|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] PV audio drivers for Linux
>-----Original Message----- >From: Jan Beulich [mailto:JBeulich@xxxxxxxx] >Sent: Wednesday, January 18, 2017 3:39 PM >To: Ughreja, Rakesh A <rakesh.a.ughreja@xxxxxxxxx> >Cc: xen-devel@xxxxxxxxxxxxx >Subject: Re: [Xen-devel] PV audio drivers for Linux > >>>> On 17.01.17 at 19:01, <rakesh.a.ughreja@xxxxxxxxx> wrote: >> When the buffer is allocated using __get_free_pages() on the DOM0 >> OS, I am able to grant the access using gnttab_grant_foreign_access() >> to DOM1 as well as I am able to map it in the DOM1 virtual space >> using xenbus_map_ring_valloc(). > >A more general remark here: The direction you do the granting is at >least unusual, and likely to have security implications. It should be >the frontend to allocate and grant the pages, and the backend to >map them. See the various existing frontend/backend pairs in the >Linux tree. > That's a very important point. Thanks. Can you describe what kind of security implications happen if we do the buffer allocation on the backend and grant the access to front end ? The buffer that I am talking about contains data that is received from DOM1 application. >Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |