From: Paolo Bonzini <pbonzini@redhat.com>
To: Hannes Reinecke <hare@suse.de>
Cc: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>,
zwanp@cn.ibm.com, linuxram@us.ibm.com, qemu-devel@nongnu.org,
virtualization@lists.linux-foundation.org,
Cong Meng <mc@linux.vnet.ibm.com>, Christoph Hellwig <hch@lst.de>
Subject: Re: [PATCH 1/2 v1] blkdrv: Add queue limits parameters for sg block drive
Date: Fri, 24 Aug 2012 11:14:33 +0200 [thread overview]
Message-ID: <503745F9.2020709@redhat.com> (raw)
In-Reply-To: <50375AD6.8060203@suse.de>
Il 24/08/2012 12:43, Hannes Reinecke ha scritto:
> Hehe. So finally someone else stumbled across this one.
>
> All is fine and dandy as long as you're able to use scsi-disk.
> As soon as you're forced to use scsi-generic we're in trouble.
>
> With scsi-generic we actually have two problems:
> 1) scsi-generic just acts as a pass-through and passes the commands
> as-is, including the scatter-gather information as formatted by
> the guest. So the guest could easily format an SG_IO comand
> which will not be compatible with the host.
> 2) The host is not able to differentiate between a malformed
> SG_IO command and a real I/O error; in both cases it'll return
> -EIO.
>
> So we can fix this by either
> a) ignore (as we do nowadays :-)
> b) Fixup scsi-generic to inspect and modify SG_IO information
> to ensure the host-limits are respected
That's what scsi-block already does.
Perhaps sooner or later we will need a scsi-tape? That would be fine.
> Yes, it's painful. But in the long run we'll have to do an SG_IO
> inspection anyway, otherwise we'll always be susceptible to malicious
> SG_IO attacks.
I would like to do this in the kernel using BPF. I posted a possible
spec at
http://www.redhat.com/archives/libvir-list/2012-June/msg00505.html but
the response was, ehm, underwhelming.
Paolo
next prev parent reply other threads:[~2012-08-24 9:14 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-08-21 8:23 [PATCH 1/2 v1] blkdrv: Add queue limits parameters for sg block drive Cong Meng
2012-08-21 8:23 ` [PATCH 2/2 v1] virtio-scsi: set per-LUN queue limits for sg devices Cong Meng
2012-08-21 9:56 ` Stefan Hajnoczi
2012-08-21 8:48 ` [PATCH 1/2 v1] blkdrv: Add queue limits parameters for sg block drive Paolo Bonzini
2012-08-21 9:41 ` Cong Meng
2012-08-21 9:52 ` Stefan Hajnoczi
2012-08-21 10:14 ` Paolo Bonzini
2012-08-22 11:04 ` Cong Meng
2012-08-22 12:09 ` Paolo Bonzini
2012-08-22 13:13 ` Stefan Hajnoczi
2012-08-22 14:13 ` Paolo Bonzini
2012-08-23 9:31 ` Cong Meng
2012-08-23 10:03 ` Paolo Bonzini
2012-08-23 10:08 ` Stefan Hajnoczi
2012-08-23 10:52 ` Paolo Bonzini
2012-08-23 12:08 ` Stefan Hajnoczi
2012-08-24 0:45 ` Nicholas A. Bellinger
[not found] ` <1345769101.10190.124.camel@haakon2.linux-iscsi.org>
2012-08-24 7:56 ` Paolo Bonzini
2012-08-24 10:43 ` Hannes Reinecke
2012-08-24 9:05 ` Stefan Hajnoczi
2012-08-24 9:14 ` Paolo Bonzini [this message]
2012-08-21 9:49 ` Stefan Hajnoczi
2012-08-21 18:31 ` [Qemu-devel] " Blue Swirl
2012-08-22 8:25 ` Stefan Hajnoczi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=503745F9.2020709@redhat.com \
--to=pbonzini@redhat.com \
--cc=hare@suse.de \
--cc=hch@lst.de \
--cc=linuxram@us.ibm.com \
--cc=mc@linux.vnet.ibm.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@linux.vnet.ibm.com \
--cc=virtualization@lists.linux-foundation.org \
--cc=zwanp@cn.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.