From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <maxime.coquelin@redhat.com>
Received: from mx1.redhat.com (mx3-rdu2.redhat.com [66.187.233.73])
 by dpdk.org (Postfix) with ESMTP id D33E014E8
 for <dev@dpdk.org>; Mon, 19 Feb 2018 14:52:50 +0100 (CET)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com
 [10.11.54.4])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.redhat.com (Postfix) with ESMTPS id 58E05402290A;
 Mon, 19 Feb 2018 13:52:50 +0000 (UTC)
Received: from [10.36.112.40] (ovpn-112-40.ams2.redhat.com [10.36.112.40])
 by smtp.corp.redhat.com (Postfix) with ESMTPS id 90C1C2024CA6;
 Mon, 19 Feb 2018 13:52:49 +0000 (UTC)
To: Stefan Hajnoczi <stefanha@redhat.com>, dev@dpdk.org
Cc: Yuanhan Liu <yliu@fridaylinux.org>
References: <20180205121642.26428-1-stefanha@redhat.com>
From: Maxime Coquelin <maxime.coquelin@redhat.com>
Message-ID: <d0e718f0-ef17-1ee6-cd43-d42b461c66e9@redhat.com>
Date: Mon, 19 Feb 2018 14:52:46 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.5.2
MIME-Version: 1.0
In-Reply-To: <20180205121642.26428-1-stefanha@redhat.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
 (mx1.redhat.com [10.11.55.6]); Mon, 19 Feb 2018 13:52:50 +0000 (UTC)
X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.6]);
 Mon, 19 Feb 2018 13:52:50 +0000 (UTC) for IP:'10.11.54.4'
 DOMAIN:'int-mx04.intmail.prod.int.rdu2.redhat.com'
 HELO:'smtp.corp.redhat.com' FROM:'maxime.coquelin@redhat.com' RCPT:''
Subject: Re: [dpdk-dev] [PATCH 0/8] vhost: input validation enhancements
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Feb 2018 13:52:51 -0000



On 02/05/2018 01:16 PM, Stefan Hajnoczi wrote:
> This patch series addresses missing input validation that I came across when
> reviewing vhost_user.c.
> 
> The first patch explains the security model and the rest fixes places with
> missing checks.
> 
> Now is a good time to discuss the security model if anyone disagrees or has
> questions about what Patch 1 says.
> 
> Stefan Hajnoczi (8):
>    vhost: add security model documentation to vhost_user.c
>    vhost: avoid enum fields in VhostUserMsg
>    vhost: validate untrusted memory.nregions field
>    vhost: clear out unused SCM_RIGHTS file descriptors
>    vhost: reject invalid log base mmap_offset values
>    vhost: fix msg->payload union typo in vhost_user_set_vring_addr()
>    vhost: validate virtqueue size
>    vhost: check for memory_size + mmap_offset overflow
> 
>   lib/librte_vhost/vhost_user.h |  4 +--
>   lib/librte_vhost/socket.c     |  8 +++++-
>   lib/librte_vhost/vhost_user.c | 57 +++++++++++++++++++++++++++++++++++++++++--
>   3 files changed, 64 insertions(+), 5 deletions(-)
> 

Applied to dpdk-next-virtio.

Thanks,
Maxime