[dpdk-dev] [PATCH 0/8] vhost: input validation enhancements
Maxime Coquelin
maxime.coquelin at redhat.com
Tue Feb 6 11:01:20 CET 2018
On 02/05/2018 01:16 PM, Stefan Hajnoczi wrote:
> This patch series addresses missing input validation that I came across when
> reviewing vhost_user.c.
>
> The first patch explains the security model and the rest fixes places with
> missing checks.
>
> Now is a good time to discuss the security model if anyone disagrees or has
> questions about what Patch 1 says.
>
> Stefan Hajnoczi (8):
> vhost: add security model documentation to vhost_user.c
> vhost: avoid enum fields in VhostUserMsg
> vhost: validate untrusted memory.nregions field
> vhost: clear out unused SCM_RIGHTS file descriptors
> vhost: reject invalid log base mmap_offset values
> vhost: fix msg->payload union typo in vhost_user_set_vring_addr()
> vhost: validate virtqueue size
> vhost: check for memory_size + mmap_offset overflow
>
> lib/librte_vhost/vhost_user.h | 4 +--
> lib/librte_vhost/socket.c | 8 +++++-
> lib/librte_vhost/vhost_user.c | 57 +++++++++++++++++++++++++++++++++++++++++--
> 3 files changed, 64 insertions(+), 5 deletions(-)
>
For the series:
Reviewed-by: Maxime Coquelin <maxime.coquelin at redhat.com>
For patch 2, my suggestion can be handled separately.
Thanks,
Maxime
More information about the dev
mailing list