Re: [Xen-devel] [PATCH] xen: Add RING_COPY_RESPONSE()

[Oleksandr Andrushchenko <andr2000@xxxxxxxxx>]

On 05/02/2018 10:19 AM, Jan Beulich wrote:
> > > > On 02.05.18 at 07:29, <andr2000@xxxxxxxxx> wrote:
> > On 05/01/2018 12:54 AM, Marek Marczykowski-Górecki wrote:
> > > Using RING_GET_RESPONSE() on a shared ring is easy to use incorrectly
> > > (i.e., by not considering that the other end may alter the data in the
> > > shared ring while it is being inspected).  Safe usage of a response
> > > generally requires taking a local copy.
> > I do not agree with that. Copying still doesn't make all the above safe
> > as nothing prevents the backend from overwriting the response while
> > frontend makes its local copy.
> But that's not the point here: What the frontend wants is a single, consistent
> (i.e. not further changing) view of the response, i.e. avoid the multiple reads
> issue addressed in XSA-155 for backends. Once it has that, it could still apply
> (sanity) checks to that local copy (just like backends to for requests).
Ok, but the way it is stated it could make one think we are on the safe 
side after that
copying. I would love to see some sort of the explanation like you gave 
in the
commit message then.
> Jan

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel