[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Regressed XSA-286, was [xen-unstable test] 161917: regressions - FAIL


  • To: Ian Jackson <iwj@xxxxxxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Thu, 17 Jun 2021 16:55:04 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=snjY5iWzuh79S0osSNQIhjAsOfAQ8PUKzjU2uTifn20=; b=d6varVBsflxLNoP3KLF8rDKD2Xu5poAuBOvFmIkCx/3i8RGo3cZulU86/2NIUOj3q1PtFy7gPv2oCJbhvmfY0hcCnqO0iNLG8h1FBhLrzxyvDRLJw58ERqaPvKXGc8Vev5ekJMWzHv/bAomNTqcc+mqzcd0Mb8EgLp7pWAVWYiptqmcy1GJHOgv7ErIggfgCjx5ggkBleDhUgLsZ1j/F3sGZbhg38/B32cNa+EB4u9O6+JrlrzKSflxHIHAEmLXAM9fvk9CT915KrX2BNsRA8xbG9c/DZEO1CMKK/cB3MD6fPdhWpvy6eYEF57RmKur4kbdOyxWiaeidVlZIpyUI3Q==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=b8huagoByWlKxedsteWAmN4ibuRYtzuqqmmt5/Jd92bGwgyPjcESP1kBmudD+WLXvwkopONnZhKV/zzYD5g6FJyebrN38/xhgV9nM0e9obhY8FiHgSNnFM3p/CkbIWuGNa1XjaMUGCB6kmuJmKC52LjyjMJ0MMPCx7KKw+RU+HCEVh/QMlR5MubCR1ksBMpfXouxRK4B9jVBZgNJFJjAcwk2bSMTeIjzHFdR8CnHGXYj8M/5Ed5qwa1huzXmrbkUvmeIoR3uXz76AUoO8tDpx+fQNKnUZwQ2OTnn4EoZSY1BI5GOfQprBaoyEx5vy/59/Mg3490VaPRgwLlS5IkuWw==
  • Authentication-results: xenproject.org; dkim=none (message not signed) header.d=none;xenproject.org; dmarc=none action=none header.from=suse.com;
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, Roger Pau Monné <roger.pau@xxxxxxxxxx>, "committers@xxxxxxxxxxxxxx" <committers@xxxxxxxxxxxxxx>
  • Delivery-date: Thu, 17 Jun 2021 14:55:16 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 17.06.2021 16:49, Ian Jackson wrote:
> Jan Beulich writes ("Re: Regressed XSA-286, was [xen-unstable test] 161917: 
> regressions - FAIL"):
>> If any OS made such an assumption, then I don't think it would be
>> a vulnerability either. It would simply be a guest kernel bug then.
> 
> For the avoidance of doubt:
> 
> I think you are saying that if any OS did make the assumption, the
> resulting bug *would not be exploitable* (by an unprivileged guest
> process, or by a PV backend it was speaking to, or, somehow, by
> another guest).

Not exactly: Whether such a kernel bug would also be a vulnerability
cannot be told without knowing how exactly the kernel screwed up.
But it's definitely not Xen to compensate for this, imo. But anyway,
this it largely moot, as there isn't - afaict - any OS making any
such assumption.

Jan




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.