On Wed, Oct 20, 2021 at 09:18:17AM +0200, Stefano Garzarella wrote: > On Tue, Oct 19, 2021 at 03:01:43PM +0800, Jason Wang wrote: > > If an untrusted device neogitates BLK_F_MQ but advertises a zero > > s/neogitates/negotiates > > > num_queues, the driver may end up trying to allocating zero size > > buffers where ZERO_SIZE_PTR is returned which may pass the checking > > against the NULL. This will lead unexpected results. > > > > Fixing this by failing the probe in this case. > > > > Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> > > Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> > > Cc: Stefano Garzarella <sgarzare@xxxxxxxxxx> > > Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> > > --- > > drivers/block/virtio_blk.c | 4 ++++ > > 1 file changed, 4 insertions(+) > > Should we CC stable? > > Reviewed-by: Stefano Garzarella <sgarzare@xxxxxxxxxx> No IMO - I don't think we can reasonably expect stable to become protected against attacks on encrypted guests. That's a new feature, not a bugfix. -- MST _______________________________________________ Virtualization mailing list Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/virtualization
