[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] KVM call for 2017-03-14
|
From: |
Peter Maydell |
|
Subject: |
Re: [Qemu-devel] KVM call for 2017-03-14 |
|
Date: |
Tue, 14 Mar 2017 11:39:58 +0100 |
On 14 March 2017 at 09:13, Stefan Hajnoczi <address@hidden> wrote:
> The minimum requirements for the new language:
> 3. Is it safer than C even when writing code to operate on guest RAM
> (i.e. it's no good if you must use unsafe primitives to do the
> systems programming tasks that QEMU requires)?
My impression is that many of our security vulnerabilities are
overflows in local arrays in the device emulation (for instance
good old VENOM), so I think that even if a candidate safer
language only provided bounds-checking on arrays it knew about
and not on raw guest RAM it would still be a significant
improvement. (Accesses to guest RAM are often via APIs that
we could add bounds-checks to "by hand" anyway.) So I wouldn't
consider this as a "minimum requirement", only a "nice to have".
thanks
-- PMM
- Re: [Qemu-devel] KVM call for 2017-03-14, (continued)
- Re: [Qemu-devel] KVM call for 2017-03-14, Alex Bennée, 2017/03/13
- Re: [Qemu-devel] KVM call for 2017-03-14, Juan Quintela, 2017/03/13
- Re: [Qemu-devel] KVM call for 2017-03-14, Stefan Hajnoczi, 2017/03/14
- Re: [Qemu-devel] KVM call for 2017-03-14, Peter Maydell, 2017/03/14
- Re: [Qemu-devel] KVM call for 2017-03-14, Juan Quintela, 2017/03/14
- Re: [Qemu-devel] KVM call for 2017-03-14, Peter Maydell, 2017/03/14
- Re: [Qemu-devel] KVM call for 2017-03-14, Markus Armbruster, 2017/03/14
- Re: [Qemu-devel] KVM call for 2017-03-14, Juan Quintela, 2017/03/14
- Re: [Qemu-devel] KVM call for 2017-03-14,
Peter Maydell <=
- Re: [Qemu-devel] KVM call for 2017-03-14, Paolo Bonzini, 2017/03/14
- Re: [Qemu-devel] KVM call for 2017-03-14, Thomas Huth, 2017/03/14