Re: [PATCH 1/2] KVM: SVM: avoid infinite loop on NPF from bad address

From: Paolo Bonzini
Date: Tue Jun 08 2021 - 03:17:41 EST

Next message: Zhen Lei: "[PATCH 1/1] mm: remove trailing spaces and tabs"
Previous message: Zhen Lei: "[PATCH 1/1] lib: remove leading spaces before tabs"
In reply to: Salvatore Bonaccorso: "Re: [PATCH 1/2] KVM: SVM: avoid infinite loop on NPF from bad address"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 08/06/21 06:39, Salvatore Bonaccorso wrote:

Did this simply felt through the cracks here or is it not worth
backporting to older series? At least
https://bugzilla.redhat.com/show_bug.cgi?id=1947982#c3 seem to
indicate it might not be worth of if there is risk for regression if I
understand Wanpeng Li. Is this right?

It's not particularly interesting, because the loop can be broken with just Ctrl-C (or any signal for that matter) and the guest was misbehaving anyway. You can read from that bugzilla link my opinion on this "vulnerability": if you run a VM for somebody and they want to waste your CPU time, they can just run a while(1) loop.

It's a bug and it is caught by the kvm-unit-tests, so I marked it for stable at the time because it can be useful to run kvm-unit-tests on stable kernels and hanging is a bit impolite (the test harness has a timeout, but of course tests that hang have the risk missing other regressions).

I will review gladly a backport, but if it is just because of that CVE report, documenting that the vulnerability is bogus would be time spent better that doing and testing the backport.

Paolo

Next message: Zhen Lei: "[PATCH 1/1] mm: remove trailing spaces and tabs"
Previous message: Zhen Lei: "[PATCH 1/1] lib: remove leading spaces before tabs"
In reply to: Salvatore Bonaccorso: "Re: [PATCH 1/2] KVM: SVM: avoid infinite loop on NPF from bad address"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]