[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH] XSA-77: widen scope again
As discussed on the hackathon, avoid us having to issue security advisories for issues affecting only heavily disaggregated tool stack setups, which no-one appears to use (or else they should step up to get things into shape). Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> --- As we want to retain supported status of stubdom qemu: Does qemu use any others when use in a stub domain? --- a/docs/misc/xsm-flask.txt +++ b/docs/misc/xsm-flask.txt @@ -59,68 +59,16 @@ http://www.xenproject.org/security-polic __HYPERVISOR_domctl (xen/include/public/domctl.h) - The following subops are covered by this statement. subops not listed - here are considered safe for disaggregation. + All subops except for the following are covered by this statement. - * XEN_DOMCTL_createdomain - * XEN_DOMCTL_destroydomain - * XEN_DOMCTL_getmemlist - * XEN_DOMCTL_setvcpuaffinity - * XEN_DOMCTL_shadow_op - * XEN_DOMCTL_max_mem - * XEN_DOMCTL_setvcpucontext - * XEN_DOMCTL_getvcpucontext - * XEN_DOMCTL_max_vcpus - * XEN_DOMCTL_scheduler_op - * XEN_DOMCTL_iomem_permission - * XEN_DOMCTL_gethvmcontext - * XEN_DOMCTL_sethvmcontext - * XEN_DOMCTL_set_address_size - * XEN_DOMCTL_assign_device - * XEN_DOMCTL_pin_mem_cacheattr - * XEN_DOMCTL_set_ext_vcpucontext - * XEN_DOMCTL_get_ext_vcpucontext - * XEN_DOMCTL_test_assign_device - * XEN_DOMCTL_set_target - * XEN_DOMCTL_deassign_device - * XEN_DOMCTL_get_device_group - * XEN_DOMCTL_set_machine_address_size - * XEN_DOMCTL_debug_op - * XEN_DOMCTL_gethvmcontext_partial - * XEN_DOMCTL_vm_event_op - * XEN_DOMCTL_mem_sharing_op - * XEN_DOMCTL_setvcpuextstate - * XEN_DOMCTL_getvcpuextstate - * XEN_DOMCTL_set_access_required - * XEN_DOMCTL_set_virq_handler - * XEN_DOMCTL_set_broken_page_p2m - * XEN_DOMCTL_setnodeaffinity - * XEN_DOMCTL_gdbsx_guestmemio + * XEN_DOMCTL_ioport_mapping + * XEN_DOMCTL_memory_mapping + * XEN_DOMCTL_bind_pt_irq + * XEN_DOMCTL_unbind_pt_irq __HYPERVISOR_sysctl (xen/include/public/sysctl.h) - The following subops are covered by this statement. subops not listed - here are considered safe for disaggregation. - - * XEN_SYSCTL_readconsole - * XEN_SYSCTL_tbuf_op - * XEN_SYSCTL_physinfo - * XEN_SYSCTL_sched_id - * XEN_SYSCTL_perfc_op - * XEN_SYSCTL_getdomaininfolist - * XEN_SYSCTL_debug_keys - * XEN_SYSCTL_getcpuinfo - * XEN_SYSCTL_availheap - * XEN_SYSCTL_get_pmstat - * XEN_SYSCTL_cpu_hotplug - * XEN_SYSCTL_pm_op - * XEN_SYSCTL_page_offline_op - * XEN_SYSCTL_lockprof_op - * XEN_SYSCTL_cputopoinfo - * XEN_SYSCTL_numainfo - * XEN_SYSCTL_cpupool_op - * XEN_SYSCTL_scheduler_op - * XEN_SYSCTL_coverage_op + All subops are covered by this statement. __HYPERVISOR_memory_op (xen/include/public/memory.h) Attachment:
xsa77-addendum.patch _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |