WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] Changing semantics of ioperm() on Xen x86-64?

from [Keir Fraser] [Permanent Link][Original]
To: Anthony Liguori <aliguori@xxxxxxxxxx>
Subject: Re: [Xen-devel] Changing semantics of ioperm() on Xen x86-64?
From: Keir Fraser <Keir.Fraser@xxxxxxxxxxxx>
Date: Wed, 19 Apr 2006 08:26:58 +0100
Cc: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Wed, 19 Apr 2006 00:33:02 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <44455F11.8080007@xxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <44455F11.8080007@xxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx 

On 18 Apr 2006, at 22:50, Anthony Liguori wrote:
As part of the Xen x86-64 Linux port, we've changed the ioperm() syscall to always modify the IOPL instead of actually modifying the IO bitmap in the TSS like we do on x86-32. Is there a particular reason for doing this?
I'm completely guessing here that this may allow us to avoid changing the TR when changing from user/kernel mode but that doesn't seem like that huge of a gain.
I don't expect that there are many apps that would rely on using ioperm to restrict access to only certain ranges of ports so I don't think this is a security problem but it still is a little discomforting.
As Ian said, x86/64 port took an old snap of the i386 port and has gone stale in quite a few ways. It needs some maintenance TLC. i386 did the same thing with ioperm() until io bitmap support was added to Xen. 

 -- Keir


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-devel] Re: [rfc] [patch] "frame number" size in hypercall ABI, Keir Fraser
Next by Date:  Re: [Xen-devel] Re: Quieten the hypervisor, Keir Fraser
Previous by Thread:  [Xen-devel] Changing semantics of ioperm() on Xen x86-64?, Anthony Liguori
Next by Thread:  RE: [Xen-devel] Changing semantics of ioperm() on Xen x86-64?, Ian Pratt
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy