[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] mm/page_alloc: always scrub pages given to the allocator

>>> On 01.10.18 at 16:40, <sergey.dyasli@xxxxxxxxxx> wrote:
> On 01/10/18 12:13, Jan Beulich wrote:
>>>>> On 01.10.18 at 11:58, <sergey.dyasli@xxxxxxxxxx> wrote:
>>> After this patch, alloc_heap_pages() is guaranteed to return scrubbed
>>> pages to a caller unless MEMF_no_scrub flag was provided.
>> I also don't understand the point of this: Xen's internal allocations
>> have no need to come from scrubbed memory. This in particular
>> also puts under question the need to "eagerly scrub all allocated
>> pages during boot" (quoted from an earlier paragraph).
> There are ways to share a Xen's page with a guest. So from a security
> point of view, there is no guarantee that a page allocated with
> alloc_xenheap_pages() will not end up accessible by some guest.

But this is the exception, not the rule, and hence the code enabling
the sharing is responsible for initializing the page suitably.


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.