Re: [PATCH v1 2/8] virtio: Add boundary checks to virtio ring

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


在 2021/6/3 上午10:18, Andi Kleen 写道:
It looks to me all the evils came from the fact that we depends on the descriptor ring.
So the checks in this patch could is unnecessary if we don't even read from the descriptor ring which could be manipulated by the device. 

This is what my series tries to achieve:

https://www.spinics.net/lists/kvm/msg241825.html
I would argue that you should boundary check in any case. It was always a bug to not have boundary checks in such a data structure with multiple users, trust or not.
But yes your patch series is interesting and definitely makes sense for TDX too.
Best would be to have both I guess, and always check the boundaries everywhere.
I agree but some of the checks are unnecessary in we do this series on top of my series. 




So what's the merge status of your series?
If I understand correctly from Michael, I will send a formal series and he will try to merge it for the 5.14. 

Thanks




-Andi




_______________________________________________
Virtualization mailing list
Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
[Index of Archives]     [KVM Development]     [Libvirt Development]     [Libvirt Users]     [CentOS Virtualization]     [Netdev]     [Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]

  Powered by Linux