virtiofsd: stay under fs.file-max sysctl limit (CVE-2020-10717)

[PATCH v2 0/2] virtiofsd: stay under fs.file-max sysctl limit (CVE-2020-10717)

Stefan Hajnoczi posted 2 patches 4 years ago

Download series mbox

Test docker-mingw@fedora passed

Test checkpatch passed

Test asan passed

Test docker-quick@centos7 passed

Test FreeBSD passed

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20200501140644.220940-1-stefanha@redhat.com

tools/virtiofsd/fuse_lowlevel.h  |  1 +
tools/virtiofsd/helper.c         | 47 ++++++++++++++++++++++++++++++++
tools/virtiofsd/passthrough_ll.c | 22 ++++++---------
3 files changed, 56 insertions(+), 14 deletions(-)

Expand all Fold all

[PATCH v2 0/2] virtiofsd: stay under fs.file-max sysctl limit (CVE-2020-10717)

Posted by Stefan Hajnoczi 4 years ago

This patch series introduces the --rlimit-nofile=NUM option for setting the
number of open files on the virtiofsd process.  This gives users and management
tools more control over resource limits.

Previously it was possible for FUSE clients on machines with less than ~10 GB
of RAM to exhaust the system-wide open file limit.  This is a denial of service
attack against other processes running on the host.

This patch series updates the default RLIMIT_NOFILE calculation to take the
fs.file-max sysctl value into account.  This solves the fs.file-max DoS.

Stefan Hajnoczi (2):
  virtiofsd: add --rlimit-nofile=NUM option
  virtiofsd: stay below fs.file-max sysctl value (CVE-2020-10717)

 tools/virtiofsd/fuse_lowlevel.h  |  1 +
 tools/virtiofsd/helper.c         | 47 ++++++++++++++++++++++++++++++++
 tools/virtiofsd/passthrough_ll.c | 22 ++++++---------
 3 files changed, 56 insertions(+), 14 deletions(-)

-- 
2.25.3

Re: [PATCH v2 0/2] virtiofsd: stay under fs.file-max sysctl limit (CVE-2020-10717)

Posted by Dr. David Alan Gilbert 4 years ago

* Stefan Hajnoczi (stefanha@redhat.com) wrote:
> This patch series introduces the --rlimit-nofile=NUM option for setting the
> number of open files on the virtiofsd process.  This gives users and management
> tools more control over resource limits.
> 
> Previously it was possible for FUSE clients on machines with less than ~10 GB
> of RAM to exhaust the system-wide open file limit.  This is a denial of service
> attack against other processes running on the host.
> 
> This patch series updates the default RLIMIT_NOFILE calculation to take the
> fs.file-max sysctl value into account.  This solves the fs.file-max DoS.

Queued.

> Stefan Hajnoczi (2):
>   virtiofsd: add --rlimit-nofile=NUM option
>   virtiofsd: stay below fs.file-max sysctl value (CVE-2020-10717)
> 
>  tools/virtiofsd/fuse_lowlevel.h  |  1 +
>  tools/virtiofsd/helper.c         | 47 ++++++++++++++++++++++++++++++++
>  tools/virtiofsd/passthrough_ll.c | 22 ++++++---------
>  3 files changed, 56 insertions(+), 14 deletions(-)
> 
> -- 
> 2.25.3
> 
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK