|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Is exposing shared_info to user-land secure?
I think it might be okay. One issue is that how to let the user-space process know what vcpu it is running on, so it can use the correct timestamp info in a way that is safe against preemption. Bear in mind that the user address space may be shared by multiple concurrent threads on different VCPUs! If you assume consistent-tsc across all CPUs then the task is easier, but I don't think we'll want to bake that assumption into guest kernels and their interface to user processes. -- Keir On 1/8/08 17:13, "Dan Magenheimer" <dan.magenheimer@xxxxxxxxxx> wrote: > Is it "safe" in a paravirtualized guest to expose shared_info > (at least read-only) to user-land? That is, is there data > in shared_info that could be used by a malicious program to > compromise a guest OS (ignoring very complex side-channel > attacks anyway)? > > We have apps that constantly do various time syscalls (e.g. > to gettimeofday()) and I'm thinking if vcpu_info(cpu)->time_info > was directly readable by an enterprise app, it could do > the time calculations itself and save the syscall overhead. > > Comments? > > Thanks, > Dan > > =================================== > Thanks... for the memory > I really could use more / My throughput's on the floor > The balloon is flat / My swap disk's fat / I've OOM's in store > Overcommitted so much > (with apologies to the late great Bob Hope) > _______________________________________________ > Xen-devel mailing list > Xen-devel@xxxxxxxxxxxxxxxxxxx > http://lists.xensource.com/xen-devel _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |