similar to: [net] vhost: Use kzalloc() to allocate vhost_msg_node

On Fri, Apr 27, 2018 at 11:45:02AM -0400, Kevin Easton wrote: > The struct vhost_msg within struct vhost_msg_node is copied to userspace, > so it should be allocated with kzalloc() to ensure all structure padding > is zeroed. > > Signed-off-by: Kevin Easton <kevin at guarana.org> > Reported-by: syzbot+87cfa083e727a224754b at syzkaller.appspotmail.com > --- >

On Tue, May 29, 2018 at 03:19:08PM -0700, Guenter Roeck wrote: > On Fri, Apr 27, 2018 at 11:45:02AM -0400, Kevin Easton wrote: > > The struct vhost_msg within struct vhost_msg_node is copied to userspace, > > so it should be allocated with kzalloc() to ensure all structure padding > > is zeroed. > > > > Signed-off-by: Kevin Easton <kevin at guarana.org> >

From: "Michael S. Tsirkin" <mst at redhat.com> Date: Fri, 27 Apr 2018 19:02:05 +0300 > There's a 32 bit hole just after type. It's best to > give it a name, this way compiler is forced to initialize > it with rest of the structure. > > Reported-by: Kevin Easton <kevin at guarana.org> > Signed-off-by: Michael S. Tsirkin <mst at redhat.com>

From: "Michael S. Tsirkin" <mst at redhat.com> Date: Fri, 27 Apr 2018 19:02:05 +0300 > There's a 32 bit hole just after type. It's best to > give it a name, this way compiler is forced to initialize > it with rest of the structure. > > Reported-by: Kevin Easton <kevin at guarana.org> > Signed-off-by: Michael S. Tsirkin <mst at redhat.com>

#syz test: https://github.com/google/kmsan.git/master d2d741e5d1898dfde1a75ea3d29a9a3e2edf0617 Subject: vhost: fix info leak Fixes: CVE-2018-1118 Signed-off-by: Michael S. Tsirkin <mst at redhat.com> --- diff --git a/drivers/vhost/vhost.c b/drivers/vhost/vhost.c index f0be5f35ab28..9beefa6ed1ce 100644 --- a/drivers/vhost/vhost.c +++ b/drivers/vhost/vhost.c @@ -2345,6 +2345,9 @@ struct

#syz test: https://github.com/google/kmsan.git/master d2d741e5d1898dfde1a75ea3d29a9a3e2edf0617 Subject: vhost: fix info leak Fixes: CVE-2018-1118 Signed-off-by: Michael S. Tsirkin <mst at redhat.com> --- diff --git a/drivers/vhost/vhost.c b/drivers/vhost/vhost.c index f0be5f35ab28..9beefa6ed1ce 100644 --- a/drivers/vhost/vhost.c +++ b/drivers/vhost/vhost.c @@ -2345,6 +2345,9 @@ struct

On Thu, Jun 07, 2018 at 06:43:55PM +0100, Al Viro wrote: > On Thu, Jun 07, 2018 at 06:38:48PM +0300, Michael S. Tsirkin wrote: > > #syz test: https://github.com/google/kmsan.git/master d2d741e5d1898dfde1a75ea3d29a9a3e2edf0617 > > > > Subject: vhost: fix info leak > > > > Fixes: CVE-2018-1118 > > Signed-off-by: Michael S. Tsirkin <mst at redhat.com>

On Thu, Jun 07, 2018 at 06:43:55PM +0100, Al Viro wrote: > On Thu, Jun 07, 2018 at 06:38:48PM +0300, Michael S. Tsirkin wrote: > > #syz test: https://github.com/google/kmsan.git/master d2d741e5d1898dfde1a75ea3d29a9a3e2edf0617 > > > > Subject: vhost: fix info leak > > > > Fixes: CVE-2018-1118 > > Signed-off-by: Michael S. Tsirkin <mst at redhat.com>

We use to have message like: struct vhost_msg { int type; union { struct vhost_iotlb_msg iotlb; __u8 padding[64]; }; }; Unfortunately, there will be a hole of 32bit in 64bit machine because of the alignment. This leads a different formats between 32bit API and 64bit API. What's more it will break 32bit program running on 64bit machine. So fixing this by introducing a new message type

We use to have message like: struct vhost_msg { int type; union { struct vhost_iotlb_msg iotlb; __u8 padding[64]; }; }; Unfortunately, there will be a hole of 32bit in 64bit machine because of the alignment. This leads a different formats between 32bit API and 64bit API. What's more it will break 32bit program running on 64bit machine. So fixing this by introducing a new message type

Move vhost.h to include/linux to allow vhost driver out-of-tree compilation. Currently, this cannot be done properly because the vhost header file is in driver/vhost. To distribute a new vhost driver before it is included in the kernel tree, we need to package it using kmod, dkms, ..., and to compile it out-of-tree using headers provided by the distribution's kernel development package.

Move vhost.h to include/linux to allow vhost driver out-of-tree compilation. Currently, this cannot be done properly because the vhost header file is in driver/vhost. To distribute a new vhost driver before it is included in the kernel tree, we need to package it using kmod, dkms, ..., and to compile it out-of-tree using headers provided by the distribution's kernel development package.

This patch tries to implement an device IOTLB for vhost. This could be used with for co-operation with userspace IOMMU implementation (qemu) for a secure DMA environment (DMAR) in guest. The idea is simple. When vhost meets an IOTLB miss, it will request the assistance of userspace to do the translation, this is done through: - when there's a IOTLB miss, it will notify userspace through

This patch tries to implement an device IOTLB for vhost. This could be used with for co-operation with userspace IOMMU implementation (qemu) for a secure DMA environment (DMAR) in guest. The idea is simple. When vhost meets an IOTLB miss, it will request the assistance of userspace to do the translation, this is done through: - when there's a IOTLB miss, it will notify userspace through

This patch tries to implement an device IOTLB for vhost. This could be used with for co-operation with userspace IOMMU implementation (qemu) for a secure DMA environment (DMAR) in guest. The idea is simple. When vhost meets an IOTLB miss, it will request the assistance of userspace to do the translation, this is done through: - when there's a IOTLB miss, it will notify userspace through

This patch tries to implement an device IOTLB for vhost. This could be used with for co-operation with userspace IOMMU implementation (qemu) for a secure DMA environment (DMAR) in guest. The idea is simple. When vhost meets an IOTLB miss, it will request the assistance of userspace to do the translation, this is done through: - when there's a IOTLB miss, it will notify userspace through

This patch tries to implement an device IOTLB for vhost. This could be used with for co-operation with userspace IOMMU implementation (qemu) for a secure DMA environment (DMAR) in guest. The idea is simple. When vhost meets an IOTLB miss, it will request the assistance of userspace to do the translation, this is done through: - when there's a IOTLB miss, it will notify userspace through

This patch tries to implement an device IOTLB for vhost. This could be used with for co-operation with userspace IOMMU implementation (qemu) for a secure DMA environment (DMAR) in guest. The idea is simple. When vhost meets an IOTLB miss, it will request the assistance of userspace to do the translation, this is done through: - when there's a IOTLB miss, it will notify userspace through

On Mon, May 22, 2023 at 02:20:19PM +0530, Prathu Baronia wrote: >Use kzalloc() to allocate new zeroed out msg node instead of >memsetting a node allocated with kmalloc(). > >Signed-off-by: Prathu Baronia <prathubaronia2011 at gmail.com> >--- > drivers/vhost/vhost.c | 5 ++--- > 1 file changed, 2 insertions(+), 3 deletions(-) > >diff --git a/drivers/vhost/vhost.c

On Wed, Dec 12, 2018 at 06:08:19PM +0800, Jason Wang wrote: > Vhost dirty page logging API is designed to sync through GPA. But we > try to log GIOVA when device IOTLB is enabled. This is wrong and may > lead to missing data after migration. > > To solve this issue, when logging with device IOTLB enabled, we will: > > 1) reuse the device IOTLB translation result of