On Wed, Sep 07, 2016 at 05:20:46PM +0200, Ladi Prosek wrote: > It is not > necessary to check balloon_stats_supported. Pushing buffers without > negotiating stats support would be a driver bug. The common codepath > does not check it either.
This part made me nervous because QEMU is never allowed to trust the guest - QEMU must never crash or expose information to the guest. However this seems okay since virtqueue_rewind() on an unused virtqueue is safe. It will return false so we'll never actually try to access a virtqueue that hasn't been initialized. Stefan
signature.asc
Description: PGP signature
