[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] xen: Add RING_COPY_RESPONSE()

On 05/02/2018 10:19 AM, Jan Beulich wrote:
On 02.05.18 at 07:29, <andr2000@xxxxxxxxx> wrote:
On 05/01/2018 12:54 AM, Marek Marczykowski-Górecki wrote:
Using RING_GET_RESPONSE() on a shared ring is easy to use incorrectly
(i.e., by not considering that the other end may alter the data in the
shared ring while it is being inspected).  Safe usage of a response
generally requires taking a local copy.
I do not agree with that. Copying still doesn't make all the above safe
as nothing prevents the backend from overwriting the response while
frontend makes its local copy.
But that's not the point here: What the frontend wants is a single, consistent
(i.e. not further changing) view of the response, i.e. avoid the multiple reads
issue addressed in XSA-155 for backends. Once it has that, it could still apply
(sanity) checks to that local copy (just like backends to for requests).
Ok, but the way it is stated it could make one think we are on the safe side after that copying. I would love to see some sort of the explanation like you gave in the
commit message then.

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.