ACK: [PATCH 0/9][SRU][X] CVE-2019-3900: vhost DoS

[Stefan Bader]

On 08.08.19 06:45, Tyler Hicks wrote:
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-3900.html
> 
>  An infinite loop issue was found in the vhost_net kernel module in
>  Linux Kernel up to and including v5.1-rc6, while handling incoming
>  packets in handle_rx(). It could occur if one end sends packets faster
>  than the other end can process them. A guest user, maybe remote one,
>  could use this flaw to stall the vhost_net kernel thread, resulting in
>  a DoS scenario.
> 
> Fairly involved backports. Build logs are clean. I tested with
> netperf's TCP_RR, TCP_SENDFILE, TCP_STREAM, UDP_RR, and UDP_STREAM
> tests. The tests were initiated from both the host and the guest to
> ensure that the vhost-net connection was stable and that performance was
> similar before and after the patches were applied.
> 
> Tyler
> 
> Jason Wang (6):
>   vhost: introduce vhost_vq_avail_empty()
>   vhost_net: tx batching
>   vhost_net: introduce vhost_exceeds_weight()
>   vhost: introduce vhost_exceeds_weight()
>   vhost_net: fix possible infinite loop
>   vhost: scsi: add weight support
> 
> Paolo Abeni (1):
>   vhost_net: use packet weight for rx handler, too
> 
> Willem de Bruijn (1):
>   vhost_net: do not stall on zerocopy depletion
> 
> haibinzhang(张海斌) (1):
>   vhost-net: set packet weight of tx polling to 2 * vq size
> 
>  drivers/vhost/net.c   | 60 ++++++++++++++++++++++++++++++++-------------------
>  drivers/vhost/scsi.c  | 14 ++++++++----
>  drivers/vhost/vhost.c | 34 ++++++++++++++++++++++++++++-
>  drivers/vhost/vhost.h |  7 +++++-
>  4 files changed, 87 insertions(+), 28 deletions(-)
> 
Acked-by: Stefan Bader <stefan.bader at canonical.com>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20190812/36e1d91d/attachment.sig>