Paolo Bonzini <pbonz...@redhat.com> writes: >> > We technically should save the addresses and sizes too. It makes >> > it a heck of a lot safer then re-reading guest memory since we do some >> > validation on the size of the sg elements. >> >> Not really. >> >> The guest puts the descriptors in the ring and leaves them there until >> the device acks. If it changes them once they're exposed but before >> they're acked, it can get either before or after version, and always >> could. > > The problems start when the guest tries to race against QEMU and defy > the validation. Always using the validated version is a bit easier > than redoing the validation after migration.
Exactly. Regards, Anthony Liguori > > Paolo