subject:"\[Xen\-devel\] \[PATCH 1\/3\] xen\: mark pvscsi frontend request consumed only after last read"

Re: [Xen-devel] [PATCH 1/3] xen: mark pvscsi frontend request consumed only after last read

2015-01-30 Thread Juergen Gross

On 01/30/2015 12:47 PM, Jan Beulich wrote: On 30.01.15 at 12:21, wrote: @@ -734,11 +734,11 @@ static int scsiback_do_cmd_fn(struct vscsibk_info *info) if (!pending_req) return 1; - ring_req = RING_GET_REQUEST(ring, rc); + memc

Re: [Xen-devel] [PATCH 1/3] xen: mark pvscsi frontend request consumed only after last read

2015-01-30 Thread Jan Beulich

>>> On 30.01.15 at 12:21, wrote: > @@ -734,11 +734,11 @@ static int scsiback_do_cmd_fn(struct vscsibk_info *info) > if (!pending_req) > return 1; > > - ring_req = RING_GET_REQUEST(ring, rc); > + memcpy(&ring_req, RING_GET_REQUEST(ring,

[Xen-devel] [PATCH 1/3] xen: mark pvscsi frontend request consumed only after last read

2015-01-30 Thread Juergen Gross

A request in the ring buffer mustn't be read after it has been marked as consumed. Otherwise it might already have been reused by the frontend without violating the ring protocol. To avoid inconsistencies in the backend only work on a private copy of the request. This will ensure a malicious guest