From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <yuanhan.liu@linux.intel.com>
Received: from mga14.intel.com (mga14.intel.com [192.55.52.115])
 by dpdk.org (Postfix) with ESMTP id 1C84A374F
 for <dev@dpdk.org>; Thu, 14 Jul 2016 03:39:55 +0200 (CEST)
Received: from fmsmga001.fm.intel.com ([10.253.24.23])
 by fmsmga103.fm.intel.com with ESMTP; 13 Jul 2016 18:39:54 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.28,360,1464678000"; d="scan'208";a="1006399820"
Received: from yliu-dev.sh.intel.com (HELO yliu-dev) ([10.239.67.162])
 by fmsmga001.fm.intel.com with ESMTP; 13 Jul 2016 18:39:53 -0700
Date: Thu, 14 Jul 2016 09:42:45 +0800
From: Yuanhan Liu <yuanhan.liu@linux.intel.com>
To: Rich Lane <rich.lane@bigswitch.com>
Cc: Ilya Maximets <i.maximets@samsung.com>, "dev@dpdk.org" <dev@dpdk.org>,
 Huawei Xie <huawei.xie@intel.com>, Dyasly Sergey <s.dyasly@samsung.com>,
 Heetae Ahn <heetae82.ahn@samsung.com>,
 Jianfeng Tan <jianfeng.tan@intel.com>,
 Stephen Hemminger <stephen@networkplumber.org>,
 Thomas Monjalon <thomas.monjalon@6wind.com>
Message-ID: <20160714014245.GB5146@yliu-dev.sh.intel.com>
References: <20160710131731.GS26521@yliu-dev.sh.intel.com>
 <20160711083825.GY26521@yliu-dev.sh.intel.com>
 <57836BE0.2070401@samsung.com>
 <20160711110503.GZ26521@yliu-dev.sh.intel.com>
 <5783876C.1050103@samsung.com>
 <20160712024305.GB26521@yliu-dev.sh.intel.com>
 <578485CC.8070809@samsung.com> <5785EEEF.3080400@samsung.com>
 <20160713084732.GH26521@yliu-dev.sh.intel.com>
 <CAGSMBPMVQK610UgAs4GgWK_ykhdNzPb-sS=2AnLL0BtcWv-UcQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAGSMBPMVQK610UgAs4GgWK_ykhdNzPb-sS=2AnLL0BtcWv-UcQ@mail.gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Subject: Re: [dpdk-dev] [PATCH] vhost: fix segfault on bad descriptor
	address.
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: patches and discussions about DPDK <dev.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Jul 2016 01:39:56 -0000

On Wed, Jul 13, 2016 at 08:54:08AM -0700, Rich Lane wrote:
> On Wednesday, July 13, 2016, Yuanhan Liu <yuanhan.liu@linux.intel.com> wrote:
> 
>     On Wed, Jul 13, 2016 at 10:34:07AM +0300, Ilya Maximets wrote:
>     > This scenario fixed somehow, I agree. But this patch still needed to
>     protect
>     > vhost from untrusted VM, from malicious or buggy virtio application.
>     > Maybe we could change the commit-message and resend this patch as a
>     > security enhancement? What do you think?
> 
>     Indeed, but I'm a bit concerned about the performance regression found
>     by Rich, yet I am not quite sure why it happens, though Rich claimed
>     that it seems to be a problem related to compiler.
> 
> 
> The workaround I suggested solves the performance regression. But even if it
> hadn't, this is a security fix that should be merged regardless of the
> performance impact.

Good point. Ilya, would you reword the commit log and resend based on
latest code?

	--yliu