[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2 2/2] xentoolcore_restrict_all: Implement for libxenevtchn

On 10/16/2017 11:55 AM, Ian Jackson wrote:

Ross Lagerwall writes ("[PATCH v2 2/2] xentoolcore_restrict_all: Implement for 
libxenevtchn"):

Signed-off-by: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>

...

  int osdep_evtchn_open(xenevtchn_handle *xce);
diff --git a/tools/libs/toolcore/include/xentoolcore.h 
b/tools/libs/toolcore/include/xentoolcore.h
index be6c570..ef9c670 100644
--- a/tools/libs/toolcore/include/xentoolcore.h
+++ b/tools/libs/toolcore/include/xentoolcore.h
@@ -31,11 +31,6 @@
   * Arranges that Xen library handles (fds etc.) which are currently held
   * by Xen libraries, can no longer be used other than to affect domid.
   *
- * Does not prevent effects that amount only to
- *   - denial of service, possibly host-wide, by resource exhaustion etc.
- *   - leak of not-very-interesting metainformation about other domains
- *     eg, specifically, event channel signals relating to other domains


Are we sure that all possible resource exhaustion attacks are now
excluded ?



No, I'm not sure. I'll keep the first point for now.

--
Ross Lagerwall

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.