在 2021/6/10 下午1:00, Gautam Dawar 写道:
Pls see inline
Regards,
Gautam
-----Original Message-----
From: Michael S. Tsirkin<mst@xxxxxxxxxx>
Sent: Thursday, June 10, 2021 10:00 AM
To: Jason Wang<jasowang@xxxxxxxxxx>
Cc: Gautam Dawar<gdawar@xxxxxxxxxx>; Harpreet Singh Anand<hanand@xxxxxxxxxx>; Martin Petrus Hubertus Habets<martinh@xxxxxxxxxx>;virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx
Subject: Re: Security hole in vhost-vdpa?
On Mon, Jun 07, 2021 at 10:10:03AM +0800, Jason Wang wrote:
在 2021/6/7 上午5:38, Michael S. Tsirkin 写道:
On Sun, Jun 06, 2021 at 02:39:48PM +0000, Gautam Dawar wrote:
Hi All,
This is in continuation to my findings noted in Bug 213179 and
discussions we have had in the last couple of weeks over emails.
Today, I published the first patch for this issue which adds
timeout based wait for completion event and also logs a warning
message to alert the user/ administrator of the problem.
Can't close just finish without waiting for userspace?
It works as long as we don't use mmap(). When we map kicks, it looks
to me there's no way to "revoke" the mapping from userspace?
Thanks
Can't we track these mappings and map some other page there?
Likely no more than one is needed ...
[GD>>] I am working on a solution that is limited to kernel space only and doesn't depend on userspace application (which could be a malicious one).
Will share more updates in a couple of days.
Cool. Let's see.
Thanks
_______________________________________________
Virtualization mailing list
Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linuxfoundation.org/mailman/listinfo/virtualization