[dpdk-dev] [PATCH 0/8] vhost: input validation enhancements
Maxime Coquelin
maxime.coquelin at redhat.com
Tue Feb 6 10:32:45 CET 2018
Hi Stefan,
On 02/05/2018 01:16 PM, Stefan Hajnoczi wrote:
> This patch series addresses missing input validation that I came across when
> reviewing vhost_user.c.
>
> The first patch explains the security model and the rest fixes places with
> missing checks.
>
> Now is a good time to discuss the security model if anyone disagrees or has
> questions about what Patch 1 says.
Thanks for the series, I agree validating vhost-user inputs is
necessary.
I'll go through the series, but it will be only for v18.05, as we are
close now to v18.02 release.
Maxime
> Stefan Hajnoczi (8):
> vhost: add security model documentation to vhost_user.c
> vhost: avoid enum fields in VhostUserMsg
> vhost: validate untrusted memory.nregions field
> vhost: clear out unused SCM_RIGHTS file descriptors
> vhost: reject invalid log base mmap_offset values
> vhost: fix msg->payload union typo in vhost_user_set_vring_addr()
> vhost: validate virtqueue size
> vhost: check for memory_size + mmap_offset overflow
>
> lib/librte_vhost/vhost_user.h | 4 +--
> lib/librte_vhost/socket.c | 8 +++++-
> lib/librte_vhost/vhost_user.c | 57 +++++++++++++++++++++++++++++++++++++++++--
> 3 files changed, 64 insertions(+), 5 deletions(-)
>
More information about the dev
mailing list