|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Ping: [PATCH] XSA-77: widen scope again
On 06/05/16 09:12, Jan Beulich wrote: >>>> On 29.04.16 at 11:35, <JBeulich@xxxxxxxx> wrote: >> As discussed on the hackathon, avoid us having to issue security >> advisories for issues affecting only heavily disaggregated tool stack >> setups, which no-one appears to use (or else they should step up to get >> things into shape). >> >> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> > > Ping? > >> --- >> As we want to retain supported status of stubdom qemu: Does qemu use >> any others when use in a stub domain? >> >> --- a/docs/misc/xsm-flask.txt >> +++ b/docs/misc/xsm-flask.txt >> @@ -59,68 +59,16 @@ http://www.xenproject.org/security-polic >> >> __HYPERVISOR_domctl (xen/include/public/domctl.h) >> >> - The following subops are covered by this statement. subops not listed >> - here are considered safe for disaggregation. >> + All subops except for the following are covered by this statement. Sorry I'm just getting to this -- I think the wording is a bit unclear here. The previous wording made it clear what "covered by this statement" means -- i.e., "subops not listed here are considered safe for disaggregation". Maybe something like this: "All subops except the following are covered by this statement. (That is, only the subops below are considered safe for disaggregation.)" >> >> - * XEN_DOMCTL_createdomain >> - * XEN_DOMCTL_destroydomain >> - * XEN_DOMCTL_getmemlist >> - * XEN_DOMCTL_setvcpuaffinity >> - * XEN_DOMCTL_shadow_op >> - * XEN_DOMCTL_max_mem >> - * XEN_DOMCTL_setvcpucontext >> - * XEN_DOMCTL_getvcpucontext >> - * XEN_DOMCTL_max_vcpus >> - * XEN_DOMCTL_scheduler_op >> - * XEN_DOMCTL_iomem_permission >> - * XEN_DOMCTL_gethvmcontext >> - * XEN_DOMCTL_sethvmcontext >> - * XEN_DOMCTL_set_address_size >> - * XEN_DOMCTL_assign_device >> - * XEN_DOMCTL_pin_mem_cacheattr >> - * XEN_DOMCTL_set_ext_vcpucontext >> - * XEN_DOMCTL_get_ext_vcpucontext >> - * XEN_DOMCTL_test_assign_device >> - * XEN_DOMCTL_set_target >> - * XEN_DOMCTL_deassign_device >> - * XEN_DOMCTL_get_device_group >> - * XEN_DOMCTL_set_machine_address_size >> - * XEN_DOMCTL_debug_op >> - * XEN_DOMCTL_gethvmcontext_partial >> - * XEN_DOMCTL_vm_event_op >> - * XEN_DOMCTL_mem_sharing_op >> - * XEN_DOMCTL_setvcpuextstate >> - * XEN_DOMCTL_getvcpuextstate >> - * XEN_DOMCTL_set_access_required >> - * XEN_DOMCTL_set_virq_handler >> - * XEN_DOMCTL_set_broken_page_p2m >> - * XEN_DOMCTL_setnodeaffinity >> - * XEN_DOMCTL_gdbsx_guestmemio >> + * XEN_DOMCTL_ioport_mapping >> + * XEN_DOMCTL_memory_mapping >> + * XEN_DOMCTL_bind_pt_irq >> + * XEN_DOMCTL_unbind_pt_irq >> >> __HYPERVISOR_sysctl (xen/include/public/sysctl.h) >> >> - The following subops are covered by this statement. subops not listed >> - here are considered safe for disaggregation. >> - >> - * XEN_SYSCTL_readconsole >> - * XEN_SYSCTL_tbuf_op >> - * XEN_SYSCTL_physinfo >> - * XEN_SYSCTL_sched_id >> - * XEN_SYSCTL_perfc_op >> - * XEN_SYSCTL_getdomaininfolist >> - * XEN_SYSCTL_debug_keys >> - * XEN_SYSCTL_getcpuinfo >> - * XEN_SYSCTL_availheap >> - * XEN_SYSCTL_get_pmstat >> - * XEN_SYSCTL_cpu_hotplug >> - * XEN_SYSCTL_pm_op >> - * XEN_SYSCTL_page_offline_op >> - * XEN_SYSCTL_lockprof_op >> - * XEN_SYSCTL_cputopoinfo >> - * XEN_SYSCTL_numainfo >> - * XEN_SYSCTL_cpupool_op >> - * XEN_SYSCTL_scheduler_op >> - * XEN_SYSCTL_coverage_op >> + All subops are covered by this statement. "... (That is, no subops are considered safe for disaggregation.)" -George _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |