|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] Hypercalls from HVM guests
On 22 Apr 2006, at 16:16, Steve Ofsthun wrote: (1) is most important right now -- we should only permit the hypercalls we need, and audit any others before they are added to the list.OK, is a bitmap filter of the inbound requests sufficient? For this patch, I'll just filter every hypercall except HYPERVISOR_xen_version() and return ENOSYS? That would be okay, but also:1. VMMCALL_MAGIC needs to go, and be replaced by a first-class hypercall (HYPERVISOR_hvm_op maybe). Either by having an hvm-specific hypercall table, or by adding to the main jump table and have the hvm_op function itself bail on non-hvm guests. 2. guest_handle_okay() should always return TRUE for an hvm guest3. get rid of the __user modifiers in your new functions in guest_access.h. We don't use those in Xen (except in a few files taken fairly directly from Linux). -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |