|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] Re: DOMID_XEN and iomem_access_permitted
On 12/05/2010 21:45, "George Dunlap" <George.Dunlap@xxxxxxxxxxxxx> wrote: > Actually, setting up an empty rangeset for the "xen" domain might be > the best solution... it works no matter what the answers above are, > and has fewer special cases in the code. Looks like it would mainly > involve actually initializing the rangeset code even for dummy domains > in domian_create(). Yes, I'll patch it this way, thanks. > Second question: Is it possible for a domU to crash the host with this > bug? It looks like set_foreigndom() will only allow you to use > DOMID_XEN from domain 0. If the answer to question 1 above is "yes", > then I think we can safely say domU can't exploit this bug to cause a > denial-of-service attack. Unprivileged domains will be unable to obtain a reference to dom_xen. So this bug can only trigger from dom0. -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |