From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by dpdk.org (Postfix) with ESMTP id 7F4071B410 for ; Tue, 6 Feb 2018 11:01:28 +0100 (CET) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id D5D30C058EB0; Tue, 6 Feb 2018 10:01:27 +0000 (UTC) Received: from [10.36.112.19] (ovpn-112-19.ams2.redhat.com [10.36.112.19]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A31895C544; Tue, 6 Feb 2018 10:01:22 +0000 (UTC) To: Stefan Hajnoczi , dev@dpdk.org Cc: Yuanhan Liu References: <20180205121642.26428-1-stefanha@redhat.com> From: Maxime Coquelin Message-ID: <6527a6ca-8adc-3e09-ecd0-feb94c125b8e@redhat.com> Date: Tue, 6 Feb 2018 11:01:20 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 MIME-Version: 1.0 In-Reply-To: <20180205121642.26428-1-stefanha@redhat.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Tue, 06 Feb 2018 10:01:27 +0000 (UTC) Subject: Re: [dpdk-dev] [PATCH 0/8] vhost: input validation enhancements X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Feb 2018 10:01:28 -0000 On 02/05/2018 01:16 PM, Stefan Hajnoczi wrote: > This patch series addresses missing input validation that I came across when > reviewing vhost_user.c. > > The first patch explains the security model and the rest fixes places with > missing checks. > > Now is a good time to discuss the security model if anyone disagrees or has > questions about what Patch 1 says. > > Stefan Hajnoczi (8): > vhost: add security model documentation to vhost_user.c > vhost: avoid enum fields in VhostUserMsg > vhost: validate untrusted memory.nregions field > vhost: clear out unused SCM_RIGHTS file descriptors > vhost: reject invalid log base mmap_offset values > vhost: fix msg->payload union typo in vhost_user_set_vring_addr() > vhost: validate virtqueue size > vhost: check for memory_size + mmap_offset overflow > > lib/librte_vhost/vhost_user.h | 4 +-- > lib/librte_vhost/socket.c | 8 +++++- > lib/librte_vhost/vhost_user.c | 57 +++++++++++++++++++++++++++++++++++++++++-- > 3 files changed, 64 insertions(+), 5 deletions(-) > For the series: Reviewed-by: Maxime Coquelin For patch 2, my suggestion can be handled separately. Thanks, Maxime