On Wed, Sep 11, 2019 at 09:52:25AM -0400, Michael S. Tsirkin wrote: > On Wed, Sep 11, 2019 at 08:10:00AM -0400, Michael S. Tsirkin wrote: > > iovec addresses coming from vhost are assumed to be > > pre-validated, but in fact can be speculated to a value > > out of range. > > > > Userspace address are later validated with array_index_nospec so we can > > be sure kernel info does not leak through these addresses, but vhost > > must also not leak userspace info outside the allowed memory table to > > guests. > > > > Following the defence in depth principle, make sure > > the address is not validated out of node range. > > > > Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> > > Acked-by: Jason Wang <jasowang@xxxxxxxxxx> > > Tested-by: Jason Wang <jasowang@xxxxxxxxxx> > > --- > > Cc: security@xxxxxxxxxx > > Pls advise on whether you'd like me to merge this directly, > Cc stable, or handle it in some other way. I think you're fine taking it directly, with a cc stable and a Fixes: tag. Cheers, Will
