Marc-André Lureau <marcandre.lur...@gmail.com> 于2021年5月5日周三 下午5:10写道: > > Hi > > On Wed, May 5, 2021 at 9:21 AM Li Qiang <liq...@163.com> wrote: >> >> These security issue is low severity and is similar with the >> virtio-vga/virtio-gpu device. All of them can be triggered by >> the guest user. >> >> Li Qiang (7): >> vhost-user-gpu: fix memory disclosure in virgl_cmd_get_capset_info >> vhost-user-gpu: fix resource leak in 'vg_resource_create_2d' >> vhost-user-gpu: fix memory leak in vg_resource_attach_backing >> vhost-user-gpu: fix memory link while calling 'vg_resource_unref' >> vhost-user-gpu: fix memory leak in 'virgl_cmd_resource_unref' >> vhost-user-gpu: fix memory leak in 'virgl_resource_attach_backing' >> vhost-user-gpu: fix OOB write in 'virgl_cmd_get_capset' >> >> contrib/vhost-user-gpu/vhost-user-gpu.c | 7 +++++++ >> contrib/vhost-user-gpu/virgl.c | 17 ++++++++++++++++- >> 2 files changed, 23 insertions(+), 1 deletion(-) >> >> -- > > > The whole series looks good to me, and applies fixes that were done earlier > in virtio-gpu.
Do you mean you have merged this series? Should I tweak something such as "adding the original fix in virtio-gpu"/"better mapping iov cleanup"? Thanks, Li Qiang > > Thanks > > > -- > Marc-André Lureau