Received: by 10.192.165.148 with SMTP id m20csp4219399imm; Mon, 30 Apr 2018 14:07:01 -0700 (PDT) X-Google-Smtp-Source: AB8JxZp5b6cc6lewhEL4jCvqZ6s8HAKPxa/nRutlifEcMXoBn2SvAz1UiYa6wBTlGTD5h0zPVFZb X-Received: by 2002:a63:b443:: with SMTP id n3-v6mr4467321pgu.342.1525122421010; Mon, 30 Apr 2018 14:07:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1525122420; cv=none; d=google.com; s=arc-20160816; b=z0LBxnj5F3INhI3grG/oajxF8KfsJEbAiTIy/ah4r/DpUd3y05+Vam+PN+puBbrGS1 Ysdsd/Yjr6hyGKZICwKdimpQhj9wJ9WDl5bHrVazCjBPmrrPeDd1oYPVd/1R6tJ+6w3i 8KpJwscv74nwezHskKkGJ2fPZ53OEOSCXF834pk8kak721RSd2IobLPB6yeay1uaFoqR hU9m28h3LAaleKj/cpPEdg8/1GA5y27OhO4y9aXmSc+Oo+mQq6vyAsJWhd8w+lutFe9S Zu7BG0B9BqAvKVwvSu8+h8y7aOmSmQylq/EOK37RwQdNzX5B69oYtuYn1E5n/43ypJwN +FLA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature :arc-authentication-results; bh=S9cQcy7oo3wuf0PQ2uX/yL+izb/L4Cv3J7jKhZs2aiI=; b=fYSRxE24pkDHJ17QWMO+9giBwMvZkAYCszKqd/mugOC+PZxSCe94Gg3SiPst7DPmPd +46YnHSRCAcivLFBtODVS9zKjhSeLpDDh2gtQYPekTy4iJiNJ6Ru2RWfQ3ihoX767fnJ bnDlO1zOgihiB2mFLVIibVFyqYTugAuaDhjB3Ou9NhsRft/iCQETK6NcVtEe7smavwII Q1damy4u09TI5k8jDpyc4nQkgx/YCylB3sGxFrS1jAgiFZ5l6Dgf/FqUV7w5zGdj1Q6a liThl/SIDlaC0svJ+O63sJRoRhgWGQewUMiFDZhL1VxepfkqQ6jPCjt6/ka/Z8EinFNj /Pmg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=YLpZII6p; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d17-v6si6568596pgv.188.2018.04.30.14.06.46; Mon, 30 Apr 2018 14:07:00 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=YLpZII6p; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755174AbeD3VC7 (ORCPT + 99 others); Mon, 30 Apr 2018 17:02:59 -0400 Received: from out2-smtp.messagingengine.com ([66.111.4.26]:58135 "EHLO out2-smtp.messagingengine.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755115AbeD3VC4 (ORCPT ); Mon, 30 Apr 2018 17:02:56 -0400 Received: from compute7.internal (compute7.nyi.internal [10.202.2.47]) by mailout.nyi.internal (Postfix) with ESMTP id 13B1C22A22; Mon, 30 Apr 2018 17:02:56 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute7.internal (MEProxy); Mon, 30 Apr 2018 17:02:56 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:message-id:mime-version:subject:to:x-me-sender :x-me-sender:x-sasl-enc; s=fm2; bh=S9cQcy7oo3wuf0PQ2uX/yL+izb/L4 Cv3J7jKhZs2aiI=; b=YLpZII6phSPTIIaeS1X1KPGqoQGaW6cwtuNu+H/zmCVKX qm6WFenJi0FqOr+uqZoXj/naMFPhwX8wOMzAht2hpqC8M9KwJ52ntgcTSjh9S4BZ xEPPckfXsUG9Q67/hNjlmOkfQIxnXCMEHvFmFPFOCKqVpZx0DNb/EsQnNvPlRCjM q53fn9ZZRjuEW9eWe9hwkRx96Awrv4wEpxabMLl0VX9SMRDmCHr1/MgpN++I79ko YyeKECBC0TxJycUq8mgVEFLeLTPWnVL7Owj8h54h5pjb5Ap3BEVAONvpJcoe8coN P5g+XZU03ZKdUFor6VVxOhgTNpshvxn46RXGl6KBQ== X-ME-Sender: Received: from localhost.localdomain (ip5b40bfaa.dynamic.kabel-deutschland.de [91.64.191.170]) by mail.messagingengine.com (Postfix) with ESMTPA id 33835E4924; Mon, 30 Apr 2018 17:02:54 -0400 (EDT) From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= To: xen-devel@lists.xenproject.org Cc: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Boris Ostrovsky , Greg Kroah-Hartman , Jens Axboe , Juergen Gross , Konrad Rzeszutek Wilk , Stefano Stabellini , linux-block@vger.kernel.org (open list:BLOCK LAYER), linux-kernel@vger.kernel.org (open list), netdev@vger.kernel.org (open list:NETWORKING DRIVERS), stable@vger.kernel.org Subject: [PATCH 0/6] Fix XSA-155-like bugs in frontend drivers Date: Mon, 30 Apr 2018 23:01:44 +0200 Message-Id: X-Mailer: git-send-email 2.13.6 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Patches in original Xen Security Advisory 155 cared only about backend drivers while leaving frontend patches to be "developed and released (publicly) after the embargo date". This is said series. Marek Marczykowski-Górecki (6): xen: Add RING_COPY_RESPONSE() xen-netfront: copy response out of shared buffer before accessing it xen-netfront: do not use data already exposed to backend xen-netfront: add range check for Tx response id xen-blkfront: make local copy of response before using it xen-blkfront: prepare request locally, only then put it on the shared ring drivers/block/xen-blkfront.c | 110 ++++++++++++++++++--------------- drivers/net/xen-netfront.c | 61 +++++++++--------- include/xen/interface/io/ring.h | 14 ++++- 3 files changed, 106 insertions(+), 79 deletions(-) base-commit: 6d08b06e67cd117f6992c46611dfb4ce267cd71e -- git-series 0.9.1