> On 11 Dec 2015, at 12:04 PM, P J P <ppan...@redhat.com> wrote:
>
> Hello Jason,
>
> +-- On Fri, 11 Dec 2015, Jason Wang wrote --+
> | I think it's possible for attacker. Better wait for Dmitry's answer for
> | this.
>
> Okay.
>
> | > + /* Verify if device is active */
> | > + if (s->device_active) {
> | > + VMW_CFPRN("Vmxnet3 device is active");
> | > + return;
> | > + }
> |
> | What if guest want to activate a paused device?
>
> There is a 'resume' operation defined below.
>
> | > case VMXNET3_CMD_QUIESCE_DEV:
> | > - VMW_CBPRN("Set: VMXNET3_CMD_QUIESCE_DEV - pause the device");
> | > - vmxnet3_deactivate_device(s);
> | > + if (s->device_active & VMXNET3_DEV_ACTIVE) {
> | > + VMW_CBPRN("Set: VMXNET3_CMD_QUIESCE_DEV - pause the device");
> | > + vmxnet3_pause_device(s);
> | > + } else if (s->device_active & VMXNET3_DEV_PAUSE) {
> | > + VMW_CBPRN("Set: VMXNET3_CMD_QUIESCE_DEV - resume the
> device");
> | > + vmxnet3_resume_device(s);
> | > + }
> |
> | Not sure this is the correct behavior. Is there a link to the spec?
>
> I couldn't find a spec for vmxnet3; I referred the vmxnet3 kernel driver,
> which seems to implement suspend & resume functions.
Unfortunately the spec is not available.
The device was implemented using Linux/Windows drivers as references.
>
> ->
> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/drivers/net/vmxnet3/vmxnet3_drv.c
>
> In general, Ethernet documents talk about 'pause' frame mechanism to stop NIC
> from buffering more data, till it has space available to process more, when
> it
> resumes its operation.
>
> Thank you.
> --
> Prasad J Pandit / Red Hat Product Security Team
> 47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
