Hi Laurent,
Do you by any chance have an update on this?
Thanks,
Alex
On Fri, Aug 20, 2021 at 6:15 PM Laurent Vivier wrote:
>
> On 19/08/2021 22:58, Michael S. Tsirkin wrote:
> > On Fri, Nov 13, 2020 at 06:26:16PM +0100, Alexander Potapenko wrote:
> >> Hi Amos, Rusty, Amit, Michael,
> >>
> >>
On Sun, Sep 12, 2021 at 12:37:26PM +0300, Max Gurtovoy wrote:
>
> On 9/12/2021 12:07 PM, Michael S. Tsirkin wrote:
> > On Sat, Sep 11, 2021 at 03:56:45PM +0300, Max Gurtovoy wrote:
> > > On 9/10/2021 1:57 AM, Michael S. Tsirkin wrote:
> > > > On Thu, Sep 09, 2021 at 07:45:42PM +0300, Max Gurtovoy
On Sat, Sep 11, 2021 at 03:56:45PM +0300, Max Gurtovoy wrote:
>
> On 9/10/2021 1:57 AM, Michael S. Tsirkin wrote:
> > On Thu, Sep 09, 2021 at 07:45:42PM +0300, Max Gurtovoy wrote:
> > > On 9/9/2021 7:31 PM, Michael S. Tsirkin wrote:
> > > > On Thu, Sep 09, 2021 at 06:51:56PM +0300, Max Gurtovoy
On Sun, Sep 12, 2021 at 01:33:13PM +0300, Max Gurtovoy wrote:
>
> On 9/12/2021 12:50 PM, Michael S. Tsirkin wrote:
> > On Sun, Sep 12, 2021 at 12:37:26PM +0300, Max Gurtovoy wrote:
> > > On 9/12/2021 12:07 PM, Michael S. Tsirkin wrote:
> > > > On Sat, Sep 11, 2021 at 03:56:45PM +0300, Max
On Mon, Sep 13, 2021 at 10:59 AM Wu Zongyong
wrote:
>
> On Mon, Sep 13, 2021 at 09:43:40AM +0800, Jason Wang wrote:
> > On Fri, Sep 10, 2021 at 11:11 PM Cindy Lu wrote:
> > >
> > > On Fri, Sep 10, 2021 at 5:20 PM Wu Zongyong
> > > wrote:
> > > >
> > > > On Fri, Sep 10, 2021 at 04:25:18PM +0800,
Hi All:
This series treis to do more hardening for virito.
patch 1 validates the num_queues for virio-blk device.
patch 2-4 validates max_nr_ports for virito-console device.
patch 5-7 harden virtio-pci interrupts to make sure no exepcted
interrupt handler is tiggered. If this makes sense we can
On Sat, Sep 11, 2021 at 07:54:43PM -0400, Michael S. Tsirkin wrote:
> On Fri, Sep 10, 2021 at 09:34:45AM -0700, Andi Kleen wrote:
> > > > that's why
> > > > an extra level of defense of ioremap opt-in is useful.
> > > OK even assuming this, why is pci_iomap opt-in useful?
> > > That never happens
If an untrusted device neogitates BLK_F_MQ but advertises a zero
num_queues, the driver may end up trying to allocating zero size
buffers where ZERO_SIZE_PTR is returned which may pass the checking
against the NULL. This will lead unexpected results.
Fixing this by using single queue if
This patch adds doc for validate() method.
Signed-off-by: Jason Wang
---
include/linux/virtio.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/linux/virtio.h b/include/linux/virtio.h
index 41edbc01ffa4..0cd8685aeba4 100644
--- a/include/linux/virtio.h
+++ b/include/linux/virtio.h
On Fri, Sep 10, 2021 at 11:11 PM Cindy Lu wrote:
>
> On Fri, Sep 10, 2021 at 5:20 PM Wu Zongyong
> wrote:
> >
> > On Fri, Sep 10, 2021 at 04:25:18PM +0800, Cindy Lu wrote:
> > > ,
> > >
> > > On Fri, Sep 10, 2021 at 3:33 PM Wu Zongyong
> > > wrote:
> > > >
> > > > On Fri, Sep 10, 2021 at
This patch tries to make sure the virtio interrupt handler for INTX
won't be called after a reset and before virtio_device_ready(). We
can't use IRQF_NO_AUTOEN since we're using shared interrupt
(IRQF_SHARED). So this patch tracks the INTX enabling status in a new
intx_soft_enabled variable and
We used to synchronize pending MSI-X irq handlers via
synchronize_irq(), this may not work for the untrusted device which
may keep sending interrupts after reset which may lead unexpected
results. Similarly, we should not enable MSI-X interrupt until the
device is ready. So this patch fixes those
This patch switches to use validate() to filter out the features that
is not supported by the rproc.
Cc: Amit Shah
Signed-off-by: Jason Wang
---
drivers/char/virtio_console.c | 41 ++-
1 file changed, 26 insertions(+), 15 deletions(-)
diff --git
We calculate nr_ports based on the max_nr_ports:
nr_queues = use_multiport(portdev) ? (nr_ports + 1) * 2 : 2;
If the device advertises a large max_nr_ports, we will end up with a
integer overflow. Fixing this by validating the max_nr_ports
advertised by the device in .validate() and clear the
This patch validate the used buffer length provided by the device
before trying to use it. This is done by record the in buffer length
in a new field in desc_state structure during virtqueue_add(), then we
can fail the virtqueue_get_buf() when we find the device is trying to
give us a used buffer
We're actually tracking descriptor address and length instead of the
buffer.
Signed-off-by: Jason Wang
---
drivers/virtio/virtio_ring.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c
index
Signed-off-by: Jason Wang
---
include/linux/virtio_config.h | 6 ++
1 file changed, 6 insertions(+)
diff --git a/include/linux/virtio_config.h b/include/linux/virtio_config.h
index 8519b3ae5d52..f2891c6221a1 100644
--- a/include/linux/virtio_config.h
+++ b/include/linux/virtio_config.h
@@
17 matches
Mail list logo
