Re: [PATCH 0/7] vhost-user-gpu: fix several security issues

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 0/7] vhost-user-gpu: fix several security issues

From:	Li Qiang
Subject:	Re: [PATCH 0/7] vhost-user-gpu: fix several security issues
Date:	Tue, 11 May 2021 10:49:49 +0800

Philippe Mathieu-Daudé <philmd@redhat.com> 于2021年5月11日周二 上午3:25写道：
>
> On 5/5/21 11:35 AM, Marc-André Lureau wrote:
> > Hi
> >
> > On Wed, May 5, 2021 at 1:28 PM Li Qiang <liq3ea@gmail.com
> > <mailto:liq3ea@gmail.com>> wrote:
> >
> >     Marc-André Lureau <marcandre.lureau@gmail.com
> >     <mailto:marcandre.lureau@gmail.com>> 于2021年5月5日周三 下午5:10写道：
> >     >
> >     > Hi
> >     >
> >     > On Wed, May 5, 2021 at 9:21 AM Li Qiang <liq3ea@163.com
> >     <mailto:liq3ea@163.com>> wrote:
> >     >>
> >     >> These security issue is low severity and is similar with the
> >     >> virtio-vga/virtio-gpu device. All of them can be triggered by
> >     >> the guest user.
> >     >>
> >     >> Li Qiang (7):
> >     >>   vhost-user-gpu: fix memory disclosure in virgl_cmd_get_capset_info
> >     >>   vhost-user-gpu: fix resource leak in 'vg_resource_create_2d'
> >     >>   vhost-user-gpu: fix memory leak in vg_resource_attach_backing
> >     >>   vhost-user-gpu: fix memory link while calling 'vg_resource_unref'
> >     >>   vhost-user-gpu: fix memory leak in 'virgl_cmd_resource_unref'
> >     >>   vhost-user-gpu: fix memory leak in 'virgl_resource_attach_backing'
> >     >>   vhost-user-gpu: fix OOB write in 'virgl_cmd_get_capset'
> >     >>
> >     >>  contrib/vhost-user-gpu/vhost-user-gpu.c |  7 +++++++
> >     >>  contrib/vhost-user-gpu/virgl.c          | 17 ++++++++++++++++-
> >     >>  2 files changed, 23 insertions(+), 1 deletion(-)
> >     >>
> >     >> --
> >     >
> >     >
> >     > The whole series looks good to me, and applies fixes that were
> >     done earlier in virtio-gpu.
> >
> >     Do you mean you have merged this series?
> >     Should I tweak something such as "adding the original fix in
> >     virtio-gpu"/"better mapping iov cleanup"?
>
> Yes, and please also mention the corresponding CVE (CVE-2021-3544,
> CVE-2021-3545, CVE-2021-3546).
>

OK, I'm still waiting for the some of the patch's response from
Prasad. Kindly ping @Prasad


Thanks,
Li Qiang

> >
> >
> > No I didn't. I was waiting for the answers to Prasad questions, and
> > eventually v2.
> >
> > Then either Gerd or me can queue this imho.
> >
> > --
> > Marc-André Lureau
>

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH 3/7] vhost-user-gpu: fix memory leak in vg_resource_attach_backing, (continued)
- [PATCH 6/7] vhost-user-gpu: fix memory leak in 'virgl_resource_attach_backing', Li Qiang, 2021/05/05
  - Re: [PATCH 6/7] vhost-user-gpu: fix memory leak in 'virgl_resource_attach_backing', P J P, 2021/05/05
    - Re: [PATCH 6/7] vhost-user-gpu: fix memory leak in 'virgl_resource_attach_backing', Marc-André Lureau, 2021/05/05
    - Re: [PATCH 6/7] vhost-user-gpu: fix memory leak in 'virgl_resource_attach_backing', Li Qiang, 2021/05/05
    - Re: [PATCH 6/7] vhost-user-gpu: fix memory leak in 'virgl_resource_attach_backing', Marc-André Lureau, 2021/05/05
- Re: [PATCH 0/7] vhost-user-gpu: fix several security issues, Marc-André Lureau, 2021/05/05
  - Re: [PATCH 0/7] vhost-user-gpu: fix several security issues, Li Qiang, 2021/05/05
    - Re: [PATCH 0/7] vhost-user-gpu: fix several security issues, Marc-André Lureau, 2021/05/05
    - Re: [PATCH 0/7] vhost-user-gpu: fix several security issues, Philippe Mathieu-Daudé, 2021/05/10
    - Re: [PATCH 0/7] vhost-user-gpu: fix several security issues, Li Qiang <=

Prev by Date: Re: [RFC PATCH v2 0/4] Add migration support for VFIO PCI devices in SMMUv3 nested stage mode
Next by Date: Re: [PATCH v3 1/2] ui/cocoa: capture all keys and combos when mouse is grabbed
Previous by thread: Re: [PATCH 0/7] vhost-user-gpu: fix several security issues
Next by thread: [Bug 1759522] Re: windows qemu-img create vpc/vhdx error
Index(es):
- Date
- Thread