[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Device model operation hypercall (DMOP, re qemu depriv)

To: "Ian Jackson" <ian.jackson@xxxxxxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Wed, 03 Aug 2016 10:18:59 -0600
Cc: StefanoStabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, David Vrabel <david.vrabel@xxxxxxxxxx>, Anthony Perard <anthony.perard@xxxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, dgdegra@xxxxxxxxxxxxx
Delivery-date: Wed, 03 Aug 2016 16:19:08 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

>>> On 03.08.16 at 18:10, <ian.jackson@xxxxxxxxxxxxx> wrote:
> George Dunlap writes ("Re: Device model operation hypercall (DMOP, re qemu 
> depriv)"):
>> So before qemu devpriv can be usable, *all* the HVMCTL operations would
>> need to be audited, and those that were deemed insecure would need to be
>> either fixed or removed.
> 
> Even worse, the bad HVMCTLs would be retrospectively turned into
> security-bugs-in-old-hypervisors.  I don't think this is tenable.

How would a bug in the respective current hvmop then not be a
security issue as well?

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] Device model operation hypercall (DMOP, re qemu depriv)
  - From: Ian Jackson

References:
- [Xen-devel] Device model operation hypercall (DMOP, re qemu depriv)
  - From: Ian Jackson
- Re: [Xen-devel] Device model operation hypercall (DMOP, re qemu depriv)
  - From: Jan Beulich
- Re: [Xen-devel] Device model operation hypercall (DMOP, re qemu depriv)
  - From: Wei Liu
- Re: [Xen-devel] Device model operation hypercall (DMOP, re qemu depriv)
  - From: Ian Jackson
- Re: [Xen-devel] Device model operation hypercall (DMOP, re qemu depriv)
  - From: Jan Beulich
- Re: [Xen-devel] Device model operation hypercall (DMOP, re qemu depriv)
  - From: Ian Jackson
- Re: [Xen-devel] Device model operation hypercall (DMOP, re qemu depriv)
  - From: Jan Beulich
- Re: [Xen-devel] Device model operation hypercall (DMOP, re qemu depriv)
  - From: George Dunlap
- Re: [Xen-devel] Device model operation hypercall (DMOP, re qemu depriv)
  - From: Ian Jackson

Prev by Date: [Xen-devel] [xen-unstable-smoke test] 99926: tolerable all pass - PUSHED
Next by Date: Re: [Xen-devel] [PATCH RFC 01/12] x86/paging: introduce paging_set_allocation
Previous by thread: Re: [Xen-devel] Device model operation hypercall (DMOP, re qemu depriv)
Next by thread: Re: [Xen-devel] Device model operation hypercall (DMOP, re qemu depriv)
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.