From: "Michael S. Tsirkin" <mst@redhat.com> To: Kees Cook <keescook@chromium.org> Cc: Linus Torvalds <torvalds@linux-foundation.org>, KVM <kvm@vger.kernel.org>, virtualization@lists.linux-foundation.org, Network Development <netdev@vger.kernel.org>, LKML <linux-kernel@vger.kernel.org>, Andrew Morton <akpm@linux-foundation.org>, bijan.mottahedeh@oracle.com, gedwards@ddn.com, Joe Perches <joe@perches.com>, lenaic@lhuard.fr, liang.z.li@intel.com, Michal Hocko <mhocko@kernel.org>, Michal Hocko <mhocko@suse.com>, Stefan Hajnoczi <stefanha@redhat.com>, wei.w.wang@intel.com Subject: Re: [PULL] vhost: cleanups and fixes Date: Thu, 1 Nov 2018 19:38:12 -0400 [thread overview] Message-ID: <20181101193516-mutt-send-email-mst@kernel.org> (raw) In-Reply-To: <CAGXu5jJ0HgV2qN=wohEgro6ixqXHOHBTsvS5a9Dcpz8gxVo3bA@mail.gmail.com> On Thu, Nov 01, 2018 at 04:00:23PM -0700, Kees Cook wrote: > On Thu, Nov 1, 2018 at 2:19 PM, Michael S. Tsirkin <mst@redhat.com> wrote: > > The following changes since commit 84df9525b0c27f3ebc2ebb1864fa62a97fdedb7d: > > > > Linux 4.19 (2018-10-22 07:37:37 +0100) > > > > are available in the Git repository at: > > > > git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost.git tags/for_linus > > > > for you to fetch changes up to 79f800b2e76923cd8ce0aa659cb5c019d9643bc9: > > > > MAINTAINERS: remove reference to bogus vsock file (2018-10-24 21:16:14 -0400) > > > > ---------------------------------------------------------------- > > virtio, vhost: fixes, tweaks > > > > virtio balloon page hinting support > > vhost scsi control queue > > > > misc fixes. > > > > Signed-off-by: Michael S. Tsirkin <mst@redhat.com> > > > > ---------------------------------------------------------------- > > Bijan Mottahedeh (3): > > vhost/scsi: Respond to control queue operations > > +static void > +vhost_scsi_send_tmf_resp(struct vhost_scsi *vs, > + struct vhost_virtqueue *vq, > + int head, unsigned int out) > +{ > + struct virtio_scsi_ctrl_tmf_resp __user *resp; > + struct virtio_scsi_ctrl_tmf_resp rsp; > + int ret; > + > + pr_debug("%s\n", __func__); > + memset(&rsp, 0, sizeof(rsp)); > + rsp.response = VIRTIO_SCSI_S_FUNCTION_REJECTED; > + resp = vq->iov[out].iov_base; > + ret = __copy_to_user(resp, &rsp, sizeof(rsp)); > > Is it actually safe to trust that iov_base has passed an earlier > access_ok() check here? Why not just use copy_to_user() instead? > > -Kees I am not sure copy_to_user will do the right thing here, because all this runs in context of a kernel thread. We do need access_ok which takes place way earlier in context of the task. Another reason it is safe is because the address is not coming from userspace at all. > > vhost/scsi: Extract common handling code from control queue handler > > vhost/scsi: Use common handling code in request queue handler > > > > Greg Edwards (1): > > vhost/scsi: truncate T10 PI iov_iter to prot_bytes > > > > Lénaïc Huard (1): > > kvm_config: add CONFIG_VIRTIO_MENU > > > > Stefan Hajnoczi (1): > > MAINTAINERS: remove reference to bogus vsock file > > > > Wei Wang (3): > > virtio-balloon: VIRTIO_BALLOON_F_FREE_PAGE_HINT > > mm/page_poison: expose page_poisoning_enabled to kernel modules > > virtio-balloon: VIRTIO_BALLOON_F_PAGE_POISON > > > > MAINTAINERS | 1 - > > drivers/vhost/scsi.c | 426 ++++++++++++++++++++++++++++-------- > > drivers/virtio/virtio_balloon.c | 380 +++++++++++++++++++++++++++++--- > > include/uapi/linux/virtio_balloon.h | 8 + > > kernel/configs/kvm_guest.config | 1 + > > mm/page_poison.c | 6 + > > 6 files changed, 688 insertions(+), 134 deletions(-) > > > > -- > Kees Cook
WARNING: multiple messages have this Message-ID (diff)
From: "Michael S. Tsirkin" <mst@redhat.com> To: Kees Cook <keescook@chromium.org> Cc: lenaic@lhuard.fr, Michal Hocko <mhocko@suse.com>, bijan.mottahedeh@oracle.com, KVM <kvm@vger.kernel.org>, Network Development <netdev@vger.kernel.org>, liang.z.li@intel.com, LKML <linux-kernel@vger.kernel.org>, virtualization@lists.linux-foundation.org, Stefan Hajnoczi <stefanha@redhat.com>, Joe Perches <joe@perches.com>, Andrew Morton <akpm@linux-foundation.org>, Michal Hocko <mhocko@kernel.org>, Linus Torvalds <torvalds@linux-foundation.org> Subject: Re: [PULL] vhost: cleanups and fixes Date: Thu, 1 Nov 2018 19:38:12 -0400 [thread overview] Message-ID: <20181101193516-mutt-send-email-mst@kernel.org> (raw) In-Reply-To: <CAGXu5jJ0HgV2qN=wohEgro6ixqXHOHBTsvS5a9Dcpz8gxVo3bA@mail.gmail.com> On Thu, Nov 01, 2018 at 04:00:23PM -0700, Kees Cook wrote: > On Thu, Nov 1, 2018 at 2:19 PM, Michael S. Tsirkin <mst@redhat.com> wrote: > > The following changes since commit 84df9525b0c27f3ebc2ebb1864fa62a97fdedb7d: > > > > Linux 4.19 (2018-10-22 07:37:37 +0100) > > > > are available in the Git repository at: > > > > git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost.git tags/for_linus > > > > for you to fetch changes up to 79f800b2e76923cd8ce0aa659cb5c019d9643bc9: > > > > MAINTAINERS: remove reference to bogus vsock file (2018-10-24 21:16:14 -0400) > > > > ---------------------------------------------------------------- > > virtio, vhost: fixes, tweaks > > > > virtio balloon page hinting support > > vhost scsi control queue > > > > misc fixes. > > > > Signed-off-by: Michael S. Tsirkin <mst@redhat.com> > > > > ---------------------------------------------------------------- > > Bijan Mottahedeh (3): > > vhost/scsi: Respond to control queue operations > > +static void > +vhost_scsi_send_tmf_resp(struct vhost_scsi *vs, > + struct vhost_virtqueue *vq, > + int head, unsigned int out) > +{ > + struct virtio_scsi_ctrl_tmf_resp __user *resp; > + struct virtio_scsi_ctrl_tmf_resp rsp; > + int ret; > + > + pr_debug("%s\n", __func__); > + memset(&rsp, 0, sizeof(rsp)); > + rsp.response = VIRTIO_SCSI_S_FUNCTION_REJECTED; > + resp = vq->iov[out].iov_base; > + ret = __copy_to_user(resp, &rsp, sizeof(rsp)); > > Is it actually safe to trust that iov_base has passed an earlier > access_ok() check here? Why not just use copy_to_user() instead? > > -Kees I am not sure copy_to_user will do the right thing here, because all this runs in context of a kernel thread. We do need access_ok which takes place way earlier in context of the task. Another reason it is safe is because the address is not coming from userspace at all. > > vhost/scsi: Extract common handling code from control queue handler > > vhost/scsi: Use common handling code in request queue handler > > > > Greg Edwards (1): > > vhost/scsi: truncate T10 PI iov_iter to prot_bytes > > > > Lénaïc Huard (1): > > kvm_config: add CONFIG_VIRTIO_MENU > > > > Stefan Hajnoczi (1): > > MAINTAINERS: remove reference to bogus vsock file > > > > Wei Wang (3): > > virtio-balloon: VIRTIO_BALLOON_F_FREE_PAGE_HINT > > mm/page_poison: expose page_poisoning_enabled to kernel modules > > virtio-balloon: VIRTIO_BALLOON_F_PAGE_POISON > > > > MAINTAINERS | 1 - > > drivers/vhost/scsi.c | 426 ++++++++++++++++++++++++++++-------- > > drivers/virtio/virtio_balloon.c | 380 +++++++++++++++++++++++++++++--- > > include/uapi/linux/virtio_balloon.h | 8 + > > kernel/configs/kvm_guest.config | 1 + > > mm/page_poison.c | 6 + > > 6 files changed, 688 insertions(+), 134 deletions(-) > > > > -- > Kees Cook
next prev parent reply other threads:[~2018-11-01 23:38 UTC|newest] Thread overview: 125+ messages / expand[flat|nested] mbox.gz Atom feed top 2018-11-01 21:19 [PULL] vhost: cleanups and fixes Michael S. Tsirkin 2018-11-01 21:19 ` Michael S. Tsirkin 2018-11-01 21:19 ` Michael S. Tsirkin 2018-11-01 21:44 ` Linus Torvalds 2018-11-01 21:44 ` Linus Torvalds 2018-11-01 23:00 ` Kees Cook 2018-11-01 23:00 ` Kees Cook 2018-11-01 23:00 ` Kees Cook 2018-11-01 23:06 ` Linus Torvalds 2018-11-01 23:55 ` Michael S. Tsirkin 2018-11-01 23:55 ` Michael S. Tsirkin 2018-11-02 11:46 ` Mark Rutland 2018-11-02 11:46 ` Mark Rutland 2018-11-02 13:04 ` Michael S. Tsirkin 2018-11-02 16:14 ` Linus Torvalds 2018-11-02 16:59 ` Michael S. Tsirkin 2018-11-02 16:59 ` Michael S. Tsirkin 2018-11-02 17:10 ` Linus Torvalds 2018-11-02 17:10 ` Linus Torvalds 2018-11-02 17:15 ` Linus Torvalds 2018-11-02 17:15 ` Linus Torvalds 2018-11-02 19:01 ` Al Viro 2018-11-02 19:01 ` Al Viro 2018-11-02 17:21 ` Michael S. Tsirkin 2018-11-02 17:21 ` Michael S. Tsirkin 2018-11-02 18:02 ` Linus Torvalds 2018-11-02 18:02 ` Linus Torvalds 2018-11-02 18:12 ` Michael S. Tsirkin 2018-11-02 18:12 ` Michael S. Tsirkin 2018-11-02 16:14 ` Linus Torvalds 2018-11-02 13:04 ` Michael S. Tsirkin 2018-11-30 13:44 ` Michael S. Tsirkin 2018-11-30 13:44 ` Michael S. Tsirkin 2018-11-30 19:01 ` Bijan Mottahedeh 2018-11-30 19:55 ` Michael S. Tsirkin 2018-11-30 19:55 ` Michael S. Tsirkin 2018-11-01 23:06 ` Linus Torvalds 2018-11-01 23:38 ` Michael S. Tsirkin [this message] 2018-11-01 23:38 ` Michael S. Tsirkin -- strict thread matches above, loose matches on Subject: below -- 2020-02-10 6:02 Michael S. Tsirkin 2020-02-11 2:07 ` Linus Torvalds 2020-02-11 2:07 ` Linus Torvalds 2020-02-07 7:39 Michael S. Tsirkin 2019-10-28 8:29 Michael S. Tsirkin 2019-10-15 21:19 Michael S. Tsirkin 2019-10-15 21:19 Michael S. Tsirkin 2019-10-15 22:25 ` pr-tracker-bot 2019-10-15 22:25 ` pr-tracker-bot 2019-06-03 14:30 Michael S. Tsirkin 2019-05-14 21:11 Michael S. Tsirkin 2019-05-14 21:11 Michael S. Tsirkin 2019-05-14 21:20 ` pr-tracker-bot 2019-05-14 21:20 ` pr-tracker-bot 2018-06-11 16:23 Michael S. Tsirkin 2018-06-11 16:23 ` Michael S. Tsirkin 2018-06-11 18:32 ` Linus Torvalds 2018-06-11 18:32 ` Linus Torvalds 2018-06-11 18:44 ` Linus Torvalds 2018-06-11 18:44 ` Linus Torvalds 2018-06-12 1:36 ` Michael S. Tsirkin 2018-06-12 1:36 ` Michael S. Tsirkin 2018-06-12 1:59 ` Linus Torvalds 2018-06-12 1:59 ` Linus Torvalds 2018-06-12 11:05 ` Wei Wang 2018-06-12 11:05 ` Wei Wang 2018-06-14 15:01 ` Nitesh Narayan Lal 2018-06-15 3:53 ` Wei Wang 2018-06-15 3:53 ` Wei Wang 2018-06-12 1:57 ` Michael S. Tsirkin 2018-06-12 1:57 ` Michael S. Tsirkin 2017-12-08 15:47 Michael S. Tsirkin 2017-12-08 15:47 Michael S. Tsirkin 2017-12-04 13:25 Michael S. Tsirkin 2017-08-25 18:47 Michael S. Tsirkin 2017-04-10 21:36 Michael S. Tsirkin 2017-04-10 21:36 ` Michael S. Tsirkin 2017-03-02 5:49 Michael S. Tsirkin 2017-03-02 5:49 ` Michael S. Tsirkin 2017-02-03 21:43 Michael S. Tsirkin 2017-02-03 21:43 ` Michael S. Tsirkin 2017-01-23 15:05 Michael S. Tsirkin 2017-01-23 15:05 ` Michael S. Tsirkin 2017-01-23 21:50 ` Linus Torvalds 2017-01-24 2:45 ` Michael S. Tsirkin 2017-01-24 2:45 ` Michael S. Tsirkin 2017-01-23 21:50 ` Linus Torvalds 2016-05-24 11:57 Michael S. Tsirkin 2016-05-24 11:57 ` Michael S. Tsirkin 2015-12-21 7:58 Michael S. Tsirkin 2015-12-21 7:58 ` Michael S. Tsirkin 2015-12-07 17:07 Michael S. Tsirkin 2015-09-18 10:42 Michael S. Tsirkin 2015-09-18 10:42 Michael S. Tsirkin 2015-09-09 9:15 Michael S. Tsirkin 2015-09-09 9:15 Michael S. Tsirkin 2015-07-28 10:00 Michael S. Tsirkin 2015-07-15 10:50 Michael S. Tsirkin 2015-07-15 10:50 ` Michael S. Tsirkin 2015-07-15 11:26 ` Michael S. Tsirkin 2015-07-15 11:26 ` Michael S. Tsirkin 2015-06-01 19:18 Michael S. Tsirkin 2015-06-01 19:18 Michael S. Tsirkin 2015-06-01 19:45 ` Michael S. Tsirkin 2015-06-01 19:45 ` Michael S. Tsirkin 2015-01-08 7:51 Michael S. Tsirkin 2015-01-01 12:26 Michael S. Tsirkin 2015-01-01 12:26 Michael S. Tsirkin 2014-12-18 10:46 Michael S. Tsirkin 2014-12-18 10:46 ` Michael S. Tsirkin 2014-11-13 21:22 Michael S. Tsirkin 2014-11-13 21:22 ` Michael S. Tsirkin 2014-06-25 11:05 Michael S. Tsirkin 2014-06-25 11:05 ` Michael S. Tsirkin 2013-07-15 18:31 Michael S. Tsirkin 2013-07-15 18:31 ` Michael S. Tsirkin 2013-07-22 8:07 ` Michael S. Tsirkin 2013-07-22 8:07 ` Michael S. Tsirkin 2013-07-08 11:45 Michael S. Tsirkin 2013-07-08 11:45 ` Michael S. Tsirkin 2013-05-02 10:53 Michael S. Tsirkin 2013-05-02 10:53 ` Michael S. Tsirkin 2013-05-02 18:55 ` Nicholas A. Bellinger 2013-05-02 19:33 ` Michael S. Tsirkin 2013-05-02 19:49 ` Linus Torvalds 2013-06-05 15:53 ` Michael S. Tsirkin
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20181101193516-mutt-send-email-mst@kernel.org \ --to=mst@redhat.com \ --cc=akpm@linux-foundation.org \ --cc=bijan.mottahedeh@oracle.com \ --cc=gedwards@ddn.com \ --cc=joe@perches.com \ --cc=keescook@chromium.org \ --cc=kvm@vger.kernel.org \ --cc=lenaic@lhuard.fr \ --cc=liang.z.li@intel.com \ --cc=linux-kernel@vger.kernel.org \ --cc=mhocko@kernel.org \ --cc=mhocko@suse.com \ --cc=netdev@vger.kernel.org \ --cc=stefanha@redhat.com \ --cc=torvalds@linux-foundation.org \ --cc=virtualization@lists.linux-foundation.org \ --cc=wei.w.wang@intel.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.