Re: [PATCH v2] vhost: block speculation of translated descriptors

On Wed, Sep 11, 2019 at 09:52:25AM -0400, Michael S. Tsirkin wrote: > On Wed, Sep 11, 2019 at 08:10:00AM -0400, Michael S. Tsirkin wrote: > > iovec addresses coming from vhost are assumed to be > > pre-validated, but in fact can be speculated to a value > > out of range. > > > > Userspace address

Re: [PATCH v2] vhost: block speculation of translated descriptors

On Wed, Sep 11, 2019 at 08:10:00AM -0400, Michael S. Tsirkin wrote: > iovec addresses coming from vhost are assumed to be > pre-validated, but in fact can be speculated to a value > out of range. > > Userspace address are later validated with array_index_nospec so we can > be sure kernel info

Re: [PATCH v2] vhost: block speculation of translated descriptors

On Wed, Sep 11, 2019 at 03:12:35PM +0200, Michal Hocko wrote: > On Wed 11-09-19 09:03:10, Michael S. Tsirkin wrote: > > On Wed, Sep 11, 2019 at 02:33:16PM +0200, Michal Hocko wrote: > > > On Wed 11-09-19 08:25:03, Michael S. Tsirkin wrote: > > > > On Wed, Sep 11, 2019 at 02:16:28PM +0200, Michal

Re: [PATCH v2] vhost: block speculation of translated descriptors

On Wed 11-09-19 09:03:10, Michael S. Tsirkin wrote: > On Wed, Sep 11, 2019 at 02:33:16PM +0200, Michal Hocko wrote: > > On Wed 11-09-19 08:25:03, Michael S. Tsirkin wrote: > > > On Wed, Sep 11, 2019 at 02:16:28PM +0200, Michal Hocko wrote: > > > > On Wed 11-09-19 08:10:00, Michael S. Tsirkin

Re: [PATCH v2] vhost: block speculation of translated descriptors

On Wed, Sep 11, 2019 at 02:33:16PM +0200, Michal Hocko wrote: > On Wed 11-09-19 08:25:03, Michael S. Tsirkin wrote: > > On Wed, Sep 11, 2019 at 02:16:28PM +0200, Michal Hocko wrote: > > > On Wed 11-09-19 08:10:00, Michael S. Tsirkin wrote: > > > > iovec addresses coming from vhost are assumed to

Re: [PATCH v2] vhost: block speculation of translated descriptors

On Wed 11-09-19 08:25:03, Michael S. Tsirkin wrote: > On Wed, Sep 11, 2019 at 02:16:28PM +0200, Michal Hocko wrote: > > On Wed 11-09-19 08:10:00, Michael S. Tsirkin wrote: > > > iovec addresses coming from vhost are assumed to be > > > pre-validated, but in fact can be speculated to a value > > >

Re: [PATCH v2] vhost: block speculation of translated descriptors

On Wed, Sep 11, 2019 at 02:16:28PM +0200, Michal Hocko wrote: > On Wed 11-09-19 08:10:00, Michael S. Tsirkin wrote: > > iovec addresses coming from vhost are assumed to be > > pre-validated, but in fact can be speculated to a value > > out of range. > > > > Userspace address are later validated

Re: [PATCH v2] vhost: block speculation of translated descriptors

On Wed 11-09-19 08:10:00, Michael S. Tsirkin wrote: > iovec addresses coming from vhost are assumed to be > pre-validated, but in fact can be speculated to a value > out of range. > > Userspace address are later validated with array_index_nospec so we can > be sure kernel info does not leak

[PATCH v2] vhost: block speculation of translated descriptors

iovec addresses coming from vhost are assumed to be pre-validated, but in fact can be speculated to a value out of range. Userspace address are later validated with array_index_nospec so we can be sure kernel info does not leak through these addresses, but vhost must also not leak userspace info