Some time ago I took a look at i915 driver a bit. During my research I had found a few problems which had been fixed. Today (14th of May 2019), Intel announced the fix for reported security bug in i915 driver when Graphical Virtualization (GVT) is enabled under KVM (CVE-2019-11085 / INTEL-SA-00249). To be more specific, Intel’s vGPU driver allows for mappinng of arbitrary physical page into the context of calling process via mmap()

Additionally, Linux kernel community fixed two other bugs:

“[1/2] drm/i915: Prevent a race during I915_GEM_MMAP ioctl with WC set”

“[2/2] drm/i915: Handle vm_mmap error during I915_GEM_MMAP ioctl with WC set”

These bugs are pretty interesting from the pure research perspective so it is worth to take a look at the published patches.



Leave a Reply

CAPTCHA * Time limit is exhausted. Please reload the CAPTCHA.