On 08.07.21 16:22, Konrad Rzeszutek Wilk wrote:
On Thu, Jul 08, 2021 at 02:43:42PM +0200, Juergen Gross wrote:Xen backends of para-virtualized devices can live in dom0 kernel, dom0 user land, or in a driver domain. This means that a backend might reside in a less trusted environment than the Xen core components, so a backend should not be able to do harm to a Xen guest (it can still mess up I/O data, but it shouldn't be able to e.g. crash a guest by other means or cause a privilege escalation in the guest).Unfortunately blkfront in the Linux kernel is fully trusting its backend. This series is fixing blkfront in this regard. It was discussed to handle this as a security problem, but the topic was discussed in public before, so it isn't a real secret.Wow. This looks like what Marek did .. in 2018! https://lists.xenproject.org/archives/html/xen-devel/2018-04/msg02336.html
Yes, seems to have been a similar goal.
Would it be worth crediting Marek?
I'm fine mentioning his patches, but I didn't know of his patches until having sent out V1 of my series. I'd be interested in learning why his patches haven't been taken back then. Juergen
OpenPGP_0xB0DE9DD628BF132F.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
