[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH][P2M] add printk to NP PAE logic in p2m


On Tue, 2008-01-15 at 19:31 +0000, Keir Fraser wrote:
> If we add that printk() then it's on a path triggerable by an HVM guest (via
> the populate_physmap hypercall, for example) and there is a potential DoS
> attack. The need to modify the Xen command line to enable NPT on PAE
> hypervisor should really be caveat enough anyway.

Hardly, there's no reason at all for a user to assume that enabling NPT
in that situation will cause guest address spaces to be truncated.

Ideally we'd have a text message delivered back to the user on all
domain creations when this truncation happens.  A log message is
probably the minimum reasonable notification; truncating silently is a
pretty poor option.

There are plenty of solutions --- simply do the printk once per domain,
for example, or rate-limit it, or don't do it when the physmap is
populated but have a separate test at domain build time.  But truncating
silently seems to be one of the worst alternatives.


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.