Xen project Mailing List

[Xen-devel] Ping: [PATCH] XSA-77: widen scope again

To: "Andrew Cooper" <andrew.cooper3@xxxxxxxxxx>, "Wei Liu" <wei.liu2@xxxxxxxxxx>, "George Dunlap" <George.Dunlap@xxxxxxxxxxxxx>, "Ian Jackson" <Ian.Jackson@xxxxxxxxxxxxx>, "Stefano Stabellini" <sstabellini@xxxxxxxxxx>, "Tim Deegan" <tim@xxxxxxx>

From: "Jan Beulich" <JBeulich@xxxxxxxx>

Date: Fri, 06 May 2016 02:12:02 -0600

Cc: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Fri, 06 May 2016 08:12:14 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

>>> On 29.04.16 at 11:35, <JBeulich@xxxxxxxx> wrote: > As discussed on the hackathon, avoid us having to issue security > advisories for issues affecting only heavily disaggregated tool stack > setups, which no-one appears to use (or else they should step up to get > things into shape). > > Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Ping? > --- > As we want to retain supported status of stubdom qemu: Does qemu use > any others when use in a stub domain? > > --- a/docs/misc/xsm-flask.txt > +++ b/docs/misc/xsm-flask.txt > @@ -59,68 +59,16 @@ http://www.xenproject.org/security-polic > > __HYPERVISOR_domctl (xen/include/public/domctl.h) > > - The following subops are covered by this statement. subops not listed > - here are considered safe for disaggregation. > + All subops except for the following are covered by this statement. > > - * XEN_DOMCTL_createdomain > - * XEN_DOMCTL_destroydomain > - * XEN_DOMCTL_getmemlist > - * XEN_DOMCTL_setvcpuaffinity > - * XEN_DOMCTL_shadow_op > - * XEN_DOMCTL_max_mem > - * XEN_DOMCTL_setvcpucontext > - * XEN_DOMCTL_getvcpucontext > - * XEN_DOMCTL_max_vcpus > - * XEN_DOMCTL_scheduler_op > - * XEN_DOMCTL_iomem_permission > - * XEN_DOMCTL_gethvmcontext > - * XEN_DOMCTL_sethvmcontext > - * XEN_DOMCTL_set_address_size > - * XEN_DOMCTL_assign_device > - * XEN_DOMCTL_pin_mem_cacheattr > - * XEN_DOMCTL_set_ext_vcpucontext > - * XEN_DOMCTL_get_ext_vcpucontext > - * XEN_DOMCTL_test_assign_device > - * XEN_DOMCTL_set_target > - * XEN_DOMCTL_deassign_device > - * XEN_DOMCTL_get_device_group > - * XEN_DOMCTL_set_machine_address_size > - * XEN_DOMCTL_debug_op > - * XEN_DOMCTL_gethvmcontext_partial > - * XEN_DOMCTL_vm_event_op > - * XEN_DOMCTL_mem_sharing_op > - * XEN_DOMCTL_setvcpuextstate > - * XEN_DOMCTL_getvcpuextstate > - * XEN_DOMCTL_set_access_required > - * XEN_DOMCTL_set_virq_handler > - * XEN_DOMCTL_set_broken_page_p2m > - * XEN_DOMCTL_setnodeaffinity > - * XEN_DOMCTL_gdbsx_guestmemio > + * XEN_DOMCTL_ioport_mapping > + * XEN_DOMCTL_memory_mapping > + * XEN_DOMCTL_bind_pt_irq > + * XEN_DOMCTL_unbind_pt_irq > > __HYPERVISOR_sysctl (xen/include/public/sysctl.h) > > - The following subops are covered by this statement. subops not listed > - here are considered safe for disaggregation. > - > - * XEN_SYSCTL_readconsole > - * XEN_SYSCTL_tbuf_op > - * XEN_SYSCTL_physinfo > - * XEN_SYSCTL_sched_id > - * XEN_SYSCTL_perfc_op > - * XEN_SYSCTL_getdomaininfolist > - * XEN_SYSCTL_debug_keys > - * XEN_SYSCTL_getcpuinfo > - * XEN_SYSCTL_availheap > - * XEN_SYSCTL_get_pmstat > - * XEN_SYSCTL_cpu_hotplug > - * XEN_SYSCTL_pm_op > - * XEN_SYSCTL_page_offline_op > - * XEN_SYSCTL_lockprof_op > - * XEN_SYSCTL_cputopoinfo > - * XEN_SYSCTL_numainfo > - * XEN_SYSCTL_cpupool_op > - * XEN_SYSCTL_scheduler_op > - * XEN_SYSCTL_coverage_op > + All subops are covered by this statement. > > __HYPERVISOR_memory_op (xen/include/public/memory.h) > _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.