[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] xenstored: allow guests to reintroduce themselves

On 09/08/2011 11:08, "Vincent Hanquez" <vincent.hanquez@xxxxxxxxxxxxx>

>> xenstored: allow guests to reintroduce themselves
>> During kexec all old watches have to be removed, otherwise the new
>> kernel will receive unexpected events. Allow a guest to introduce itself
>> and cleanup all of its watches.
> What about security wise ?
> Guest userspace suddenly becomes able to do this operation (and DoS themself)
> where they used to be limited to normal read/write/.. operations.

Guest userspace can already DoS the guest if it has access to xenstore, by
messing with xenbus I/O connections, for example.

 -- Keir

> Also you're changing the C xenstored behavior without changing
> the OCaml one.

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.