[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v1] hw/pvrdma: Protect against buggy or malicious guest drive
|
From: |
Mauro Matteo Cascella |
|
Subject: |
Re: [PATCH v1] hw/pvrdma: Protect against buggy or malicious guest driver |
|
Date: |
Mon, 29 May 2023 11:52:26 +0200 |
On Mon, May 15, 2023 at 6:13 PM Michael Tokarev <mjt@tls.msk.ru> wrote:
>
> 01.03.2023 17:29, Yuval Shaia wrote:
> > Guest driver allocates and initialize page tables to be used as a ring
> > of descriptors for CQ and async events.
> > The page table that represents the ring, along with the number of pages
> > in the page table is passed to the device.
> > Currently our device supports only one page table for a ring.
> >
> > Let's make sure that the number of page table entries the driver
> > reports, do not exceeds the one page table size.
> >
> > Reported-by: Soul Chen <soulchen8650@gmail.com>
> > Signed-off-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
> > ---
> > v0 -> v1:
> > * Take ring-state into account
> > * Add Reported-by
> > ---
> > hw/rdma/vmw/pvrdma_main.c | 16 +++++++++++++++-
> > 1 file changed, 15 insertions(+), 1 deletion(-)
>
> Fixes: CVE-2023-1544
>
> Ping ^2?
Ping ^3?
> Laurent, maybe you can take this one too?
> I understand the fact you picked up the previous one in this area
> does not make you pvrdma maintainer, but it is definitely being stuck.. :)
>
> /mjt
>
--
Mauro Matteo Cascella
Red Hat Product Security
PGP-Key ID: BB3410B0