On Mon, May 10, 2021 at 02:06:55PM +0200, Haris Iqbal wrote: > On Mon, May 10, 2021 at 1:53 PM Leon Romanovsky <leon@xxxxxxxxxx> wrote: > > > > On Mon, May 10, 2021 at 01:00:33PM +0200, Haris Iqbal wrote: > > > On Sun, May 9, 2021 at 1:24 PM Leon Romanovsky <leon@xxxxxxxxxx> wrote: > > > > > > > > On Mon, May 03, 2021 at 01:48:01PM +0200, Gioh Kim wrote: > > > > > From: Gioh Kim <gi-oh.kim@xxxxxxxxxxxxxxx> > > > > > > > > > > The queue_depth size is sent from server and > > > > > server already checks validity of the value. > > > > > > > > Do you trust server? What will be if server is not reliable and sends > > > > garbage? > > > > > > Hi Leon, > > > > > > The server code checks for the queue_depth before sending. If the > > > server is really running malicious code, then the queue_depth is the > > > last thing that the client needs to worry about. > > > > Like what? for an example? > > Like accessing compromised block devices. If the queue_depth is > garbage, the client would fail at allocation with ENOMEM; thats it. The client will get wrong data, check it and discard. The case of ENOMEM triggered by remote side is different. It can cause to DDOS on the client. Thanks > > > > > Thanks