From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 6FA41A04B6; Tue, 12 Nov 2019 16:23:33 +0100 (CET) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 47E0BB62; Tue, 12 Nov 2019 16:23:33 +0100 (CET) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) by dpdk.org (Postfix) with ESMTP id 1BE0C23D for ; Tue, 12 Nov 2019 16:23:32 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1573572211; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:openpgp:openpgp:autocrypt:autocrypt; bh=T65LfhHpn72kmBFVflfRcXLmpl6hCG227RfTBErxp+w=; b=aYx9OiP7rsM80v0QMzooO7VZZf85dkXFKILBYFIgljF1K82cH703O++5Cw7lEVMf2/C7w0 CZThIdskRgfinkqHk0eVw6wDYpGqU/f2b4YvbbHefmgqgL6qNE0O9E0wO50Svt9G6MsZMr M9SauG7HT19dZiQNzslFIOAA49efzYc= Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-16-vMn0kfBwP7qJOpkipMTYbw-1; Tue, 12 Nov 2019 10:23:30 -0500 Received: by mail-wr1-f70.google.com with SMTP id u2so11977053wrm.7 for ; Tue, 12 Nov 2019 07:23:30 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:openpgp:autocrypt :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=707H9jXQ8IOmsMsn9z8yw26e96C9ZJWdVHHGOW9MW/Y=; b=HHDHpnGB2iOZGxEYZLd2V6YnIqUGkS+m+tg5KqQi6dKee9DBg5ESfREW+Ikie8mkii 3aUWFkYalmQquW/WI7gg5CBpFgMK4902s1J2ZfH1DjXPqjiFa10XIhPhNqj3CYUFqJzU PO2OCLrBhw7q6TIRw13GWO+OgucCuFceNkIay2jB+tYvKwuoVuB5oFxigtY0MZq1qctS 3Ev5bsJ+C3qPakFIwcoLZBwmxmPYfCtPLu7kw7I3k4r1+liNz3f0LH2Ps7jm9skBpsiT YEetWM3EsjZLEc9gjN5lmgKc1lJIAFo8FYq2kri1wJ+NHe5evPbGLFXTJT3AbdnQhoE7 2wjg== X-Gm-Message-State: APjAAAVf09zm+Q+tyg9Xh5yp+vTpAx4braMymYE+IEOt5c2775IoUJ0B 5MRf0SmImFzPm8gYOjLwahQYXY40Vl/te2Y+jwTTfYAKxVNU9Yl88Fw4bCa70haoZJmJPWhVHNq 4tpM= X-Received: by 2002:a1c:99cb:: with SMTP id b194mr4764522wme.100.1573572208820; Tue, 12 Nov 2019 07:23:28 -0800 (PST) X-Google-Smtp-Source: APXvYqzVfbWZ39fBOcRG0rIr+Y/6O0FLhHh0YQH2TQh4IofB4abBEGUfKNxjUMwetXZJ1/El4tanRQ== X-Received: by 2002:a1c:99cb:: with SMTP id b194mr4764497wme.100.1573572208587; Tue, 12 Nov 2019 07:23:28 -0800 (PST) Received: from dmarchan.remote.csb (lfbn-1-8944-244.w193-250.abo.wanadoo.fr. [193.250.84.244]) by smtp.gmail.com with ESMTPSA id h205sm4556748wmf.35.2019.11.12.07.23.27 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 12 Nov 2019 07:23:28 -0800 (PST) To: Maxime Coquelin , dev@dpdk.org References: <20191112151935.27518-1-maxime.coquelin@redhat.com> <20191112151935.27518-2-maxime.coquelin@redhat.com> From: David Marchand Openpgp: preference=signencrypt Autocrypt: addr=david.marchand@redhat.com; prefer-encrypt=mutual; keydata= xsFNBF2IycABEADRro66p9FwjHhl4X07u9gSDNGnMqYTW1H7GXxrwcKjIAf8BWjlyxo4Xt7u xR85q7DBu+GC6M7W2F5M7zlSJXZVAQKzruHfK5L889XEqVsi5cjv134JolRkHJSfPgB4VD4S NKBwvkiHlDPBuqFi6JWlm3acRK5e7cZ4TocLm1c72lumMQNn8b4FZMxMlxMlUF0FqAI7AvtW NBFQxzTyTG4zH1oKGbQPIyNzX4hQmFbH/oh2yTLoRQnAoLhvVU1XhkYpB/MlkFUqkVCUPcEt V7VZpSXR7abbQKXAFPUnBJAfVMRfzX9BEHknSQlkgTRABDWFvRldFeB6knoVSGhFKqBU949x MoOqJ0EH+ztfsl6tifDbD/F/nH8i22nIlWgmAFkJCh2r4QoYKHDYGAOwHG7DhuDa9jMmADK+ w3TIcXQ9bJn8KH4a4AZ7APLx1+AEBY+mFVl92gmxn6NtVzvqOEJ2cH2kZZ0w4Jo2+M0kblEp g/ivXvvL5gYdyERjrLa6PZCOCjcTBHroN3ifYzNN0e27HY+NrxvzLxZ6kD4mtBUlJ2iNZHDg 3lQtq0FWNdYDU7HLeNx9WTqweMMqJ4VCPBQSfRM5wPD9SwYhteMgQ8fDAKT1c84KBz9Ze7z/ Da+TROxGMsgAfvIKND80U603gKht5uaoDMO1ETtjH/rEeDFT/wARAQABzSpEYXZpZCBNYXJj aGFuZCA8ZGF2aWQubWFyY2hhbmRAcmVkaGF0LmNvbT7CwXkEEwECACMFAl2IycACGwMHCwkI BwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRCLvkA5AaSbSCUUEACrBIh3zvNo3/j311mLWEfl TOHjtWiB7LFc3uRqgA/JIsFr6Xms+F5v7iD9CUi/NQQ2XdMll8rBIgyDTC6zgjoAAoj4en9t vRQrcjeSyV0nF94PnT793Mb6rj4D9PTJW5y2TILh0ZowJlS+BpeDF3h3CQgk82XkDp0Dc6rA WyUP3X8NMEydJeAdBf425f+msi8RB/FNuquDKYSZHhqjEtJhdOiNVbr9owZh8l4wcr6ituyJ 3PhuX4wTM/oMJl8tG7vkL2Atw+KdBttj/tkjLK8m/m9KV6cIhsHdZbASE5EmACS2ZHRwbR5N ECN1OzU3kLk/O3bQRSxqCfTEjRxKyTEgBgqCQNsWryGhdipvDrDBR9YqT5if0hpZv+KKFNY5 3+BRnBkDlpUxaGmC5NpnW6zUqSia803AfFzHqVlRSQRX1xjsGjMRT9AdkqoRm5allKwQ55Zu 2Vf2V4YhQY1WS+O8WrrgO8ydOyMPUNmzSfSS/RlrIZWtIKg+5bfnIwyuc20asJhQOgfE2WVX ML2hjkmtxAe690NGC/ZebP0aHvNa7ttOW0+iGI1sWonl0IlqboYjIuFtqLItiSgPtwdwZIlg pVbjisZmLoR/WxpOk0rKnJ6+qL//vxv4G/5a48XF4zT6ZFHq5Nz91i2SL6dRTwq0GGjLxKev FKtF8ioKbKfyd87BTQRdiMnAARAAs5hpkWtPOrIY4W9PR9yFVjwitwmnpPjBCPLEMbmsvhL1 4b/ibMmFy0QIA3A3L/5wIMgVb7ZvrH7tcJWD/Kvoro8AKpBPAEZ5/wl2yybsHVLu7vimiGgP GA19scZmzh+uBVwE1NbWokyv/YzX5fORH5y9rtaS4A+mvwP4fqbND/VlJIVA06/YczeSdf5b J6pp24arYLNtkcWpi8hxIM3EIIH7nNw5ynVVBbBqp9j6HclLraTZ6Iyuqx4gl4L5A1Fd1q0E d1t5g61vfrX/XhiIhjRHGsWzwxnKIgffceL9O0qJOTt6FoFBQAAHDoINLwbLyEkO4hEPCWN3 lCT31iBOu/Lv/Btveef12pIVUemsKJ5Ww8ocoE1rgweBPJ3UGuU2bSrb2+IbgtygfRXwsR/6 B9sDFOnLAftM8cXvVtiVNXtnHGTph8UmtyG0T9D9PZlc+cB/qcy4m3bAVN7uP1zcQTc9NQkv RxJFJjPdbosE2gbnn3YgRGnnJSdKA73Vv6xzpdXFWAPV3RCllfSCwNuJFGrg+/nmF1phcy96 Ukvpk/FwPHrXjzaymooPv9/fkugCCaaMQEeBrxmhYvhotaqjqKBMtbPe4jDA5BCh5jB8P2OX X7KIoOOJX2Yvqt0g1Tqq/ikVHci2SCjBkkCeXSpiN0r+66aS1aqT9PXObusCw+UAEQEAAcLB XwQYAQIACQUCXYjJwAIbDAAKCRCLvkA5AaSbSGqEEADG1VLG5L7OZlIlufsIpSEmv4Kq0VMj +vJX8h+dmwqkbUO0ZQ4M4WxYTYPRPjyfz/9tGsseb+UB1M2bnish5dF1cgBrH5dXh38HFp+S GfTM4fFnREmrABDDEh46WNurYOPEk2LpyNg40VRk3lfz5tr7uFjfzNIU/ac02jZJgwFAr16d el5ym9McOnr0otM3/HLZ3Ef0YvXbvE7Pgi6CfEzfGlLdwF+cxidmla1Ipf/PU0pCYN8p3ya8 q7npdDaeoK2L3fXB8x9vJz23LxaYFAJpHgsNxoZBY9Y5TNMh04u2ftc7k/IPf1D5WlMgh5QW eVJkZd3YMipvpg9hBmMHvTiznEFNLNlug9Y4lOAwX8EIkl33hOIj3Mr7/MBuUx9Ycj0j7onh bvv1x6jQE8mh4dc1+7QySLTrex7i3oiIRYXMSACKDxd6KvaXvU/DQc62Gn/8Tk7V3s8Owzc+ ZgtrCZgF2h1kfAsydxIHrKONEo6VKMc6bmRK3m342CMkYenDTX5w8M5Ka/V0B5xu6Lxk7CdX 792qyCLYe8mHdvckssNSrDlDwqlZRlgWcm5YxFnctAE8ejgy7guHV4qJp8sP+J8Qu0eInVeR 2Dd8hjZiaUyPWicKLpARW3MOIvi40U+UIU8Mt04errXhbsuQZ5TTtMLULorXG7qJQbsKMFf0 jnmGuw== Message-ID: <0b0c6228-0e95-c7f9-3f97-1fa4f503fd34@redhat.com> Date: Tue, 12 Nov 2019 16:23:27 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 In-Reply-To: <20191112151935.27518-2-maxime.coquelin@redhat.com> Content-Language: en-US X-MC-Unique: vMn0kfBwP7qJOpkipMTYbw-1 X-Mimecast-Spam-Score: 0 Content-Type: text/plain; charset=WINDOWS-1252 Content-Transfer-Encoding: quoted-printable Subject: Re: [dpdk-dev] [master PATCH v2 2/2] vhost: fix possible denial of service by leaking FDs X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" On 12/11/2019 16:19, Maxime Coquelin wrote: > A malicious Vhost-user master could send in loop hand-crafted > vhost-user messages containing more file descriptors the > vhost-user slave expects. Doing so causes the application using > the vhost-user library to run out of FDs. >=20 > This issue has been assigned CVE-2019-14818 >=20 > Fixes: 8f972312b8f4 ("vhost: support vhost-user") >=20 > Signed-off-by: Maxime Coquelin Applied, thanks. --=20 David Marchand