* [RESEND][PATCH] virtio_console: protect max_nr_ports to avoid invalid value
@ 2021-08-20 7:52 Xianting Tian
2021-08-23 11:55 ` Xianting TIan
2021-08-27 9:00 ` Greg KH
0 siblings, 2 replies; 3+ messages in thread
From: Xianting Tian @ 2021-08-20 7:52 UTC (permalink / raw)
To: amit, arnd, gregkh; +Cc: virtualization, linux-kernel, Xianting Tian
In theory untrusted remote host can pass a big or overflow value
of max_nr_ports to guest, it may cause guest system consumes
a lot of memory when create vqs and other impacts.
Add the protection to guarantee max_nr_ports to get a safe value.
Signed-off-by: Xianting Tian <xianting.tian@linux.alibaba.com>
---
drivers/char/virtio_console.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/drivers/char/virtio_console.c b/drivers/char/virtio_console.c
index 7eaf303a7..bba985c81 100644
--- a/drivers/char/virtio_console.c
+++ b/drivers/char/virtio_console.c
@@ -29,6 +29,8 @@
#define is_rproc_enabled IS_ENABLED(CONFIG_REMOTEPROC)
+#define MAX_NR_PORTS MAX_NR_HVC_CONSOLES
+
/*
* This is a global struct for storing common data for all the devices
* this driver handles.
@@ -2039,6 +2041,9 @@ static int virtcons_probe(struct virtio_device *vdev)
multiport = true;
}
+ /* limit max_nr_ports to avoid invalid value from untrusted remote host */
+ portdev->max_nr_ports = min_t(u32, portdev->max_nr_ports, MAX_NR_PORTS);
+
err = init_vqs(portdev);
if (err < 0) {
dev_err(&vdev->dev, "Error %d initializing vqs\n", err);
--
2.17.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [RESEND][PATCH] virtio_console: protect max_nr_ports to avoid invalid value
2021-08-20 7:52 [RESEND][PATCH] virtio_console: protect max_nr_ports to avoid invalid value Xianting Tian
@ 2021-08-23 11:55 ` Xianting TIan
2021-08-27 9:00 ` Greg KH
1 sibling, 0 replies; 3+ messages in thread
From: Xianting TIan @ 2021-08-23 11:55 UTC (permalink / raw)
To: amit, arnd, gregkh; +Cc: virtualization, linux-kernel
Could I get comments for the patch? thanks
Is the value of MAX_NR_PORTS accurate?
this fix is similar to below patches, which are megered recently,
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.14-rc7&id=63947b3434f475418b9677a393d025c0962c2cf8
<https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.14-rc7&id=63947b3434f475418b9677a393d025c0962c2cf8>
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.14-rc7&id=82e89ea077b93b3c131fa175b0df3acb5b1d5cdf
<https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.14-rc7&id=82e89ea077b93b3c131fa175b0df3acb5b1d5cdf>
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.14-rc7&id=d00d8da5869a2608e97cfede094dfc5e11462a46
<https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.14-rc7&id=d00d8da5869a2608e97cfede094dfc5e11462a46>
在 2021/8/20 下午3:52, Xianting Tian 写道:
> In theory untrusted remote host can pass a big or overflow value
> of max_nr_ports to guest, it may cause guest system consumes
> a lot of memory when create vqs and other impacts.
>
> Add the protection to guarantee max_nr_ports to get a safe value.
>
> Signed-off-by: Xianting Tian <xianting.tian@linux.alibaba.com>
> ---
> drivers/char/virtio_console.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/drivers/char/virtio_console.c b/drivers/char/virtio_console.c
> index 7eaf303a7..bba985c81 100644
> --- a/drivers/char/virtio_console.c
> +++ b/drivers/char/virtio_console.c
> @@ -29,6 +29,8 @@
>
> #define is_rproc_enabled IS_ENABLED(CONFIG_REMOTEPROC)
>
> +#define MAX_NR_PORTS MAX_NR_HVC_CONSOLES
> +
> /*
> * This is a global struct for storing common data for all the devices
> * this driver handles.
> @@ -2039,6 +2041,9 @@ static int virtcons_probe(struct virtio_device *vdev)
> multiport = true;
> }
>
> + /* limit max_nr_ports to avoid invalid value from untrusted remote host */
> + portdev->max_nr_ports = min_t(u32, portdev->max_nr_ports, MAX_NR_PORTS);
> +
> err = init_vqs(portdev);
> if (err < 0) {
> dev_err(&vdev->dev, "Error %d initializing vqs\n", err);
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [RESEND][PATCH] virtio_console: protect max_nr_ports to avoid invalid value
2021-08-20 7:52 [RESEND][PATCH] virtio_console: protect max_nr_ports to avoid invalid value Xianting Tian
2021-08-23 11:55 ` Xianting TIan
@ 2021-08-27 9:00 ` Greg KH
1 sibling, 0 replies; 3+ messages in thread
From: Greg KH @ 2021-08-27 9:00 UTC (permalink / raw)
To: Xianting Tian; +Cc: amit, arnd, virtualization, linux-kernel
On Fri, Aug 20, 2021 at 03:52:19PM +0800, Xianting Tian wrote:
> In theory untrusted remote host can pass a big or overflow value
> of max_nr_ports to guest, it may cause guest system consumes
> a lot of memory when create vqs and other impacts.
How can you have a untrusted host? Can't they do a lot worse things
than just this?
>
> Add the protection to guarantee max_nr_ports to get a safe value.
>
> Signed-off-by: Xianting Tian <xianting.tian@linux.alibaba.com>
> ---
> drivers/char/virtio_console.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/drivers/char/virtio_console.c b/drivers/char/virtio_console.c
> index 7eaf303a7..bba985c81 100644
> --- a/drivers/char/virtio_console.c
> +++ b/drivers/char/virtio_console.c
> @@ -29,6 +29,8 @@
>
> #define is_rproc_enabled IS_ENABLED(CONFIG_REMOTEPROC)
>
> +#define MAX_NR_PORTS MAX_NR_HVC_CONSOLES
How was this value picked?
thanks,
greg k-h
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-08-27 9:00 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-20 7:52 [RESEND][PATCH] virtio_console: protect max_nr_ports to avoid invalid value Xianting Tian
2021-08-23 11:55 ` Xianting TIan
2021-08-27 9:00 ` Greg KH
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).