On Wed, 2012-06-20 at 16:21 -0500, Anthony Liguori wrote: > Again, you return an error but ignore it now. > > In the very least, on error you should scrub the passed in buffer to avoid > leaking data to the guest. > > You can imagine a malicious guest programming the IOMMU with invalid mappings > and then doing DMA operations in order to read memory from the host QEMU > process.
Cleaning the buffer is easy, I'll add that. Returning an error sounds non-trivial with the current interface. Cheers, Ben.
