From: Xiao Guangrong <guangrong.xiao@linux.intel.com>
To: Stefan Hajnoczi <stefanha@redhat.com>
Cc: ehabkost@redhat.com, kvm@vger.kernel.org, mst@redhat.com,
gleb@kernel.org, Stefan Hajnoczi <stefanha@gmail.com>,
mtosatti@redhat.com, qemu-devel@nongnu.org, imammedo@redhat.com,
pbonzini@redhat.com, rth@twiddle.net
Subject: Re: [Qemu-devel] [PATCH v2 14/18] nvdimm: support NFIT_CMD_IMPLEMENTED function
Date: Mon, 31 Aug 2015 14:51:50 +0800 [thread overview]
Message-ID: <55E3F986.1020708@linux.intel.com> (raw)
In-Reply-To: <20150828120155.GO4917@stefanha-thinkpad.redhat.com>
On 08/28/2015 08:01 PM, Stefan Hajnoczi wrote:
> On Wed, Aug 26, 2015 at 06:46:35PM +0800, Xiao Guangrong wrote:
>> On 08/26/2015 12:23 AM, Stefan Hajnoczi wrote:
>>> On Fri, Aug 14, 2015 at 10:52:07PM +0800, Xiao Guangrong wrote:
>>>> static void dsm_write(void *opaque, hwaddr addr,
>>>> uint64_t val, unsigned size)
>>>> {
>>>> + struct MemoryRegion *dsm_ram_mr = opaque;
>>>> + struct dsm_buffer *dsm;
>>>> + struct dsm_out *out;
>>>> + void *buf;
>>>> +
>>>> assert(val == NOTIFY_VALUE);
>>>
>>> The guest should not be able to cause an abort(3). If val !=
>>> NOTIFY_VALUE we can do nvdebug() and then return.
>>
>> The ACPI code and emulation code both are from qemu, if that happens,
>> it's really a bug, aborting the VM is better than throwing a debug
>> message under this case to avoid potential data corruption.
>
> abort(3) is dangerous because it can create a core dump. If a malicious
> guest triggers this repeatedly it could consume a lot of disk space and
> I/O or CPU while performing the core dumps.
>
> We cannot trust anything inside the guest, even if the guest code comes
> from QEMU because a malicious guest can still read/write to the same
> hardware registers.
>
Completely agree with you. :)
How about use exit{1} instead of abort() to kill the VM?
next prev parent reply other threads:[~2015-08-31 6:57 UTC|newest]
Thread overview: 87+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-08-14 14:51 [Qemu-devel] [PATCH v2 00/18] implement vNVDIMM Xiao Guangrong
2015-08-14 14:51 ` [Qemu-devel] [PATCH v2 01/18] acpi: allow aml_operation_region() working on 64 bit offset Xiao Guangrong
2015-09-02 8:05 ` Igor Mammedov
2015-08-14 14:51 ` [Qemu-devel] [PATCH v2 02/18] i386/acpi-build: allow SSDT to operate on 64 bit Xiao Guangrong
2015-09-02 10:06 ` Igor Mammedov
2015-09-02 10:43 ` Xiao Guangrong
2015-09-02 11:42 ` Igor Mammedov
2015-09-06 7:01 ` Xiao Guangrong
2015-09-02 12:05 ` Michael S. Tsirkin
2015-08-14 14:51 ` [Qemu-devel] [PATCH v2 03/18] acpi: add aml_derefof Xiao Guangrong
2015-09-02 10:16 ` Igor Mammedov
2015-09-02 10:38 ` Xiao Guangrong
2015-08-14 14:51 ` [Qemu-devel] [PATCH v2 04/18] acpi: add aml_sizeof Xiao Guangrong
2015-09-02 10:18 ` Igor Mammedov
2015-09-02 10:39 ` Xiao Guangrong
2015-08-14 14:51 ` [Qemu-devel] [PATCH v2 05/18] acpi: add aml_create_field Xiao Guangrong
2015-09-02 11:10 ` Igor Mammedov
2015-09-06 5:32 ` Xiao Guangrong
2015-08-14 14:51 ` [Qemu-devel] [PATCH v2 06/18] pc: implement NVDIMM device abstract Xiao Guangrong
2015-08-25 14:57 ` Stefan Hajnoczi
2015-08-26 9:37 ` Xiao Guangrong
2015-09-02 9:58 ` Igor Mammedov
2015-09-02 10:36 ` Xiao Guangrong
2015-09-02 11:31 ` Igor Mammedov
2015-09-06 6:07 ` Xiao Guangrong
2015-09-07 13:40 ` Igor Mammedov
2015-09-08 14:03 ` Xiao Guangrong
2015-09-10 9:47 ` Igor Mammedov
2015-08-14 14:52 ` [Qemu-devel] [PATCH v2 07/18] nvdimm: reserve address range for NVDIMM Xiao Guangrong
2015-08-25 15:12 ` Stefan Hajnoczi
2015-08-26 9:39 ` Xiao Guangrong
2015-08-26 9:40 ` Xiao Guangrong
2015-08-25 15:39 ` Stefan Hajnoczi
2015-08-28 17:25 ` Eduardo Habkost
2015-08-31 7:01 ` Xiao Guangrong
2015-09-04 12:02 ` Igor Mammedov
2015-09-06 7:22 ` Xiao Guangrong
2015-08-14 14:52 ` [Qemu-devel] [PATCH v2 08/18] nvdimm: init backend memory mapping and config data area Xiao Guangrong
2015-08-25 16:03 ` Stefan Hajnoczi
2015-08-26 10:40 ` Xiao Guangrong
2015-08-28 11:58 ` Stefan Hajnoczi
2015-08-31 6:23 ` Xiao Guangrong
2015-09-01 9:14 ` Stefan Hajnoczi
2015-09-15 16:10 ` Paolo Bonzini
2015-09-17 8:39 ` Xiao Guangrong
2015-09-17 9:04 ` Igor Mammedov
2015-09-17 9:14 ` Xiao Guangrong
2015-09-17 9:34 ` Paolo Bonzini
2015-09-17 12:43 ` Xiao Guangrong
2015-09-15 16:07 ` Paolo Bonzini
2015-09-17 8:23 ` Xiao Guangrong
2015-09-15 16:06 ` Paolo Bonzini
2015-09-17 8:21 ` Xiao Guangrong
2015-09-07 14:11 ` Igor Mammedov
2015-09-08 13:38 ` Xiao Guangrong
2015-09-10 10:35 ` Igor Mammedov
2015-09-15 16:11 ` Paolo Bonzini
2015-08-14 14:52 ` [Qemu-devel] [PATCH v2 09/18] nvdimm: build ACPI NFIT table Xiao Guangrong
2015-09-15 16:12 ` Paolo Bonzini
2015-09-15 17:35 ` Igor Mammedov
2015-08-14 14:52 ` [Qemu-devel] [PATCH v2 10/18] nvdimm: init the address region used by DSM method Xiao Guangrong
2015-08-25 16:11 ` Stefan Hajnoczi
2015-08-26 10:41 ` Xiao Guangrong
2015-08-14 14:52 ` [Qemu-devel] [PATCH v2 11/18] nvdimm: build ACPI nvdimm devices Xiao Guangrong
2015-08-14 14:52 ` [Qemu-devel] [PATCH v2 12/18] nvdimm: save arg3 for NVDIMM device _DSM method Xiao Guangrong
2015-08-14 14:52 ` [Qemu-devel] [PATCH v2 13/18] nvdimm: build namespace config data Xiao Guangrong
2015-08-25 16:16 ` Stefan Hajnoczi
2015-08-26 10:42 ` Xiao Guangrong
2015-08-28 11:59 ` Stefan Hajnoczi
2015-08-31 6:25 ` Xiao Guangrong
2015-08-14 14:52 ` [Qemu-devel] [PATCH v2 14/18] nvdimm: support NFIT_CMD_IMPLEMENTED function Xiao Guangrong
2015-08-25 16:23 ` Stefan Hajnoczi
2015-08-26 10:46 ` Xiao Guangrong
2015-08-28 12:01 ` Stefan Hajnoczi
2015-08-31 6:51 ` Xiao Guangrong [this message]
2015-09-01 9:16 ` Stefan Hajnoczi
2015-08-14 14:52 ` [Qemu-devel] [PATCH v2 15/18] nvdimm: support NFIT_CMD_GET_CONFIG_SIZE function Xiao Guangrong
2015-08-25 16:24 ` Stefan Hajnoczi
2015-08-26 10:47 ` Xiao Guangrong
2015-08-14 14:52 ` [Qemu-devel] [PATCH v2 16/18] nvdimm: support NFIT_CMD_GET_CONFIG_DATA Xiao Guangrong
2015-08-14 14:52 ` [Qemu-devel] [PATCH v2 17/18] nvdimm: support NFIT_CMD_SET_CONFIG_DATA Xiao Guangrong
2015-08-14 14:52 ` [Qemu-devel] [PATCH v2 18/18] nvdimm: add maintain info Xiao Guangrong
2015-08-25 16:26 ` [Qemu-devel] [PATCH v2 00/18] implement vNVDIMM Stefan Hajnoczi
2015-08-26 10:49 ` Xiao Guangrong
2015-10-07 14:02 ` Stefan Hajnoczi
2015-10-07 14:43 ` Xiao Guangrong
2015-10-09 10:38 ` Stefan Hajnoczi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55E3F986.1020708@linux.intel.com \
--to=guangrong.xiao@linux.intel.com \
--cc=ehabkost@redhat.com \
--cc=gleb@kernel.org \
--cc=imammedo@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=mst@redhat.com \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=rth@twiddle.net \
--cc=stefanha@gmail.com \
--cc=stefanha@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).