Re: [PATCH 1/2] virtio-net: Verify page list size before fitting into skb

[PATCH 1/2] virtio-net: Verify page list size before fitting into skb · Sasha Levin <hidden> · 2011-09-26
[PATCH 2/2] virtio-net: Prevent NULL dereference · Sasha Levin <hidden> · 2011-09-26
Re: [PATCH 2/2] virtio-net: Prevent NULL dereference · "Michael S. Tsirkin" <mst@redhat.com> · 2011-09-26
Re: [PATCH 1/2] virtio-net: Verify page list size before fitting into skb · "Michael S. Tsirkin" <mst@redhat.com> · 2011-09-26
Re: [PATCH 1/2] virtio-net: Verify page list size before fitting into skb · Sasha Levin <hidden> · 2011-09-26
Re: [PATCH 1/2] virtio-net: Verify page list size before fitting into skb · Pekka Enberg <hidden> · 2011-09-26
Re: [PATCH 1/2] virtio-net: Verify page list size before fitting into skb · "Michael S. Tsirkin" <mst@redhat.com> · 2011-09-26
Re: [PATCH 1/2] virtio-net: Verify page list size before fitting into skb · Pekka Enberg <hidden> · 2011-09-26
Re: [PATCH 1/2] virtio-net: Verify page list size before fitting into skb · Sasha Levin <hidden> · 2011-09-26
Re: [PATCH 1/2] virtio-net: Verify page list size before fitting into skb · "Michael S. Tsirkin" <mst@redhat.com> · 2011-09-26
Re: [PATCH 1/2] virtio-net: Verify page list size before fitting into skb · Sasha Levin <hidden> · 2011-09-27
Re: [PATCH 1/2] virtio-net: Verify page list size before fitting into skb · "Michael S. Tsirkin" <mst@redhat.com> · 2011-09-27
Re: [PATCH 1/2] virtio-net: Verify page list size before fitting into skb · Sasha Levin <hidden> · 2011-09-27
Re: [PATCH 1/2] virtio-net: Verify page list size before fitting into skb · "Michael S. Tsirkin" <mst@redhat.com> · 2011-09-27
Re: [PATCH 1/2] virtio-net: Verify page list size before fitting into skb · Sasha Levin <hidden> · 2011-09-28

From: "Michael S. Tsirkin" <mst@redhat.com>
Date: 2011-09-26 19:56:59
Also in: kvm, lkml

On Mon, Sep 26, 2011 at 10:45:35PM +0300, Pekka Enberg wrote:

On Mon, Sep 26, 2011 at 10:37 PM, Sasha Levin [off-list ref] wrote:

quoted

Interesting.  This is a theoretical issue, correct?
Not a crash you actually see.

Actually it was an actual crash caused when our virtio-net driver in kvm
tools did funny things and passed '(u32)-1' length as a buffer length to
the guest kernel.

I'm not sure what Michael means with "theoretical issue" here. Can the guest
driver assume that the hypervisor doesn't attempt to do nasty things?

                          Pekka

IMO yes, hypervisor has full access to guest memory so it's a safe
assumption. But surviving in the face of hypervisor bugs
is laudable goal, bugs do happen.

-- 
MST

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help