[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [virtio-dev] [PATCH v5 09/10] vhost-user: intercept slave's reply to VHOST_USER_GET_PROTOCOL_FEATURES
On Fri, Jul 17, 2020 at 06:37:11PM +0300, Nikos Dragazis wrote: > On 17/7/20 12:57 Î.Î., Stefan Hajnoczi wrote: > > On Mon, May 18, 2020 at 11:37:20PM +0300, Nikos Dragazis wrote: > > Why does the virtio-vhost-user device implementation need to silently > > clear those feature bits? Is there a security impact or some other > > reason why the VIRTIO spec should specify this behavior? > > In our setup, the slave cannot pass file descriptors to the master. > The easiest way to enforce this restriction is during feature > negotiation. The virtio-vhost-user device will mask the unsupported > feature bits and, therefore, the master will not enable these feature > bits on the slave. I see. It stood out because the spec could simply forbid using those bits instead of mandating that they be silently clearer at runtime. I think there's no harm in clearing them at runtime and it may make device emulation slightly simpler. So this sounds fine. Thanks, Stefan
Attachment:
signature.asc
Description: PGP signature
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]