[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Re: DOMID_XEN and iomem_access_permitted

On 12/05/2010 21:45, "George Dunlap" <George.Dunlap@xxxxxxxxxxxxx> wrote:

> Actually, setting up an empty rangeset for the "xen" domain might be
> the best solution... it works no matter what the answers above are,
> and has fewer special cases in the code.  Looks like it would mainly
> involve actually initializing the rangeset code even for dummy domains
> in domian_create().

Yes, I'll patch it this way, thanks.

> Second question: Is it possible for a domU to crash the host with this
> bug?  It looks like set_foreigndom() will only allow you to use
> DOMID_XEN from domain 0.  If the answer to question 1 above is "yes",
> then I think we can safely say domU can't exploit this bug to cause a
> denial-of-service attack.

Unprivileged domains will be unable to obtain a reference to dom_xen. So
this bug can only trigger from dom0.

 -- Keir

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.