> -----Original Message----- > From: Dan Carpenter [mailto:dan.carpenter@xxxxxxxxxx] > Sent: Thursday, January 09, 2014 12:09 PM > To: KY Srinivasan > Cc: olaf@xxxxxxxxx; gregkh@xxxxxxxxxxxxxxxxxxx; jasowang@xxxxxxxxxx; linux- > kernel@xxxxxxxxxxxxxxx; apw@xxxxxxxxxxxxx; devel@xxxxxxxxxxxxxxxxxxxxxx > Subject: Re: [PATCH 1/1] Drivers: hv: Implement the file copy service > > We've had this discussion before where you urge me to trust the host... I am just implementing the protocol specification given by the host. If I cannot trust the specified protocol, I am not sure what else can be done here. > > Problem: This code is racy. > Solution: The host will only send one message at a time. The code is not racy given the protocol that is specified. While I could have blindly trusted the host, this driver code actually reads only one packet at a time. When we get a transaction from the host, we do not process any more transactions until the current transaction is fully processed. So what is the race condition here? > > Now I have to audit the user space code on the host and I don't feel > like doing that so you win. I don't think you need to audit any code. > > I wish we had a better way to do IPC. If kdbus were ready, that might > have worked for this, and it's a better solution because both sender and > reciever code will be written in a less trusting way. I am not sure how kdbus would help you here. We are talking about communicating between the host and the guest here. K. Y > > regards, > dan carpenter _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
