[dpdk-dev] [PATCH 0/8] vhost: input validation enhancements
Stefan Hajnoczi
stefanha at redhat.com
Mon Feb 5 13:16:34 CET 2018
This patch series addresses missing input validation that I came across when
reviewing vhost_user.c.
The first patch explains the security model and the rest fixes places with
missing checks.
Now is a good time to discuss the security model if anyone disagrees or has
questions about what Patch 1 says.
Stefan Hajnoczi (8):
vhost: add security model documentation to vhost_user.c
vhost: avoid enum fields in VhostUserMsg
vhost: validate untrusted memory.nregions field
vhost: clear out unused SCM_RIGHTS file descriptors
vhost: reject invalid log base mmap_offset values
vhost: fix msg->payload union typo in vhost_user_set_vring_addr()
vhost: validate virtqueue size
vhost: check for memory_size + mmap_offset overflow
lib/librte_vhost/vhost_user.h | 4 +--
lib/librte_vhost/socket.c | 8 +++++-
lib/librte_vhost/vhost_user.c | 57 +++++++++++++++++++++++++++++++++++++++++--
3 files changed, 64 insertions(+), 5 deletions(-)
--
2.14.3
More information about the dev
mailing list