From: Jason Wang <jasowang@redhat.com>
To: mst@redhat.com, jasowang@redhat.com
Cc: virtualization@lists.linux-foundation.org,
linux-kernel@vger.kernel.org, f.hetzelt@tu-berlin.de,
david.kaplan@amd.com, konrad.wilk@oracle.com
Subject: [PATCH V3 00/10] More virtio hardening
Date: Tue, 19 Oct 2021 15:01:42 +0800 [thread overview]
Message-ID: <20211019070152.8236-1-jasowang@redhat.com> (raw)
Hi All:
This series treis to do more hardening for virito.
patch 1 validates the num_queues for virio-blk device.
patch 2 validates max_nr_ports for virito-console device.
patch 3-5 harden virtio-pci interrupts to make sure no exepcted
interrupt handler is tiggered. If this makes sense we can do similar
things in other transport drivers.
patch 6-7 validate used ring length.
patch 8-10 let the driver to validate the used length instead of the
virtio core when possible.
Smoking test on blk/net with packed=on/off and iommu_platform=on/off.
Please review.
Changes since V2:
- don't validate max_nr_ports in .validate()
- fail the probe instead of trying to work when blk/console returns
invalid number of queues/ports
- use READ_ONCE() instead of smp_load_acquire() for checking
intx_soft_enabled
- use "suppress_used_validation" instead of "validate_used"
Changes since V1:
- fix and document the memory ordering around the intx_soft_enabled
when enabling and disabling INTX interrupt
- for the driver that can validate the used length, virtio core
won't even try to allocate auxilary arrays and validate the used length
- tweak the commit log
- fix typos
Jason Wang (10):
virtio-blk: validate num_queues during probe
virtio_console: validate max_nr_ports before trying to use it
virtio_config: introduce a new .enable_cbs method
virtio_pci: harden MSI-X interrupts
virtio-pci: harden INTX interrupts
virtio_ring: fix typos in vring_desc_extra
virtio_ring: validate used buffer length
virtio-net: don't let virtio core to validate used length
virtio-blk: don't let virtio core to validate used length
virtio-scsi: don't let virtio core to validate used buffer length
drivers/block/virtio_blk.c | 5 +++
drivers/char/virtio_console.c | 9 +++++
drivers/net/virtio_net.c | 1 +
drivers/scsi/virtio_scsi.c | 1 +
drivers/virtio/virtio_pci_common.c | 48 ++++++++++++++++++++----
drivers/virtio/virtio_pci_common.h | 7 +++-
drivers/virtio/virtio_pci_legacy.c | 5 ++-
drivers/virtio/virtio_pci_modern.c | 6 ++-
drivers/virtio/virtio_ring.c | 60 +++++++++++++++++++++++++++++-
include/linux/virtio.h | 2 +
include/linux/virtio_config.h | 6 +++
11 files changed, 135 insertions(+), 15 deletions(-)
--
2.25.1
WARNING: multiple messages have this Message-ID (diff)
From: Jason Wang <jasowang@redhat.com>
To: mst@redhat.com, jasowang@redhat.com
Cc: konrad.wilk@oracle.com, f.hetzelt@tu-berlin.de,
linux-kernel@vger.kernel.org, david.kaplan@amd.com,
virtualization@lists.linux-foundation.org
Subject: [PATCH V3 00/10] More virtio hardening
Date: Tue, 19 Oct 2021 15:01:42 +0800 [thread overview]
Message-ID: <20211019070152.8236-1-jasowang@redhat.com> (raw)
Hi All:
This series treis to do more hardening for virito.
patch 1 validates the num_queues for virio-blk device.
patch 2 validates max_nr_ports for virito-console device.
patch 3-5 harden virtio-pci interrupts to make sure no exepcted
interrupt handler is tiggered. If this makes sense we can do similar
things in other transport drivers.
patch 6-7 validate used ring length.
patch 8-10 let the driver to validate the used length instead of the
virtio core when possible.
Smoking test on blk/net with packed=on/off and iommu_platform=on/off.
Please review.
Changes since V2:
- don't validate max_nr_ports in .validate()
- fail the probe instead of trying to work when blk/console returns
invalid number of queues/ports
- use READ_ONCE() instead of smp_load_acquire() for checking
intx_soft_enabled
- use "suppress_used_validation" instead of "validate_used"
Changes since V1:
- fix and document the memory ordering around the intx_soft_enabled
when enabling and disabling INTX interrupt
- for the driver that can validate the used length, virtio core
won't even try to allocate auxilary arrays and validate the used length
- tweak the commit log
- fix typos
Jason Wang (10):
virtio-blk: validate num_queues during probe
virtio_console: validate max_nr_ports before trying to use it
virtio_config: introduce a new .enable_cbs method
virtio_pci: harden MSI-X interrupts
virtio-pci: harden INTX interrupts
virtio_ring: fix typos in vring_desc_extra
virtio_ring: validate used buffer length
virtio-net: don't let virtio core to validate used length
virtio-blk: don't let virtio core to validate used length
virtio-scsi: don't let virtio core to validate used buffer length
drivers/block/virtio_blk.c | 5 +++
drivers/char/virtio_console.c | 9 +++++
drivers/net/virtio_net.c | 1 +
drivers/scsi/virtio_scsi.c | 1 +
drivers/virtio/virtio_pci_common.c | 48 ++++++++++++++++++++----
drivers/virtio/virtio_pci_common.h | 7 +++-
drivers/virtio/virtio_pci_legacy.c | 5 ++-
drivers/virtio/virtio_pci_modern.c | 6 ++-
drivers/virtio/virtio_ring.c | 60 +++++++++++++++++++++++++++++-
include/linux/virtio.h | 2 +
include/linux/virtio_config.h | 6 +++
11 files changed, 135 insertions(+), 15 deletions(-)
--
2.25.1
_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
next reply other threads:[~2021-10-19 7:02 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-19 7:01 Jason Wang [this message]
2021-10-19 7:01 ` [PATCH V3 00/10] More virtio hardening Jason Wang
2021-10-19 7:01 ` [PATCH V3 01/10] virtio-blk: validate num_queues during probe Jason Wang
2021-10-19 7:01 ` Jason Wang
2021-10-20 7:18 ` Stefano Garzarella
2021-10-20 7:18 ` Stefano Garzarella
2021-10-20 7:37 ` Michael S. Tsirkin
2021-10-20 7:37 ` Michael S. Tsirkin
2021-10-20 8:44 ` Stefano Garzarella
2021-10-20 8:44 ` Stefano Garzarella
2021-10-20 7:55 ` Stefan Hajnoczi
2021-10-20 7:55 ` Stefan Hajnoczi
2021-10-19 7:01 ` [PATCH V3 02/10] virtio_console: validate max_nr_ports before trying to use it Jason Wang
2021-10-19 7:01 ` Jason Wang
2021-10-19 7:01 ` [PATCH V3 03/10] virtio_config: introduce a new .enable_cbs method Jason Wang
2021-10-19 7:01 ` Jason Wang
2021-10-19 7:01 ` [PATCH V3 04/10] virtio_pci: harden MSI-X interrupts Jason Wang
2021-10-19 7:01 ` Jason Wang
2022-03-08 15:19 ` Marc Zyngier
2022-03-08 16:35 ` Michael S. Tsirkin
2022-03-08 16:35 ` Michael S. Tsirkin
2022-03-09 3:41 ` Jason Wang
2022-03-09 7:04 ` Michael S. Tsirkin
2022-03-09 7:04 ` Michael S. Tsirkin
2022-03-09 8:14 ` Jason Wang
2022-03-09 11:08 ` Marc Zyngier
2022-03-09 12:13 ` Michael S. Tsirkin
2022-03-09 12:13 ` Michael S. Tsirkin
2021-10-19 7:01 ` [PATCH V3 05/10] virtio-pci: harden INTX interrupts Jason Wang
2021-10-19 7:01 ` Jason Wang
2022-03-09 10:45 ` Marc Zyngier
2022-03-09 11:27 ` Michael S. Tsirkin
2022-03-09 11:27 ` Michael S. Tsirkin
2022-03-09 12:14 ` Marc Zyngier
2022-03-09 12:30 ` Michael S. Tsirkin
2022-03-09 12:30 ` Michael S. Tsirkin
2021-10-19 7:01 ` [PATCH V3 06/10] virtio_ring: fix typos in vring_desc_extra Jason Wang
2021-10-19 7:01 ` Jason Wang
2021-10-19 7:01 ` [PATCH V3 07/10] virtio_ring: validate used buffer length Jason Wang
2021-10-19 7:01 ` Jason Wang
2021-10-19 7:01 ` [PATCH V3 08/10] virtio-net: don't let virtio core to validate used length Jason Wang
2021-10-19 7:01 ` Jason Wang
2021-10-19 7:01 ` [PATCH V3 09/10] virtio-blk: " Jason Wang
2021-10-19 7:01 ` Jason Wang
2021-10-19 7:01 ` [PATCH V3 10/10] virtio-scsi: don't let virtio core to validate used buffer length Jason Wang
2021-10-19 7:01 ` Jason Wang
2021-10-23 21:31 ` [PATCH V3 00/10] More virtio hardening Michael S. Tsirkin
2021-10-23 21:31 ` Michael S. Tsirkin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211019070152.8236-1-jasowang@redhat.com \
--to=jasowang@redhat.com \
--cc=david.kaplan@amd.com \
--cc=f.hetzelt@tu-berlin.de \
--cc=konrad.wilk@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mst@redhat.com \
--cc=virtualization@lists.linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.