[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Solo5 security features

  • To: mirageos-devel@xxxxxxxxxxxxxxxxxxxx
  • From: Joe <joe@xxxxxxx>
  • Date: Fri, 5 Jan 2024 12:51:48 +0100
  • Delivery-date: Thu, 18 Jan 2024 16:14:28 +0000
  • Dkim-filter: OpenDKIM Filter v2.10.3 smtp1.servers.tyktech.dk A572A24D1
  • List-id: Developer list for MirageOS <mirageos-devel.lists.xenproject.org>
On 1/2/24 21:29, Thomas Gazagnaire wrote:

Hey there,

Do we have an up-to-date table of the defense-in-depth security features 
enforced by solo5 on the different targets?

So far I found:
- W^X: https://github.com/Solo5/solo5/issues/303 -> not sure exactly where this 
is enforced nowadays. The tests in https://github.com/Solo5/solo5/pull/363/files 
seems to say that this only works on spt?
https://github.com/Solo5/solo5/pull/447/files looks like hvt_openbsd also supports this. 

Also of note:
https://github.com/Solo5/solo5/blob/master/tenders/hvt/hvt_freebsd.c#L138

https://github.com/Solo5/solo5/blob/master/tenders/hvt/hvt_freebsd.c#L197-L227

https://github.com/Solo5/solo5/blob/master/tenders/hvt/hvt_kvm.c#L143-L144

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.