On 10/06/15 16:58, Michael S. Tsirkin wrote: > On Tue, Oct 06, 2015 at 11:23:11AM +0300, Vlad Zolotarov wrote: >> Michael, how this or any other related patch is related to the problem u r >> describing? >> The above ability is there for years and if memory serves me >> well it was u who wrote uio_pci_generic with this "security flaw". ;) > I answered all this already. > > This patch enables bus mastering, enables MSI or MSI-X
This may be done from the user space right now without this patch... > , and requires > userspace to map the MSI-X table Hmmm... I must have missed this requirement. Could u, pls., clarify? From what I see, MSI/MSI-X table is configured completely in the kernel here... > and read/write the config space. > This means that a single userspace bug is enough to corrupt kernel > memory. Could u, pls., provide and example of this simple bug? Because it's absolutely not obvious... > > uio_pci_generic does not enable bus mastering or MSI, and > it might be a good idea to have uio_pci_generic block > access to MSI/MSI-X config. Since device bars may be mapped bypassing the UIO/uio_pci_generic - this won't solve any issue.
