Re: [PATCH 0/7] vhost-user-gpu: fix several security issues

[Philippe Mathieu-Daudé]

On 5/5/21 11:35 AM, Marc-André Lureau wrote:
> Hi
> 
> On Wed, May 5, 2021 at 1:28 PM Li Qiang <liq3ea@gmail.com
> <mailto:liq3ea@gmail.com>> wrote:
> 
>     Marc-André Lureau <marcandre.lureau@gmail.com
>     <mailto:marcandre.lureau@gmail.com>> 于2021年5月5日周三 下午5:10写道：
>     >
>     > Hi
>     >
>     > On Wed, May 5, 2021 at 9:21 AM Li Qiang <liq3ea@163.com
>     <mailto:liq3ea@163.com>> wrote:
>     >>
>     >> These security issue is low severity and is similar with the
>     >> virtio-vga/virtio-gpu device. All of them can be triggered by
>     >> the guest user.
>     >>
>     >> Li Qiang (7):
>     >>   vhost-user-gpu: fix memory disclosure in virgl_cmd_get_capset_info
>     >>   vhost-user-gpu: fix resource leak in 'vg_resource_create_2d'
>     >>   vhost-user-gpu: fix memory leak in vg_resource_attach_backing
>     >>   vhost-user-gpu: fix memory link while calling 'vg_resource_unref'
>     >>   vhost-user-gpu: fix memory leak in 'virgl_cmd_resource_unref'
>     >>   vhost-user-gpu: fix memory leak in 'virgl_resource_attach_backing'
>     >>   vhost-user-gpu: fix OOB write in 'virgl_cmd_get_capset'
>     >>
>     >>  contrib/vhost-user-gpu/vhost-user-gpu.c |  7 +++++++
>     >>  contrib/vhost-user-gpu/virgl.c          | 17 ++++++++++++++++-
>     >>  2 files changed, 23 insertions(+), 1 deletion(-)
>     >>
>     >> --
>     >
>     >
>     > The whole series looks good to me, and applies fixes that were
>     done earlier in virtio-gpu.
> 
>     Do you mean you have merged this series?
>     Should I tweak something such as "adding the original fix in
>     virtio-gpu"/"better mapping iov cleanup"?

Yes, and please also mention the corresponding CVE (CVE-2021-3544,
CVE-2021-3545, CVE-2021-3546).

> 
> 
> No I didn't. I was waiting for the answers to Prasad questions, and
> eventually v2.
> 
> Then either Gerd or me can queue this imho.
>  
> -- 
> Marc-André Lureau