Re: [Xen-devel] [PATCH 5/5] xen: Write CR0, CR3 and CR4 in arch_set_info_guest()

[Tamas K Lengyel <tamas.lengyel@xxxxxxxxxxxx>]

On Tue, May 19, 2015 at 3:45 PM, Jan Beulich <JBeulich@xxxxxxxx> wrote:
>>>> On 19.05.15 at 12:45, <tamas.lengyel@xxxxxxxxxxxx> wrote:
>> On Tue, May 19, 2015 at 12:31 PM, Jan Beulich <JBeulich@xxxxxxxx> wrote:
>>>>>> On 19.05.15 at 12:14, <tamas.lengyel@xxxxxxxxxxxx> wrote:
>>>> You can have a response flag for it to tell Xen to look at the
>>>> new_value. What I meant is why restrict the feature to be DENY only.
>>>> You might as well let the user choose the value he wants to see in the
>>>> register.
>>>
>>> Hmm, I don't think allowing the use to chose arbitrary values here
>>> is going to be the right direction.
>>
>> Care to elaborate why it would be a problem? The user would still have
>> to have knowledge about what value he sets the register as an
>> "arbitrary" value will crash the system most probably.
>
> Understood, but even that already seems too much of an intrusion
> into the guest. And then I'm worried about this introducing subtle
> security issues (perhaps due to bypassing some consistency checks),
> but this of course can be got under control if such overrides were to
> be injected strictly only at places where guest values are being used
> as inputs anyway.
>
> Jan

I guess for now it's fine to have only the "deny" method as that would
make the most sense for CR0/CR4 in case something tries to disable
protective features like SMEP/SMAP. This extra feature for setting
event-listener provided value for the register in response to a write
event would probably make sense only for CR3 (if for any). If it's too
much of a change to how things are wired up right now we can skip it
and revisit it in the future when the need for it arises.

Cheers,
Tamas

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel