On Thu, Nov 10, 2016 at 04:21:06PM +0100, G. Campana wrote: > This patch series should fix different vulnerabilities found in virtio 9p > (http://www.spinics.net/lists/kvm/msg130505.html), but it definitely needs some > testing. By the way, the very same path traversal vulnerability was also found > in Qemu in August: http://www.openwall.com/lists/oss-security/2016/08/30/1 > and the path traversal fix looks quite similar. I applied patches 1-4, but patch 5 actually breaks things for me: [ 0.659365] Freeing unused kernel memory: 1024K (ffff800000c50000 - ffff800000d50000) [ 0.661269] Kernel panic - not syncing: Requested init /virt/init failed (error -36). [ 0.662542] CPU: 3 PID: 1 Comm: swapper/0 Not tainted 4.9.0-rc4-00005-gf43365ee17f8 #1 [ 0.664009] Hardware name: linux,dummy-virt (DT) [ 0.664868] Call trace: [ 0.665332] [<ffff000008088428>] dump_backtrace+0x0/0x1a8 [ 0.666342] [<ffff0000080885e4>] show_stack+0x14/0x20 [ 0.667284] [<ffff000008376fac>] dump_stack+0x94/0xb8 [ 0.668236] [<ffff000008166d64>] panic+0x114/0x27c [ 0.669131] [<ffff00000889bc30>] kernel_init+0xa0/0x100 [ 0.670112] [<ffff000008082e80>] ret_from_fork+0x10/0x50 [ 0.671118] SMP: stopping secondary CPUs [ 0.682308] Kernel Offset: disabled [ 0.682889] Memory Limit: none [ 0.683390] ---[ end Kernel panic - not syncing: Requested init /virt/init failed (error -36). I tried replacing the memset of -1 with code to skip to the next file, but that didn't seem to help. Will -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
