Overall nothing very serious here. We botch the size of a PCIe
capability due to a cut-n-paste error, but nobody has noticed due to
the rarity of the capability. A 32bit host could possibly see some
overflows attempting to do a DMA map, but all of the parameters are
also validated elsewhere, so while this may cause unexepected behavior
for the user, there doesn't appear to be any risk to the host.
Thanks,
Alex
---
Alex Williamson (3):
vfio/pci: Fix sizing of DPA and THP express capabilities
vfio/pci: Fix unchecked return value
vfio/iommu_type1: Avoid overflow
drivers/vfio/pci/vfio_pci.c | 3 ++
drivers/vfio/pci/vfio_pci_config.c | 7 ++----
drivers/vfio/vfio_iommu_type1.c | 45 ++++++++++++++----------------------
3 files changed, 23 insertions(+), 32 deletions(-)
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
