[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 2/2] x86: don't allow clearing of TF_kernel_mode for other than 64-bit PV



>>> On 31.05.17 at 13:08, <andrew.cooper3@xxxxxxxxxx> wrote:
> On 31/05/17 08:15, Jan Beulich wrote:
>> The flag is really only meant for those, both HVM and 32-bit PV tell
>> kernel from user mode based on CPL/RPL. Remove the all-question-marks
>> comment and let's be on the safe side here and also suppress clearing
>> for 32-bit PV (this isn't a fast path after all).
>>
>> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
> 
> Wouldn't it just be safer to disallow starting a 64bit PV guest in user
> mode?
> 
> No real kernel would do such a thing, and keeping the corner case around
> is bad from an attack-surface point of view.

If it really was "starting a guest", I would probably agree. But we're
talking about starting a vCPU, and I could see uses for this (not the
least in XTF). After all the operation allows for enough state to be
set up such that further initialization inside the guest may not be
necessary.

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.