Uploaded image for project: 'OASIS Virtual I/O Device (VIRTIO) TC'
  1. OASIS Virtual I/O Device (VIRTIO) TC
  2. VIRTIO-137

used len field requirements not documented clearly

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: virtio 1.0 cs02
    • Fix Version/s: virtio 1.0 cs03
    • Labels:
      None
    • Environment:

      Rusty Russell <rusty@au1.ibm.com>

      Description

      When debugging qemu (which gets this wrong), I noted that the used ring's len field is only documented as follows:

      \field

      {len}

      the total of bytes written into the buffer.

      Followed by a (presumably non-normative) note:
      ... is extremely useful for drivers using untrusted buffers: if you do not know exactly how much has been written by the device, you usually have to zero the buffer to ensure no data leakage occurs.

      There is thus an implication that 'len' indicates the amount which was definitely overwritten by the device, but it should be clearly spelled out (such as what happens in the error case where the device may not know how much was actually overwritten).

        Attachments

          Activity

            People

            • Assignee:
              rusty Rusty Russell (Inactive)
              Reporter:
              rusty Rusty Russell (Inactive)
            • Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: