|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] Re: xsm: Consolidate xsm processing within domain control hypercall.
On 04/12/07 16:54 -0500, George S. Coker, II wrote: > > > > >> 2) This will also impose on the security modules the responsibility to > >> acquire and hold locks on hypervisor resources. It would seem dangerous to > >> give modules this responsibility. > > > > I don't see it, the locking logic is still the same. Can you show me > > where the module needs to acquire locks differently than without the > > patch? > > > It's not that the locking logic is different. A security module may be > sloppy about its locking and cause Xen to crash without specifically > indicating a flaw in the security module. > > Getting locks right is tricky business, it would seem the Xen would want the > responsibility for the locking of resources to avoid the ills of race > conditions, etc. I agree with your comments, but I don't think the patch changes locking at all. If I'm wrong I agree that's a problem. Mike -- Mike D. Day IBM LTC Cell: 919 412-3900 Sametime: ncmike@xxxxxxxxxx AIM: ncmikeday Yahoo: ultra.runner PGP key: http://www.ncultra.org/ncmike/pubkey.asc _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |