Hi:
This series try to prevent a guest triggerable CPU hogging through
vhost kthread. This is done by introducing and checking the weight
after each requrest. The patch has been tested with reproducer of
vsock and virtio-net. Only compile test is done for vhost-scsi.
Please review.
This addresses CVE-2019-3900.
Changs from V1:
- fix user-ater-free in vosck patch
Jason Wang (4):
vhost: introduce vhost_exceeds_weight()
vhost_net: fix possible infinite loop
vhost: vsock: add weight support
vhost: scsi: add weight support
drivers/vhost/net.c | 41 ++++++++++++++---------------------------
drivers/vhost/scsi.c | 21 ++++++++++++++-------
drivers/vhost/vhost.c | 20 +++++++++++++++++++-
drivers/vhost/vhost.h | 5 ++++-
drivers/vhost/vsock.c | 28 +++++++++++++++++++++-------
5 files changed, 72 insertions(+), 43 deletions(-)
--
1.8.3.1
On Fri, May 17, 2019 at 12:29:48AM -0400, Jason Wang wrote:
> Hi:
>
> This series try to prevent a guest triggerable CPU hogging through
> vhost kthread. This is done by introducing and checking the weight
> after each requrest. The patch has been tested with reproducer of
> vsock and virtio-net. Only compile test is done for vhost-scsi.
>
> Please review.
>
> This addresses CVE-2019-3900.
>
> Changs from V1:
> - fix user-ater-free in vosck patch
>
> Jason Wang (4):
> vhost: introduce vhost_exceeds_weight()
> vhost_net: fix possible infinite loop
> vhost: vsock: add weight support
> vhost: scsi: add weight support
>
> drivers/vhost/net.c | 41 ++++++++++++++---------------------------
> drivers/vhost/scsi.c | 21 ++++++++++++++-------
> drivers/vhost/vhost.c | 20 +++++++++++++++++++-
> drivers/vhost/vhost.h | 5 ++++-
> drivers/vhost/vsock.c | 28 +++++++++++++++++++++-------
> 5 files changed, 72 insertions(+), 43 deletions(-)
>
> --
> 1.8.3.1
>
> _______________________________________________
> Virtualization mailing list
> [email protected]
> https://lists.linuxfoundation.org/mailman/listinfo/virtualization
Reviewed-by: Stefan Hajnoczi <[email protected]>
From: Jason Wang <[email protected]>
Date: Fri, 17 May 2019 00:29:48 -0400
> Hi:
>
> This series try to prevent a guest triggerable CPU hogging through
> vhost kthread. This is done by introducing and checking the weight
> after each requrest. The patch has been tested with reproducer of
> vsock and virtio-net. Only compile test is done for vhost-scsi.
>
> Please review.
>
> This addresses CVE-2019-3900.
>
> Changs from V1:
> - fix user-ater-free in vosck patch
I am assuming that not only will mst review this, it will also go via
his tree rather than mine.
Thanks.
On Fri, May 17, 2019 at 12:29:48AM -0400, Jason Wang wrote:
> Hi:
>
> This series try to prevent a guest triggerable CPU hogging through
> vhost kthread. This is done by introducing and checking the weight
> after each requrest. The patch has been tested with reproducer of
> vsock and virtio-net. Only compile test is done for vhost-scsi.
>
> Please review.
> This addresses CVE-2019-3900.
OK I think we should clean this code some more but given
it's a CVE fix maybe it's best to do as a patch on top.
Acked-by: Michael S. Tsirkin <[email protected]>
Dave do you want to merge this or should I?
>
> Changs from V1:
> - fix user-ater-free in vosck patch
>
> Jason Wang (4):
> vhost: introduce vhost_exceeds_weight()
> vhost_net: fix possible infinite loop
> vhost: vsock: add weight support
> vhost: scsi: add weight support
>
> drivers/vhost/net.c | 41 ++++++++++++++---------------------------
> drivers/vhost/scsi.c | 21 ++++++++++++++-------
> drivers/vhost/vhost.c | 20 +++++++++++++++++++-
> drivers/vhost/vhost.h | 5 ++++-
> drivers/vhost/vsock.c | 28 +++++++++++++++++++++-------
> 5 files changed, 72 insertions(+), 43 deletions(-)
>
> --
> 1.8.3.1
On 2019/5/20 下午8:52, Michael S. Tsirkin wrote:
> On Fri, May 17, 2019 at 12:29:48AM -0400, Jason Wang wrote:
>> Hi:
>>
>> This series try to prevent a guest triggerable CPU hogging through
>> vhost kthread. This is done by introducing and checking the weight
>> after each requrest. The patch has been tested with reproducer of
>> vsock and virtio-net. Only compile test is done for vhost-scsi.
>>
>> Please review.
>> This addresses CVE-2019-3900.
> OK I think we should clean this code some more but given
> it's a CVE fix maybe it's best to do as a patch on top.
>
> Acked-by: Michael S. Tsirkin<[email protected]>
>
> Dave do you want to merge this or should I?
>
According to David's last reply, it's better for you to merge I think.
Thanks
On Sat, May 18, 2019 at 01:27:12PM -0700, David Miller wrote:
> From: Jason Wang <[email protected]>
> Date: Fri, 17 May 2019 00:29:48 -0400
>
> > Hi:
> >
> > This series try to prevent a guest triggerable CPU hogging through
> > vhost kthread. This is done by introducing and checking the weight
> > after each requrest. The patch has been tested with reproducer of
> > vsock and virtio-net. Only compile test is done for vhost-scsi.
> >
> > Please review.
> >
> > This addresses CVE-2019-3900.
> >
> > Changs from V1:
> > - fix user-ater-free in vosck patch
>
> I am assuming that not only will mst review this, it will also go via
> his tree rather than mine.
>
> Thanks.
Will do.