ivampiresp/Spdk
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

CHANGELOG: add note on vhost vulnerability

Browse Source 
Signed-off-by: Jim Harris <james.r.harris@intel.com>
Change-Id: Id47256ecfc5d774e7d8054423cda32a90f0c4f76

Reviewed-on: https://review.gerrithub.io/c/442929
Chandler-Test-Pool: SPDK Automated Test System <sys_sgsw@intel.com>
Tested-by: SPDK CI Jenkins <sys_sgci@intel.com>
Reviewed-by: Darek Stojaczyk <dariusz.stojaczyk@intel.com>
Reviewed-by: Tomasz Zawadzki <tomasz.zawadzki@intel.com>
This commit is contained in:
Jim Harris 2019-01-31 20:11:19 -07:00 committed by Darek Stojaczyk
parent ce75af2140
commit eca42c6609
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
CHANGELOG.md
View File

@ -191,6 +191,13 @@ block devices. The module is split into the library (located in lib/ftl) and bde
### vhost ### vhost
A security vulnerability has been identified and fixed in the SPDK vhost target. A malicious
vhost client (i.e. virtual machine) could carefully construct a circular descriptor chain which
would result in a partial denial of service in the SPDK vhost target. These types of descriptor
chains are now properly detected by the vhost target. All SPDK vhost users serving untrusted
vhost clients are strongly recommended to upgrade. (Reported by Dima Stepanov and Evgeny
Yakovlev.)
Vhost SCSI and Vhost Block devices can now accept multiple connections on the same socket file. Vhost SCSI and Vhost Block devices can now accept multiple connections on the same socket file.
Each connection (internally called a vhost session) will have access to the same storage, but Each connection (internally called a vhost session) will have access to the same storage, but
will use different virtqueues, different features and possibly different memory. will use different virtqueues, different features and possibly different memory.