[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 3/3] x86/mm-locks: apply a bias to lock levels for current domain



>>> On 19.12.18 at 15:07, <andrew.cooper3@xxxxxxxxxx> wrote:
> On 19/12/2018 13:55, George Dunlap wrote:
>> Yes, if someone uses XSM to bypass the IS_PRIV() functionality to give
>> one domain access over another, then the lock checking will trigger.
> 
> Noone should be able to trigger assertions in the hypervisor by simply
> editing the XSM policy.
> 
> This quite clearly demonstrates that the proposed logic isn't appropriate.

You could view it the other way around: Anyone who writes an
XSM policy violating assumptions in the hypervisor is shooting
themselves in the foot (read: introduces a bug). In particular I
don't think something like fuzzed XSM policies would make any
sense (which is no different to someone making random edits).

Jan



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.