lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20131203163228.3313dff8@alan.etchedpixels.co.uk>
Date:	Tue, 3 Dec 2013 16:32:28 +0000
From:	One Thousand Gnomes <gnomes@...rguk.ukuu.org.uk>
To:	Julien Grall <julien.grall@...aro.org>
Cc:	xen-devel@...ts.xenproject.org, patches@...aro.org,
	linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
	Roger Pau Monne <roger.pau@...rix.com>,
	Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>,
	David Vrabel <david.vrabel@...rix.com>,
	Boris Ostrovsky <boris.ostrovsky@...cle.com>,
	Ian Campbell <ian.campbell@...rix.com>,
	Stefano Stabellini <stefano.stabellini@...citrix.com>
Subject: Re: [PATCH v2] xen/block: Correctly define structures in public
 headers on ARM32 and ARM64

> > How does the patch ensure new kernels on existing hypervisor versions
> > don't break ?
> 
> As Ian said on the thread "xen-block: correctly define structures in
> public headers" (see thread https://lkml.org/lkml/2013/12/3/155), the
> ABI is not yet fixed for ARM.

And if you are one of the existing users that helps how ?

> > 
> > What is the failure case given the alignment change seems potentially to
> > produce valid but incorrect I/O requests - can it cause corruption ?
> 
> The request ID will likely be wrong, so the guest won't accept the
> request. It should not corrupt the block device.

"Would likely" 

That seems joyously confident.

So at the very least your guest should deliberately issue a request which
will error if the ABI version mismatches, and at that point you know
which ABI to use so the guest can keep compatibility trivially.

> > It seems to me you should be defining
> > 
> > struct blkif_request_rw_v2
> > 
> > and using the correct version according to which API the hypervisor
> > requires, not just breaking it.
> 
> This API doesn't involve the hypervisor. It's only a way to talk between
> DOM0 and a guest. Without this change you will break compatibility with
> other OSes.

With this change you break compatibility between the existing OS's,new
guests and old DOM0 and vice versa.

If a request in old format is guaranteed to error in new format (or you
can construct one that will) then you can trivially support both APIs on
the guest side at least for a while. That will avoid regressions when
people mix versions and also mean you've got a much better ability to
find a bug if stuff breaks as you won't have to switch guest and dom0
together when debugging.

Alan


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ