebied...@xmission.com wrote:
H. Peter Anvin h...@zytor.com writes:
On 04/08/2013 03:43 PM, Kees Cook wrote:
This makes the IDT unconditionally read-only. This primarily removes
the IDT from being a target for arbitrary memory write attacks. It has
an added benefit
Ingo Molnar mi...@kernel.org writes:
* Eric W. Biederman ebied...@xmission.com wrote:
H. Peter Anvin h...@zytor.com writes:
On 04/08/2013 03:43 PM, Kees Cook wrote:
This makes the IDT unconditionally read-only. This primarily removes
the IDT from being a target for arbitrary memory
Right... the TSS does get written to during a task switch.
Jan Beulich jbeul...@suse.com wrote:
On 10.04.13 at 02:43, H. Peter Anvin h...@zytor.com wrote:
OK, thinking about the GDT here.
The GDT is quite small -- 256 bytes on i386, 128 bytes on x86-64. As
such, we probably don't want to
On Wed, Apr 10, 2013 at 3:40 AM, Eric W. Biederman
ebied...@xmission.com wrote:
Ingo Molnar mi...@kernel.org writes:
* Eric W. Biederman ebied...@xmission.com wrote:
H. Peter Anvin h...@zytor.com writes:
On 04/08/2013 03:43 PM, Kees Cook wrote:
This makes the IDT unconditionally
On 04/10/2013 09:31 AM, Eric Northup wrote:
If the effect is measurable I agree it is a legitimate optimization. At
one point there was a suggestion to make the code in the IDT vectors
differ based on the which interrupt was registed. While that can also
reduce cache misses that can get
On 04/10/2013 02:42 AM, Jan Beulich wrote:
However, the packing solution has the advantage of reducing address
space consumption which matters on 32 bits: even on i386 we can easily
burn a megabyte of address space for 4096 processors, but burning 16
megabytes starts to hurt.
Packing
Make a copy of the IDT (as seen via the sidt instruction) read-only.
This primarily removes the IDT from being a target for arbitrary memory
write attacks, and has the added benefit of also not leaking the kernel
base offset, if it has been relocated.
We already did this on vendor == Intel and
On Wed, 2013-04-10 at 15:06 +0800, Asias He wrote:
v2:
- Fix the order of out and head parameter.
Asias He (4):
tcm_vhost: Remove double check of response
tcm_vhost: Fix tv_cmd leak in vhost_scsi_handle_vq
tcm_vhost: Add vhost_scsi_send_bad_target() helper
tcm_vhost: Send bad
16 matches
Mail list logo