From: "Dr. David Alan Gilbert (git)" <dgilbert@redhat.com>
To: qemu-devel@nongnu.org, stefanha@redhat.com,
yavrahami@paloaltonetworks.com, mszeredi@redhat.com,
mreitz@redhat.com
Subject: [PULL 0/6] virtiofs queue
Date: Fri, 1 May 2020 20:14:54 +0100 [thread overview]
Message-ID: <20200501191500.126432-1-dgilbert@redhat.com> (raw)
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
The following changes since commit 1c47613588ccff44422d4bdeea0dc36a0a308ec7:
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging (2020-04-30 19:25:41 +0100)
are available in the Git repository at:
https://gitlab.com/dagrh/qemu.git tags/pull-virtiofs-20200501
for you to fetch changes up to 66502bbca37ca7a3bfa57e82cfc03b89a7a11eae:
virtiofsd: drop all capabilities in the wait parent process (2020-05-01 20:05:37 +0100)
----------------------------------------------------------------
virtiofsd: Pull 2020-05-01 (includes CVE fix)
This set includes a security fix, other fixes and improvements.
Security fix:
The security fix is for CVE-2020-10717 where, on low RAM hosts,
the guest can potentially exceed the maximum fd limit.
This fix adds some more configuration so that the user
can explicitly set the limit.
Thank you to Yuval Avrahami for reporting this.
Fixes:
Recursive mounting of the exported directory is now used in
the sandbox, such that if there was a mount underneath present at
the time the virtiofsd was started, that mount is also
visible to the guest; in the existing code, only mounts that
happened after startup were visible.
Security improvements:
The jailing for /proc/self/fd is improved - but it's something
that shouldn't be accessible anyway.
Most capabilities are now dropped at startup; again this shouldn't
change any behaviour but is extra protection.
----------------------------------------------------------------
Max Reitz (1):
virtiofsd: Show submounts
Miklos Szeredi (1):
virtiofsd: jail lo->proc_self_fd
Stefan Hajnoczi (4):
virtiofsd: add --rlimit-nofile=NUM option
virtiofsd: stay below fs.file-max sysctl value (CVE-2020-10717)
virtiofsd: only retain file system capabilities
virtiofsd: drop all capabilities in the wait parent process
tools/virtiofsd/fuse_lowlevel.h | 1 +
tools/virtiofsd/helper.c | 47 ++++++++++++++++++
tools/virtiofsd/passthrough_ll.c | 102 ++++++++++++++++++++++++++++++++-------
3 files changed, 133 insertions(+), 17 deletions(-)
next reply other threads:[~2020-05-01 19:16 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-01 19:14 Dr. David Alan Gilbert (git) [this message]
2020-05-01 19:14 ` [PULL 1/6] virtiofsd: add --rlimit-nofile=NUM option Dr. David Alan Gilbert (git)
2020-05-01 19:14 ` [PULL 2/6] virtiofsd: stay below fs.file-max sysctl value (CVE-2020-10717) Dr. David Alan Gilbert (git)
2020-05-01 19:14 ` [PULL 3/6] virtiofsd: jail lo->proc_self_fd Dr. David Alan Gilbert (git)
2020-05-01 19:14 ` [PULL 4/6] virtiofsd: Show submounts Dr. David Alan Gilbert (git)
2020-05-01 19:14 ` [PULL 5/6] virtiofsd: only retain file system capabilities Dr. David Alan Gilbert (git)
2020-05-01 19:15 ` [PULL 6/6] virtiofsd: drop all capabilities in the wait parent process Dr. David Alan Gilbert (git)
2020-05-01 19:28 ` [PULL 0/6] virtiofs queue Dr. David Alan Gilbert
2020-05-03 13:11 ` Peter Maydell
2020-05-04 8:13 ` Dr. David Alan Gilbert
-- strict thread matches above, loose matches on Subject: below --
2021-02-16 18:37 Dr. David Alan Gilbert (git)
2021-02-17 19:18 ` Peter Maydell
2020-02-21 13:25 Dr. David Alan Gilbert (git)
2020-02-21 18:37 ` Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200501191500.126432-1-dgilbert@redhat.com \
--to=dgilbert@redhat.com \
--cc=mreitz@redhat.com \
--cc=mszeredi@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
--cc=yavrahami@paloaltonetworks.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).