RE: [PATCH AUTOSEL 4.14 40/66] hv_netvsc: Validate number of allocated sub-channels

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: Sasha Levin <sashal@xxxxxxxxxx> Sent: Tuesday, December 22, 2020 6:22 PM
> 
> From: "Andrea Parri (Microsoft)" <parri.andrea@xxxxxxxxx>
> 
> [ Upstream commit 206ad34d52a2f1205c84d08c12fc116aad0eb407 ]
> 
> Lack of validation could lead to out-of-bound reads and information
> leaks (cf. usage of nvdev->chan_table[]).  Check that the number of
> allocated sub-channels fits into the expected range.
> 
> Suggested-by: Saruhan Karademir <skarade@xxxxxxxxxxxxx>
> Signed-off-by: Andrea Parri (Microsoft) <parri.andrea@xxxxxxxxx>
> Reviewed-by: Haiyang Zhang <haiyangz@xxxxxxxxxxxxx>
> Acked-by: Jakub Kicinski <kuba@xxxxxxxxxx>
> Cc: "David S. Miller" <davem@xxxxxxxxxxxxx>
> Cc: Jakub Kicinski <kuba@xxxxxxxxxx>
> Cc: netdev@xxxxxxxxxxxxxxx
> Link:
> https://lore.kernel.org/linux-hyperv/20201118153310.112404-1-parri.andrea@xxxxxxxxx/
> Signed-off-by: Wei Liu <wei.liu@xxxxxxxxxx>
> Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
> ---
>  drivers/net/hyperv/rndis_filter.c | 5 +++++
>  1 file changed, 5 insertions(+)
> 

Sasha -- This patch is one of an ongoing group of patches where a Linux
guest running on Hyper-V will start assuming that hypervisor behavior might
be malicious, and guards against such behavior.  Because this is a new
assumption,  these patches are more properly treated as new functionality
rather than as bug fixes.  So I would propose that we *not* bring such patches
back to stable branches.

Michael




[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux