On 06/12/2019 11:32, Jan Beulich wrote: > On 06.12.2019 11:25, Andrew Cooper wrote: >> On 06/12/2019 10:14, Jan Beulich wrote: >>> It is wrong for us to check frames beyond the guest specified limit. >>> >>> Signed-off-by: Jan Beulich <jbeul...@suse.com> >> I don't completely agree. The code has been like this since it was >> introduced, and is used to check data from the domain builder (inc >> migration), and from the guests. >> >> At the moment, every caller is required not to pass junk in unused >> frames, and I don't see an issue with keeping this behaviour. > Keeping the behavior isn't going to break anything, yes, but it > shouldn't have been this way to begin with. I simply don't see > the value of validating data we're not consuming anyway. Perhaps > I could say "not helpful" or "pointless" instead of "wrong" ...
But in other cases we go out of our way to check parameters (especially reserved fields) even when they aren't presently consumed. i.e. what do we gain (other than more complicated code) by relaxing a restriction we know is obeyed by every caller? ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
