Re: [PATCH 2/3] public/io/netif.h: document control ring and toeplitz hashing

All of lore.kernel.org
 help / color / mirror / Atom feed

From: David Vrabel <david.vrabel@citrix.com>
To: Paul Durrant <Paul.Durrant@citrix.com>,
	"xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>
Cc: "Keir (Xen.org)" <keir@xen.org>, "Tim (Xen.org)" <tim@xen.org>,
	Ian Campbell <Ian.Campbell@citrix.com>,
	Jan Beulich <jbeulich@suse.com>,
	Ian Jackson <Ian.Jackson@citrix.com>
Subject: Re: [PATCH 2/3] public/io/netif.h: document control ring and toeplitz hashing
Date: Mon, 4 Jan 2016 11:28:39 +0000	[thread overview]
Message-ID: <568A5767.5010605@citrix.com> (raw)
In-Reply-To: <9AAE0902D5BC7E449B7C8E4E778ABCD02F71470F@AMSPEX01CL01.citrite.net>

On 04/01/16 11:21, Paul Durrant wrote:
>> -----Original Message-----
>> From: David Vrabel [mailto:david.vrabel@citrix.com]
>> Sent: 04 January 2016 11:18
>> To: Paul Durrant; xen-devel@lists.xenproject.org
>> Cc: Tim (Xen.org); Keir (Xen.org); Ian Campbell; Jan Beulich; Ian Jackson
>> Subject: Re: [Xen-devel] [PATCH 2/3] public/io/netif.h: document control
>> ring and toeplitz hashing
>>
>> On 04/01/16 11:14, Paul Durrant wrote:
>>>>>> You should use the standard ring format and infrastructure.
>>>>>
>>>>> Is there one for variable message size rings? I didn't find one. I
>>>>> don't want to use the fixed size balanced ring macros for control
>>>>> messages as fixed size messages really aren't appropriate in this case.
>>>>
>>>> Perhaps union the request/response message types with a uint8_t
>>>> pad[1024] and use this as the request/response type?
>>>>
>>>
>>> The problem is that this places a 1k limit on the message size,
>>> which
>>> is not there in the scheme I'm proposing. I'd rather not bake that limit
>>> in if I don't have to.
>>
>>>>>>> + * |                      req[1024]                |
>>                                  ^^^^^^^^^
>> Surely this limits your size to 1024 bytes?
> 
> No, I've already got prototype code that can pass 4k messages. Nothing in the protocol says the whole message has to fit in the buffer. In fact I've explicitly documented how to handle partial messages.

Then the standard ring infrastructure will work just fine.

>> Also if you need bigger messages you can grant those areas separately
>> and pass a grant ref through the ring, or you can chunk the message to
>> fit in several requests/responses.
> 
> Why go to that trouble to wedge a square peg into a round hole? What is the fundamental problem with what I've proposed that you want to avoid?

You've put the consumer values into the shared page. I'd rather not have
to scrutinize your shared ring implementation for other security bugs.
Similarly, if there's another security issues like XSA-155 I'd rather
not have to look at another non-standard shared ring implementation.

IMO, it's you who should be presenting compelling reasons for /not/
using the standard infrastructure, not the other way around.

David

next prev parent reply	other threads:[~2016-01-04 11:28 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-12-23 10:06 [PATCH 0/3] public/io/netif.h: support for toeplitz hashing Paul Durrant
2015-12-23 10:06 ` [PATCH 1/3] public/io/netif.h: document transmit and receive wire formats separately Paul Durrant
2015-12-23 10:06 ` [PATCH 2/3] public/io/netif.h: document control ring and toeplitz hashing Paul Durrant
2015-12-23 11:45   ` Andrew Cooper
2015-12-23 11:56     ` Paul Durrant
2015-12-23 13:27   ` David Vrabel
2016-01-04  9:37     ` Paul Durrant
2016-01-04 10:55       ` David Vrabel
2016-01-04 11:14         ` Paul Durrant
2016-01-04 11:18           ` David Vrabel
2016-01-04 11:21             ` Paul Durrant
2016-01-04 11:28               ` David Vrabel [this message]
2016-01-04 11:34                 ` Paul Durrant
2016-01-04 20:19                   ` Konrad Rzeszutek Wilk
2016-01-05  9:40                     ` Paul Durrant
2015-12-23 10:06 ` [PATCH 3/3] public/io/netif.h: document new extra info for passing hash values Paul Durrant

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=568A5767.5010605@citrix.com \
    --to=david.vrabel@citrix.com \
    --cc=Ian.Campbell@citrix.com \
    --cc=Ian.Jackson@citrix.com \
    --cc=Paul.Durrant@citrix.com \
    --cc=jbeulich@suse.com \
    --cc=keir@xen.org \
    --cc=tim@xen.org \
    --cc=xen-devel@lists.xenproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.