[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] XSA-300 Wording

To: xen-devel@xxxxxxxxxxxxxxxxxxxx
From: Doug Goldstein <cardoe@xxxxxxxxxx>
Date: Wed, 10 Jul 2019 09:39:57 -0500
Delivery-date: Wed, 10 Jul 2019 14:40:16 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Could we look at updating the wording of XSA-300 to make things a bitmore clear. I don't have exact wording suggestions but roughly some ofthe questions I've fielded are:

1. Impact should make it clear there are two issues here. So its really"and/or". Or a bulleted list.

2. Vulnerable Systems. "All versions of Linux are vulnerable" does thisapply to guests. Only reason that was asked is because the next sentencegoes on to discuss dom0. Are people that didn't pass a "dom0_mem=" on aPV dom0 vulnerable or not?

3. Mitigation. Is there no mitigation for PVH dom0's? There's somehandwaving around "sufficiently large". Large is subjective to folks. IfI operate with machines with 8GB of RAM day in and day out then mydefinition of "large" is different from someone that operates onmachines with 256GB of RAM day in and day out.

4. Resolution. There's two issues here (as the Impact should makeclear). Identify that the patch handles issue "#1" while issue "#2" isnot fixed yet.



I hope this is a reasonable request.

--

Doug


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Prev by Date: Re: [Xen-devel] [PATCH v3 00/35] Specific platform to run OVMF in Xen PVH and HVM guests
Next by Date: Re: [Xen-devel] [PATCH v3 1/6] xen/arm: extend device_tree_for_each_node
Previous by thread: [Xen-devel] [PATCH] x86: fix LOWMEM_PAGES constant
Next by thread: Re: [Xen-devel] [PATCH v3 1/6] xen/arm: extend device_tree_for_each_node
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.