On Fri, Jan 20, 2023 at 02:32:09PM +0200, Alexander Shishkin wrote: > "Michael S. Tsirkin" <mst@xxxxxxxxxx> writes: > > > On Thu, Jan 19, 2023 at 03:57:15PM +0200, Alexander Shishkin wrote: > >> Hi, > >> > >> Here are 6 patches that harden console, net and 9p drivers against > >> various malicious host input as well as close a bounds check bypass > >> in the split virtio ring. > > > > Hardening against buggy devices is one thing, > > Hardening against malicious devices is another. > > Which is this? > > Well, the big difference is the intent, but buggy input is buggy input, > they've got that in common and we're trying to deal with it here. > > The motivation for this patchset is protecting against malicious > devices. > > > If really malicious, aren't there any spectre considerations here? > > I am for example surprised not to find anything addressing > > spectre v1 nor any uses of array_index_nospec here. > > That's strange, patch 6/6 is exactly that. There's probably more coming > in the future as the analysis and audit progress. > > Regards, Oh I see, didn't get it for some reason. Pulled it from lore now. > -- > Alex _______________________________________________ Virtualization mailing list Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/virtualization
