[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [BUGFIX][PATCH v2 2/5] dbg_rw_guest_mem: need to call put_gfn in error path.
On Wed, 8 Jan 2014 02:30:24 +0000 Andrew Cooper <andrew.cooper3@xxxxxxxxxx> wrote: > On 08/01/2014 01:44, Mukesh Rathor wrote: > > On Wed, 8 Jan 2014 00:55:32 +0000 > > Andrew Cooper <andrew.cooper3@xxxxxxxxxx> wrote: > > > >> On 08/01/2014 00:25, Don Slutz wrote: > >>> Using a 1G hvm domU (in grub) and gdbsx: > >>> > > ..... > > > >> Ian (with RM hat on): > >> This is a hypervisor reference counting error on a toolstack > >> hypercall path. Irrespective of any of the other patches in this > >> series, I think this should be included ASAP (although probably > >> subject to review from a third person), which will fix the > >> hypervisor crashes from gdbsx usage. > > I remember long ago mentioning to our packaing team to make gdbsx > > root executible only. > > > > What would be a good place to document that gdbsx should be removed > > from production systems, and/or be made root executible only? > > > > thanks > > mukesh > > > > > > [root@idol ~]# ls -la /dev/xen/privcmd > crw-rw---- 1 root root 10, 57 Jan 7 11:48 /dev/xen/privcmd > > As currently stands (Linux 3.10), only root can open privcmd and issue > ioctls, so a non-root gdbsx process would presumably not function at > all. I am not sure that any documentation needs updating. Ah, right. I remember now... thats much better. At least, currently its not compromised with anyone able to run it. thanks Mukesh _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |