[Intel-gfx] [PATCH i-g-t] cve: Add checker for cve-2019-0155

Chris Wilson chris at chris-wilson.co.uk
Fri Nov 22 09:20:11 UTC 2019


Quoting Petri Latvala (2019-11-22 09:14:07)
> On Thu, Nov 21, 2019 at 05:19:30PM +0200, Mika Kuoppala wrote:
> > Add vulnerability checker for cve-2019-0155
> > 
> > v2: sync, bailout early if no parser (Chris)
> > 
> > Cc: Chris Wilson <chris at chris-wilson.co.uk>
> > Cc: Jon Bloomfield <jon.bloomfield at intel.com>
> > Cc: Joonas Lahtinen <joonas.lahtinen at intel.com>
> > References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0155
> > References: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html
> > Signed-off-by: Mika Kuoppala <mika.kuoppala at linux.intel.com>
> > ---
> >  Makefile.am          |   2 +-
> >  configure.ac         |   1 +
> >  cve/Makefile.am      |  14 ++
> >  cve/Makefile.sources |   5 +
> >  cve/cve-2019-0155.c  | 470 +++++++++++++++++++++++++++++++++++++++++++
> >  cve/meson.build      |  12 ++
> >  meson.build          |   1 +
> 
> Why do we need a new source directory and new install directory for
> this? Can't this be in tools/?

Because we would like to carve out a niche for these. If Google asks for
a verifier for every single bug we encounter, it's going to be a huge
directory.
-Chris


More information about the Intel-gfx mailing list