Re: [PATCH] xen/usb: harden xen_hcd against malicious backends

[Juergen Gross <jgross@xxxxxxxx>]

On 15.03.22 18:41, Greg Kroah-Hartman wrote:
> On Fri, Mar 11, 2022 at 11:35:09AM +0100, Juergen Gross wrote:
> > Make sure a malicious backend can't cause any harm other than wrong
> > I/O data.
> >
> > Missing are verification of the request id in a response, sanitizing
> > the reported actual I/O length, and protection against interrupt storms
> > from the backend.
> >
> > Signed-off-by: Juergen Gross <jgross@xxxxxxxx>
> > ---
> >   drivers/usb/host/xen-hcd.c | 57 ++++++++++++++++++++++++++++----------
> >   1 file changed, 43 insertions(+), 14 deletions(-)
> Fails to apply to my tree:
>
> checking file drivers/usb/host/xen-hcd.c
> Hunk #2 succeeded at 720 (offset -1 lines).
> Hunk #3 succeeded at 807 (offset -3 lines).
> Hunk #4 succeeded at 934 (offset -5 lines).
> Hunk #5 FAILED at 986.
> Hunk #6 succeeded at 1003 with fuzz 1 (offset -10 lines).
> Hunk #7 succeeded at 1048 (offset -10 lines).
> Hunk #8 succeeded at 1072 (offset -10 lines).
> Hunk #9 succeeded at 1161 (offset -10 lines).
> Hunk #10 succeeded at 1516 (offset -10 lines).
> 1 out of 10 hunks FAILED
>
> Any hints?
Rebase your tree to v5.17-rc8? It is missing the recent security
patches which modified drivers/usb/host/xen-hcd.c.


Juergen

Attachment: OpenPGP_0xB0DE9DD628BF132F.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature
Description: OpenPGP digital signature