From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:53865)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <prvs=9038031b6=wei.liu2@citrix.com>)
	id 1apyxi-0002LF-4z
	for qemu-devel@nongnu.org; Tue, 12 Apr 2016 10:06:43 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <prvs=9038031b6=wei.liu2@citrix.com>)
	id 1apyxd-00073b-6L
	for qemu-devel@nongnu.org; Tue, 12 Apr 2016 10:06:38 -0400
Received: from smtp02.citrix.com ([66.165.176.63]:40582)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <prvs=9038031b6=wei.liu2@citrix.com>)
	id 1apyxd-00073U-1W
	for qemu-devel@nongnu.org; Tue, 12 Apr 2016 10:06:33 -0400
Date: Tue, 12 Apr 2016 14:46:03 +0100
From: Wei Liu <wei.liu2@citrix.com>
Message-ID: <20160412134603.GC18652@citrix.com>
References: <1460457796-1779-1-git-send-email-wei.liu2@citrix.com>
	<1460457796-1779-3-git-send-email-wei.liu2@citrix.com>
	<570CF0B1.9070507@citrix.com> <570CFA45.7070504@citrix.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <570CFA45.7070504@citrix.com>
Subject: Re: [Qemu-devel] [Xen-devel] [PATCH v2 2/3] xenfb: move xen_rmb to
 the correct location
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Andrew Cooper <andrew.cooper3@citrix.com>
Cc: David Vrabel <david.vrabel@citrix.com>, Wei Liu <wei.liu2@citrix.com>, qemu-devel@nongnu.org, Anthony Perard <anthony.perard@citrix.com>, Xen-devel <xen-devel@lists.xenproject.org>, Stefano Stabellini <sstabellini@kernel.org>

On Tue, Apr 12, 2016 at 02:38:13PM +0100, Andrew Cooper wrote:
> On 12/04/16 13:57, David Vrabel wrote:
> > On 12/04/16 11:43, Wei Liu wrote:
> >> It should be placed before first time producer and consumer are used.
> > This change isn't necessary and is confusing as this is not what this
> > barrier is for.
> >
> > The barrier needs to be between the load of prod and the load of the
> > ring contents (there's even a comment that says this).  This pairs with
> > the corresponding write barrier between the store of the ring contents
> > and the store of prod (in the other end).
> 
> Looking further, this code will compile to multiple reads of the page,
> because there is no ACCESS_ONCE().  This code is still vulnerable to
> XSA-155.
> 

Oops, accidentally kicked over a can of worms. Should have just sent
patch 1. :-)

Jokes aside, more time is needed to fix this properly. So maybe we
should just upstream patch #1 first. Stefano? Anthony?

Wei.