[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2 2/2] xen/physmap: Do not permit a guest to populate PoD pages for itself

>>> On 19.08.16 at 18:00, <andrew.cooper3@xxxxxxxxxx> wrote:
> PoD is supposed to be entirely transparent to guest, but this interface has
> been left exposed for a long time.
> 
> The use of PoD requires careful co-ordination by the toolstack with the
> XENMEM_{get,set}_pod_target hypercalls, and xenstore ballooning target.  The
> best a guest can do without toolstack cooperation crash.
> 
> Furthermore, there are combinations of features (e.g. c/s c63868ff "libxl:
> disallow PCI device assignment for HVM guest when PoD is enabled") which a
> toolstack might wish to explicitly prohibit (in this case, because the two
> simply don't function in combination).  In such cases, the guest mustn't be
> able to subvert the configuration chosen by the toolstack.
> 
> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Acked-by: Jan Beulich <jbeulich@xxxxxxxx>


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.