[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Is exposing shared_info to user-land secure?

To: "Xen-Devel (E-mail)" <xen-devel@xxxxxxxxxxxxxxxxxxx>
From: "Dan Magenheimer" <dan.magenheimer@xxxxxxxxxx>
Date: Fri, 1 Aug 2008 10:13:39 -0600
Delivery-date: Fri, 01 Aug 2008 09:15:13 -0700
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
Thread-index: Acjz8Y15ey1z2oZsTGWTFL6iUZbGKg==

Is it "safe" in a paravirtualized guest to expose shared_info
(at least read-only) to user-land?  That is, is there data
in shared_info that could be used by a malicious program to
compromise a guest OS (ignoring very complex side-channel
attacks anyway)?

We have apps that constantly do various time syscalls (e.g.
to gettimeofday()) and I'm thinking if vcpu_info(cpu)->time_info
was directly readable by an enterprise app, it could do
the time calculations itself and save the syscall overhead.

Comments?

Thanks,
Dan

===================================
Thanks... for the memory
I really could use more / My throughput's on the floor
The balloon is flat / My swap disk's fat / I've OOM's in store
Overcommitted so much
(with apologies to the late great Bob Hope)

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

Follow-Ups:
- Re: [Xen-devel] Is exposing shared_info to user-land secure?
  - From: Jeremy Fitzhardinge
- Re: [Xen-devel] Is exposing shared_info to user-land secure?
  - From: Keir Fraser

Prev by Date: [Xen-devel] Re: [Qemu-devel] [PATCH 4/7] xen: add framebuffer backend driver
Next by Date: [Xen-devel] Re: Ioemu-remote cannot support 3 disks.
Previous by thread: [Xen-devel] Re: [Qemu-devel] [PATCH 4/7] xen: add framebuffer backend driver
Next by thread: Re: [Xen-devel] Is exposing shared_info to user-land secure?
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.