On 14.07.2016 04:42, Yuanhan Liu wrote:

On Wed, Jul 13, 2016 at 08:54:08AM -0700, Rich Lane wrote:

quoted

On Wednesday, July 13, 2016, Yuanhan Liu [off-list ref] wrote:

    On Wed, Jul 13, 2016 at 10:34:07AM +0300, Ilya Maximets wrote:
    > This scenario fixed somehow, I agree. But this patch still needed to
    protect
    > vhost from untrusted VM, from malicious or buggy virtio application.
    > Maybe we could change the commit-message and resend this patch as a
    > security enhancement? What do you think?

    Indeed, but I'm a bit concerned about the performance regression found
    by Rich, yet I am not quite sure why it happens, though Rich claimed
    that it seems to be a problem related to compiler.


The workaround I suggested solves the performance regression. But even if it
hadn't, this is a security fix that should be merged regardless of the
performance impact.

Good point. Ilya, would you reword the commit log and resend based on
latest code?

OK.