[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] libvhost-user: Support across-memory-boundary a

From: Maxime Coquelin
Subject: Re: [Qemu-devel] [PATCH] libvhost-user: Support across-memory-boundary access
Date: Thu, 8 Feb 2018 17:38:27 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2

On 01/18/2018 05:04 PM, Yongji Xie wrote:
The sg list/indirect descriptor table may be contigious
in GPA but not in HVA address space. But libvhost-user
wasn't aware of that. This would cause out-of-bounds
access. Even a malicious guest could use it to get
information from the vhost-user backend.

Introduce a plen parameter in vu_gpa_to_va() so we can
handle this case, returning the actual mapped length.

Signed-off-by: Yongji Xie <address@hidden>
  contrib/libvhost-user/libvhost-user.c |  133 +++++++++++++++++++++++++++++----
  contrib/libvhost-user/libvhost-user.h |    3 +-
  2 files changed, 122 insertions(+), 14 deletions(-)

Reviewed-by: Maxime Coquelin <address@hidden>


reply via email to

[Prev in Thread] Current Thread [Next in Thread]