lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1f59f9753bec413888cc96972e0f2dd2@BY2PR03MB299.namprd03.prod.outlook.com>
Date:	Thu, 9 Jan 2014 21:05:05 +0000
From:	KY Srinivasan <kys@...rosoft.com>
To:	Dan Carpenter <dan.carpenter@...cle.com>
CC:	"olaf@...fle.de" <olaf@...fle.de>,
	"gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
	"jasowang@...hat.com" <jasowang@...hat.com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"apw@...onical.com" <apw@...onical.com>,
	"devel@...uxdriverproject.org" <devel@...uxdriverproject.org>
Subject: RE: [PATCH 1/1] Drivers: hv: Implement the file copy service



> -----Original Message-----
> From: Dan Carpenter [mailto:dan.carpenter@...cle.com]
> Sent: Thursday, January 09, 2014 12:09 PM
> To: KY Srinivasan
> Cc: olaf@...fle.de; gregkh@...uxfoundation.org; jasowang@...hat.com; linux-
> kernel@...r.kernel.org; apw@...onical.com; devel@...uxdriverproject.org
> Subject: Re: [PATCH 1/1] Drivers: hv: Implement the file copy service
> 
> We've had this discussion before where you urge me to trust the host...

I am just implementing the protocol specification given by the host. If I cannot trust the
specified protocol, I am not sure what else can be done here. 

> 
>  Problem: This code is racy.
> Solution: The host will only send one message at a time.

The code is not racy given the protocol that is specified. While I could have 
blindly trusted the host, this driver code actually reads only one packet at a time.
When we get a transaction from the host, we do not process any more transactions until
the current transaction is fully processed. So what is the race condition here?

> 
> Now I have to audit the user space code on the host and I don't feel
> like doing that so you win.

I don't think you need to audit any code.

> 
> I wish we had a better way to do IPC.  If kdbus were ready, that might
> have worked for this, and it's a better solution because both sender and
> reciever code will be written in a less trusting way.

I am not sure how kdbus would help you here. We are talking about communicating
between the host and the guest here. 

K. Y
> 
> regards,
> dan carpenter

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ