Re: [Qemu-devel] Why I advise against using ivshmem

[Stefan Hajnoczi]

On Tue, Jun 17, 2014 at 11:44:11AM +0200, Paolo Bonzini wrote:
> Il 17/06/2014 11:03, David Marchand ha scritto:
> >>Unless someone steps up and maintains ivshmem, I think it should be
> >>deprecated and dropped from QEMU.
> >
> >Then I can maintain ivshmem for QEMU.
> >If this is ok, I will send a patch for MAINTAINERS file.
> 
> Typically, adding yourself to maintainers is done only after having proved
> your ability to be a maintainer. :)
> 
> So, let's stop talking and go back to code!  You can start doing what was
> suggested elsewhere in the thread: get the server and uio driver merged into
> the QEMU tree, document the protocol in docs/specs/ivshmem_device_spec.txt,
> and start fixing bugs such as the ones that Markus reported.

One more thing to add to the list:

static void ivshmem_read(void *opaque, const uint8_t * buf, int flags)

The "flags" argument should be "size".  Size should be checked before
accessing buf.

Please also see the bug fixes in the following unapplied patch:
"[PATCH] ivshmem: fix potential OOB r/w access (#2)" by Sebastian Krahmer
https://lists.gnu.org/archive/html/qemu-devel/2014-04/msg03538.html

Stefan

pgpSuRUojeMZJ.pgp
Description: PGP signature