? 2021/6/10 ??1:00, Gautam Dawar ??:> Pls see inline
>
> Regards,
> Gautam
>
> -----Original Message-----
> From: Michael S. Tsirkin<mst at redhat.com>
> Sent: Thursday, June 10, 2021 10:00 AM
> To: Jason Wang<jasowang at redhat.com>
> Cc: Gautam Dawar<gdawar at xilinx.com>; Harpreet Singh
Anand<hanand at xilinx.com>; Martin Petrus Hubertus Habets<martinh at
xilinx.com>;virtualization at lists.linux-foundation.org
> Subject: Re: Security hole in vhost-vdpa?
>
> On Mon, Jun 07, 2021 at 10:10:03AM +0800, Jason Wang wrote:
>> ? 2021/6/7 ??5:38, Michael S. Tsirkin ??:
>>> On Sun, Jun 06, 2021 at 02:39:48PM +0000, Gautam Dawar wrote:
>>>> Hi All,
>>>>
>>>>
>>>> This is in continuation to my findings noted in Bug 213179 and
>>>> discussions we have had in the last couple of weeks over
emails.
>>>>
>>>>
>>>> Today, I published the first patch for this issue which adds
>>>> timeout based wait for completion event and also logs a warning
>>>> message to alert the user/ administrator of the problem.
>>> Can't close just finish without waiting for userspace?
>> It works as long as we don't use mmap(). When we map kicks, it
looks
>> to me there's no way to "revoke" the mapping from
userspace?
>>
>> Thanks
> Can't we track these mappings and map some other page there?
> Likely no more than one is needed ...
>
> [GD>>] I am working on a solution that is limited to kernel space
only and doesn't depend on userspace application (which could be a malicious
one).
> Will share more updates in a couple of days.
Cool. Let's see.
Thanks
>