On Wed, Oct 20, 2021 at 03:37:31AM -0400, Michael S. Tsirkin wrote:
On Wed, Oct 20, 2021 at 09:18:17AM +0200, Stefano Garzarella wrote:
On Tue, Oct 19, 2021 at 03:01:43PM +0800, Jason Wang wrote:
> If an untrusted device neogitates BLK_F_MQ but advertises a zero
s/neogitates/negotiates
> num_queues, the driver may end up trying to allocating zero size
> buffers where ZERO_SIZE_PTR is returned which may pass the checking
> against the NULL. This will lead unexpected results.
>
> Fixing this by failing the probe in this case.
>
> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx>
> Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx>
> Cc: Stefano Garzarella <sgarzare@xxxxxxxxxx>
> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx>
> ---
> drivers/block/virtio_blk.c | 4 ++++
> 1 file changed, 4 insertions(+)
Should we CC stable?
Reviewed-by: Stefano Garzarella <sgarzare@xxxxxxxxxx>
No IMO - I don't think we can reasonably expect stable to become
protected against attacks on encrypted guests. That's
a new feature, not a bugfix.
Yep, make sense.
I had only seen the single patch, not the entire series, and it seemed
like a fix.
Viewed as a whole, it makes sense to consider it a new feature to
improve audits in the guest.
Thanks,
Stefano
_______________________________________________
Virtualization mailing list
Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
