Re: [PATCH v1 2/8] virtio: Add boundary checks to virtio ring

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




It looks to me all the evils came from the fact that we depends on the descriptor ring.

So the checks in this patch could is unnecessary if we don't even read from the descriptor ring which could be manipulated by the device.

This is what my series tries to achieve:

https://www.spinics.net/lists/kvm/msg241825.html

I would argue that you should boundary check in any case. It was always a bug to not have boundary checks in such a data structure with multiple users, trust or not.

But yes your patch series is interesting and definitely makes sense for TDX too.

Best would be to have both I guess, and always check the boundaries everywhere.

So what's the merge status of your series?

-Andi


_______________________________________________
Virtualization mailing list
Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linuxfoundation.org/mailman/listinfo/virtualization



[Index of Archives]     [KVM Development]     [Libvirt Development]     [Libvirt Users]     [CentOS Virtualization]     [Netdev]     [Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]

  Powered by Linux