[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] xsplice: Use ld-embedded build-ids

To: Martin Pohlack <mpohlack@xxxxxxxxxx>
From: Konrad Rzeszutek Wilk <konrad@xxxxxxxxxx>
Date: Tue, 15 Sep 2015 14:38:12 -0400
Cc: elena.ufimtseva@xxxxxxxxxx, Jeremy Fitzhardinge <jeremy@xxxxxxxx>, hanweidong@xxxxxxxxxx, Martin Pohlack <mpohlack@xxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>, john.liuqiming@xxxxxxxxxx, paul.voccio@xxxxxxxxxxxxx, Daniel Kiper <daniel.kiper@xxxxxxxxxx>, major.hayden@xxxxxxxxxxxxx, liuyingdong@xxxxxxxxxx, aliguori@xxxxxxxxxx, xiantao.zxt@xxxxxxxxxxxxxxx, steven.wilson@xxxxxxxxxxxxx, peter.huangpeng@xxxxxxxxxx, Matt Wilson <msw@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, rick.harris@xxxxxxxxxxxxx, josh.kearney@xxxxxxxxxxxxx, jinsong.liu@xxxxxxxxxxxxxxx, amesserl@xxxxxxxxxxxxx, dslutz@xxxxxxxxxxx, fanhenglong@xxxxxxxxxx, Bjoern Doebel <doebel@xxxxxxxxx>
Delivery-date: Tue, 15 Sep 2015 18:38:45 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Fri, Aug 14, 2015 at 9:57 AM, Martin Pohlack <mpohlack@xxxxxxxxxx> wrote:
> On 14.08.2015 15:54, Jan Beulich wrote:
>>>>> On 14.08.15 at 14:59, <mpohlack@xxxxxxxxxx> wrote:
>>> On 11.08.2015 16:12, Jan Beulich wrote:
>>>>>>> On 05.08.15 at 16:09, <mpohlack@xxxxxxxxx> wrote:
>>>>> Todo:
>>>>>   * Should be moved to sysctl to only allow Dom0 access
>>>>
>>>> Because of?
>>>
>>> The discussion in this thread:
>>>
>>> [Xen-devel] [RFC PATCH v3.1 2/2] xsplice: Add hook for build_id
>>>
>>> was:
>>> ----------------------------------------------------------------------
>>>>> Martin Pohlack:
>>>>> We should not expose the build_id to normal guests, but only to Dom0.
>>>>>
>>>>> A build_id uniquely identifies a specific build and I don't see how that
>>>>> information would be required from DomU.  It might actually help an
>>>>> attacker to build his return-oriented programming exploit against a
>>>>> specific build.
>>>>>
>>>>> The normal version numbers should be enough to know about capabilities
>>>>> and API.
>>>>
>>>> Andrew Cooper:
>>>>
>>>> It will need its own XSM hook, but need not be strictly limited to just
>>>> dom0.
>>> ----------------------------------------------------------------------
>>
>> So I'm confused - I asked "why Dom0 only" and then you point me to
>> Andrew saying it doesn't need to be Dom0 only?
>
> Sorry about that, my (not expressed) thinking was that we should
> restrict that to Dom0 for the XSM-disabled case.
>

That may make this more complex.

If we want to restrict it to this we may as well just stick this in sysctl
and have it be part of the xsplice ops.

Let me do that.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Prev by Date: Re: [Xen-devel] [PATCH v2 for-4.6] libxl: handle read-only drives with qemu-xen
Next by Date: Re: [Xen-devel] PCI Pass-through in Xen ARM: Draft 4
Previous by thread: [Xen-devel] [xen-4.4-testing test] 61925: regressions - FAIL
Next by thread: [Xen-devel] [xen-4.6-testing baseline-only test] 37929: tolerable FAIL
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.