Xen project Mailing List

Re: [Xen-devel] [PATCH] Unified shutdown code

To: "Cihula, Joseph" <joseph.cihula@xxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxx>

From: Keir Fraser <Keir.Fraser@xxxxxxxxxxxx>

Date: Tue, 11 Sep 2007 07:17:23 +0100

Cc: "Wang, Shane" <shane.wang@xxxxxxxxx>, "Wei, Gang" <gang.wei@xxxxxxxxx>

Delivery-date: Mon, 10 Sep 2007 23:13:18 -0700

List-id: Xen developer discussion <xen-devel.lists.xensource.com>

Thread-index: AcfxsZEip0g/k3RSRdWVCnLdnRf+DgCHIfGIAAaqfEAAFKnpuQ==

Thread-topic: [Xen-devel] [PATCH] Unified shutdown code

On 10/9/07 22:22, "Cihula, Joseph" <joseph.cihula@xxxxxxxxx> wrote: > But the purpose of centralizing it was so that the hook into sboot's > shutdown wouldn't need to be in multiple place. And the reason to hook > into sboot's shutdown (which also supports the halt action) even though > the system is being halt'ed is so that we don't leave some path that > allows the system to be subverted or misused while still having > privileged access to the TPM, etc. Why is Xen running a halt loop on every CPU any more exploitable than Xen running normal Xen code on every CPU? If every CPU is spinning on HLT with interrupts disabled then the only signals that will change state are things like NMI, INIT, reset? -- Keir > That said, I'm not aware of any exploitable conditions/paths/environment > when Xen is placed in a halt loop (at least none that JTAG users > wouldn't already have without waiting for the system to halt), so I > suppose that this extra bit of caution is not really necessary. But if > the EARLY_FAIL behavior gets changed back to halt, is there any harm? _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.