Re: [PATCH 1/2] KVM: SVM: avoid infinite loop on NPF from bad address

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 08/06/21 06:39, Salvatore Bonaccorso wrote:

Did this simply felt through the cracks here or is it not worth
backporting to older series? At least
https://bugzilla.redhat.com/show_bug.cgi?id=1947982#c3  seem to
indicate it might not be worth of if there is risk for regression if I
understand Wanpeng Li. Is this right?

It's not particularly interesting, because the loop can be broken with just Ctrl-C (or any signal for that matter) and the guest was misbehaving anyway. You can read from that bugzilla link my opinion on this "vulnerability": if you run a VM for somebody and they want to waste your CPU time, they can just run a while(1) loop.

It's a bug and it is caught by the kvm-unit-tests, so I marked it for stable at the time because it can be useful to run kvm-unit-tests on stable kernels and hanging is a bit impolite (the test harness has a timeout, but of course tests that hang have the risk missing other regressions).

I will review gladly a backport, but if it is just because of that CVE report, documenting that the vulnerability is bogus would be time spent better that doing and testing the backport.

Paolo




[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux