[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v2 14/18] nvdimm: support NFIT_CMD_IMPLEMENTED f
From: |
Stefan Hajnoczi |
Subject: |
Re: [Qemu-devel] [PATCH v2 14/18] nvdimm: support NFIT_CMD_IMPLEMENTED function |
Date: |
Fri, 28 Aug 2015 13:01:55 +0100 |
User-agent: |
Mutt/1.5.23 (2014-03-12) |
On Wed, Aug 26, 2015 at 06:46:35PM +0800, Xiao Guangrong wrote:
> On 08/26/2015 12:23 AM, Stefan Hajnoczi wrote:
> >On Fri, Aug 14, 2015 at 10:52:07PM +0800, Xiao Guangrong wrote:
> >> static void dsm_write(void *opaque, hwaddr addr,
> >> uint64_t val, unsigned size)
> >> {
> >>+ struct MemoryRegion *dsm_ram_mr = opaque;
> >>+ struct dsm_buffer *dsm;
> >>+ struct dsm_out *out;
> >>+ void *buf;
> >>+
> >> assert(val == NOTIFY_VALUE);
> >
> >The guest should not be able to cause an abort(3). If val !=
> >NOTIFY_VALUE we can do nvdebug() and then return.
>
> The ACPI code and emulation code both are from qemu, if that happens,
> it's really a bug, aborting the VM is better than throwing a debug
> message under this case to avoid potential data corruption.
abort(3) is dangerous because it can create a core dump. If a malicious
guest triggers this repeatedly it could consume a lot of disk space and
I/O or CPU while performing the core dumps.
We cannot trust anything inside the guest, even if the guest code comes
from QEMU because a malicious guest can still read/write to the same
hardware registers.
Stefan
- Re: [Qemu-devel] [PATCH v2 08/18] nvdimm: init backend memory mapping and config data area, (continued)
- [Qemu-devel] [PATCH v2 09/18] nvdimm: build ACPI NFIT table, Xiao Guangrong, 2015/08/14
- [Qemu-devel] [PATCH v2 12/18] nvdimm: save arg3 for NVDIMM device _DSM method, Xiao Guangrong, 2015/08/14
- [Qemu-devel] [PATCH v2 10/18] nvdimm: init the address region used by DSM method, Xiao Guangrong, 2015/08/14
- [Qemu-devel] [PATCH v2 11/18] nvdimm: build ACPI nvdimm devices, Xiao Guangrong, 2015/08/14
- [Qemu-devel] [PATCH v2 14/18] nvdimm: support NFIT_CMD_IMPLEMENTED function, Xiao Guangrong, 2015/08/14
[Qemu-devel] [PATCH v2 13/18] nvdimm: build namespace config data, Xiao Guangrong, 2015/08/14
[Qemu-devel] [PATCH v2 17/18] nvdimm: support NFIT_CMD_SET_CONFIG_DATA, Xiao Guangrong, 2015/08/14
[Qemu-devel] [PATCH v2 16/18] nvdimm: support NFIT_CMD_GET_CONFIG_DATA, Xiao Guangrong, 2015/08/14
[Qemu-devel] [PATCH v2 18/18] nvdimm: add maintain info, Xiao Guangrong, 2015/08/14
[Qemu-devel] [PATCH v2 15/18] nvdimm: support NFIT_CMD_GET_CONFIG_SIZE function, Xiao Guangrong, 2015/08/14