[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 5/5] xen: Write CR0, CR3 and CR4 in arch_set_info_guest()



>>> On 19.05.15 at 12:45, <tamas.lengyel@xxxxxxxxxxxx> wrote:
> On Tue, May 19, 2015 at 12:31 PM, Jan Beulich <JBeulich@xxxxxxxx> wrote:
>>>>> On 19.05.15 at 12:14, <tamas.lengyel@xxxxxxxxxxxx> wrote:
>>> You can have a response flag for it to tell Xen to look at the
>>> new_value. What I meant is why restrict the feature to be DENY only.
>>> You might as well let the user choose the value he wants to see in the
>>> register.
>>
>> Hmm, I don't think allowing the use to chose arbitrary values here
>> is going to be the right direction.
> 
> Care to elaborate why it would be a problem? The user would still have
> to have knowledge about what value he sets the register as an
> "arbitrary" value will crash the system most probably.

Understood, but even that already seems too much of an intrusion
into the guest. And then I'm worried about this introducing subtle
security issues (perhaps due to bypassing some consistency checks),
but this of course can be got under control if such overrides were to
be injected strictly only at places where guest values are being used
as inputs anyway.

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.