Re: [PATCH v2 0/4] xen: harden netfront against malicious backends

From: patchwork-bot+netdevbpf
Date: Wed Aug 25 2021 - 06:00:19 EST


Hello:

This series was applied to netdev/net-next.git (refs/heads/master):

On Tue, 24 Aug 2021 12:28:05 +0200 you wrote:
> Xen backends of para-virtualized devices can live in dom0 kernel, dom0
> user land, or in a driver domain. This means that a backend might
> reside in a less trusted environment than the Xen core components, so
> a backend should not be able to do harm to a Xen guest (it can still
> mess up I/O data, but it shouldn't be able to e.g. crash a guest by
> other means or cause a privilege escalation in the guest).
>
> [...]

Here is the summary with links:
- [v2,1/4] xen/netfront: read response from backend only once
https://git.kernel.org/netdev/net-next/c/8446066bf8c1
- [v2,2/4] xen/netfront: don't read data from request on the ring page
https://git.kernel.org/netdev/net-next/c/162081ec33c2
- [v2,3/4] xen/netfront: disentangle tx_skb_freelist
https://git.kernel.org/netdev/net-next/c/21631d2d741a
- [v2,4/4] xen/netfront: don't trust the backend response data blindly
https://git.kernel.org/netdev/net-next/c/a884daa61a7d

You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html