Marc-André Lureau <marcandre.lureau@gmail.com> 于2021年5月5日周三 下午5:10写道:
>
> Hi
>
> On Wed, May 5, 2021 at 9:21 AM Li Qiang <liq3ea@163.com> wrote:
>>
>> These security issue is low severity and is similar with the
>> virtio-vga/virtio-gpu device. All of them can be triggered by
>> the guest user.
>>
>> Li Qiang (7):
>> vhost-user-gpu: fix memory disclosure in virgl_cmd_get_capset_info
>> vhost-user-gpu: fix resource leak in 'vg_resource_create_2d'
>> vhost-user-gpu: fix memory leak in vg_resource_attach_backing
>> vhost-user-gpu: fix memory link while calling 'vg_resource_unref'
>> vhost-user-gpu: fix memory leak in 'virgl_cmd_resource_unref'
>> vhost-user-gpu: fix memory leak in 'virgl_resource_attach_backing'
>> vhost-user-gpu: fix OOB write in 'virgl_cmd_get_capset'
>>
>> contrib/vhost-user-gpu/vhost-user-gpu.c | 7 +++++++
>> contrib/vhost-user-gpu/virgl.c | 17 ++++++++++++++++-
>> 2 files changed, 23 insertions(+), 1 deletion(-)
>>
>> --
>
>
> The whole series looks good to me, and applies fixes that were done earlier in virtio-gpu.
Do you mean you have merged this series?
Should I tweak something such as "adding the original fix in
virtio-gpu"/"better mapping iov cleanup"?
No I didn't. I was waiting for the answers to Prasad questions, and eventually v2.
Then either Gerd or me can queue this imho.