|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] xenstored: allow guests to reintroduce themselves
On 09/08/2011 11:50, "Vincent Hanquez" <vincent.hanquez@xxxxxxxxxxxxx> wrote: > On 08/09/2011 11:14 AM, Keir Fraser wrote: >> On 09/08/2011 11:08, "Vincent Hanquez"<vincent.hanquez@xxxxxxxxxxxxx> >> wrote: >> >>>> xenstored: allow guests to reintroduce themselves >>>> >>>> During kexec all old watches have to be removed, otherwise the new >>>> kernel will receive unexpected events. Allow a guest to introduce itself >>>> and cleanup all of its watches. >>> >>> What about security wise ? >>> >>> Guest userspace suddenly becomes able to do this operation (and DoS >>> themself) >>> where they used to be limited to normal read/write/.. operations. >> >> Guest userspace can already DoS the guest if it has access to xenstore, by >> messing with xenbus I/O connections, for example. > > How so ? > It seems we validate userspace packets (at least on linux) before actually > putting them on the ring. I don't believe we filter which nodes can be written by userspace. So can just mess with things like the frontend connection state node for block/network connections, or whatever. Be imaginative -- there's no doubt lots of scope for screwing up xenbus connections by fooling around with the frontend state. If userspace connections to xenbus were not trusted, we'd need a lot more filtering than we have. -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |