[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [XEN PATCH] tools/xl: Add device_model_stubdomain_init_seclabel option to xl.cfg
Andrew Cooper writes ("Re: [XEN PATCH] tools/xl: Add device_model_stubdomain_init_seclabel option to xl.cfg"): > On 23/07/2021 05:47, Scott Davis wrote: ... > > ret = libxl_flask_context_to_sid(ctx, s, strlen(s), > > > > &d_config->b_info.device_model_ssidref); > > + if (ret) { > > + if (errno == ENOSYS) { > > + LOGD(WARN, domid, > > + "XSM Disabled: device_model_stubdomain_init_seclabel > > not supported"); > > + ret = 0; > > Surely this wants to be a hard error? > > Not specifying a label is one thing, but specifying a label and having > it not take effect because code was compiled out of the hypervisor > sounds like a security hole. > > I see this is a pattern copied from elsewhere, but it seems very short > signed. I wonder if this is to try to make it possible to boot a system whose config specifies XSM labels but with XSM disabled. Marek, or someone, can you advise ? My initial thoughts are to agree with Andrew that ignoring this error seems to me to be a bad plan, but maybe there is a good reason. If we do want to improve this, maybe we need to update all the corresponding call sites. Thanks, Ian.
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |