[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 3/4] xen/arm: support vcpu_op hypercalls

To: Ian Campbell <Ian.Campbell@xxxxxxxxxx>
From: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>
Date: Tue, 23 Apr 2013 12:32:37 +0100
Cc: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>, "Tim \(Xen.org\)" <tim@xxxxxxx>, Stefano Stabellini <Stefano.Stabellini@xxxxxxxxxxxxx>
Delivery-date: Tue, 23 Apr 2013 11:32:56 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Tue, 9 Apr 2013, Ian Campbell wrote:
> On Thu, 2013-03-21 at 18:42 +0000, Stefano Stabellini wrote:
> 
> It's possible that we might want to restrict the available operations?
> e.g. remove VPCUOP_initialize/up if we are doing this via PSCI instead?
> 
> My concern is that there have been security bugs in VCPUOP_initialize on
> x86 in the past and if we don't have to expose that possibility on ARM
> lets not.

I think that restricting the vcpu_op available is a good idea. Smaller
the ABI, smaller the surface of attack.

However the resulting patch won't be extremely pretty (usually all
hypercalls go straight to common code).

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH 3/4] xen/arm: support vcpu_op hypercalls
  - From: Ian Campbell

References:
- Re: [Xen-devel] [PATCH 3/4] xen/arm: support vcpu_op hypercalls
  - From: Ian Campbell

Prev by Date: Re: [Xen-devel] [XenARM] [Xen-API] [Proposal] Additional mailing lists for specific purposes
Next by Date: Re: [Xen-devel] [PATCH V2 3/4] arm: allocate per-PCPU domheap pagetable pages
Previous by thread: Re: [Xen-devel] [PATCH 3/4] xen/arm: support vcpu_op hypercalls
Next by thread: Re: [Xen-devel] [PATCH 3/4] xen/arm: support vcpu_op hypercalls
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.