Hi:
This series try to prvernt a guest triggerable CPU hogging through
vhost kthread. This is done by introducing and checking the weight
after each requrest. The patch has been tested with reproducer of
vsock and virtio-net. Only compile test is done for vhost-scsi.
Please review.
This addresses CVE-2019-3900.
Jason Wang (4):
vhost: introduce vhost_exceeds_weight()
vhost_net: fix possible infinite loop
vhost: vsock: add weight support
vhost: scsi: add weight support
drivers/vhost/net.c | 41 ++++++++++++++---------------------------
drivers/vhost/scsi.c | 21 ++++++++++++++-------
drivers/vhost/vhost.c | 20 +++++++++++++++++++-
drivers/vhost/vhost.h | 5 ++++-
drivers/vhost/vsock.c | 28 +++++++++++++++++++++-------
5 files changed, 72 insertions(+), 43 deletions(-)
--
1.8.3.1
On Thu, May 16, 2019 at 03:47:38AM -0400, Jason Wang wrote:
> Hi:
>
> This series try to prvernt a guest triggerable CPU hogging through
> vhost kthread. This is done by introducing and checking the weight
> after each requrest. The patch has been tested with reproducer of
> vsock and virtio-net. Only compile test is done for vhost-scsi.
>
> Please review.
>
> This addresses CVE-2019-3900.
>
> Jason Wang (4):
> vhost: introduce vhost_exceeds_weight()
> vhost_net: fix possible infinite loop
> vhost: vsock: add weight support
> vhost: scsi: add weight support
>
> drivers/vhost/net.c | 41 ++++++++++++++---------------------------
> drivers/vhost/scsi.c | 21 ++++++++++++++-------
> drivers/vhost/vhost.c | 20 +++++++++++++++++++-
> drivers/vhost/vhost.h | 5 ++++-
> drivers/vhost/vsock.c | 28 +++++++++++++++++++++-------
> 5 files changed, 72 insertions(+), 43 deletions(-)
>
> --
> 1.8.3.1
>
Looks good aside from the use-after-free in the vsock patch.