[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 2/2] Changelog: Add __ro_after_init and CET


  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>
  • Date: Fri, 25 Mar 2022 16:39:30 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=SLVN7cwGxqFBVcr5jwBAWzGJ6d7XaOaSr+mkuRo4CLo=; b=CuiZ8US+vk34nQ+z16n8bDZ18sb/YN1TQxex8AE5lKXW51/TgeXadEGFUur8kth2yeqNKG7Q3jBUJV4YIk3B2ZdLu8YNTNDQPZNUoByS8CU0/8NkZzbWSIhwWhDmlsy8cxLM94d8jxAxRe0ffytFeUEnzkzabtobEU/wykUXP7xT1D1xS3E3X3uNoNThQ9HMDFsc/6Rf7AzEwPGtk3ca34f3v2SOfA3Va+QgGr8QYBmLzuJyrJS0CIuYX6OUxHmnc9f6LUHtrEjOdyVjD7JRqIznwa3HBPpCD2EGgpLo5EWdQ9LqFMbtY2jeVtwwQSUi2pI76XrDM7+hKoP+fAbeaQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UNI13Fs7pdz+7x8NxjmokPsLcNu2mdxto96K0mrnaiZ6yiZEM7Ucj9URUO0O5xvkFYV1dvvt0Tbizvvux6WvC+JPJpaPuhG4hwjU0Hx2jBfQ9LPNoeImfFrgm9WsjgOBI4HgYBWlz3xmyHkavo3afcnjNL1IjerF5Cht9mGNRwj/U4pxJUuooSrFE/n9ZnrdihIvtEXCzbqoFNs7KTCzALJpGyuR30bpOdTHDv4+OuD9157XUbfnbWCWS8pgglJSElxQp+408ImsJas5+swgscirFOw874yz09ZqXk+IBrvVA6MK9peq5ZNjkoNIsrg+LWEOzgcwrSZjca3is+thJw==
  • Authentication-results: esa4.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Cc: Roger Pau Monne <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Fri, 25 Mar 2022 16:39:43 +0000
  • Ironport-data: A9a23:8a+04a95vRWnoJzQ+VpmDrUDk36TJUtcMsCJ2f8bNWPcYEJGY0x3z GJMWGjSOq7YZ2L1fogkbYS+9kID6pXWmIdmHgU5rXw8E34SpcT7XtnIdU2Y0wF+jyHgoOCLy +1EN7Es+ehtFie0Si+Fa+Sn9T8mvU2xbuKU5NTsY0idfic5DnZ54f5fs7Rh2NQw2oLkW1nlV e7a+KUzBnf0g1aYDUpMg06zgEsHUCPa4W5wUvQWPJinjXeG/5UnJMt3yZKZdhMUdrJ8DO+iL 9sv+Znilo/vE7XBPfv++lrzWhVirrc/pmFigFIOM0SpqkAqSiDfTs/XnRfTAKtao2zhojx/9 DlCnbyVUz0iOKbIo7hebxgBM3t9EK5P0rCSdBBTseTLp6HHW37lwvEoB0AqJ4wIvO1wBAmi9 9RBdmpLNErawbvrnvTrEYGAhex6RCXvFKoZtmtt0nfyCvE+TIqYa67L+cVZzHE7gcUm8fP2O ZtENmM2PEWojxtnIgsYDbcyjcGUn2DQfiNRiVabqK0Oyj2GpOB2+Oe0a4eEEjCQfu1Fk0Ddq m/Y8mDRBhABKMfZ2TeD6mirhOLEgWX8Qo16PKK83u5nhhuU3GN7IB8cWEa/oPK5olWjQN8ZI EsRkhfCtoBrqhbtFIOkGUTl/jjU5XbwRua8DcUazRu3wazf5z3FRVQFFx4ba/ElveU5EGlCO kCyo/vlAjlmsbuwQH2b96uJoT7aBRX5PVPudgdfE1JbvoCLTJUby0uWE409SPLdYsjdQ2mY/ tyckMQpa1z/Z+Yv3r7zw13IiinESnPhHl9svVW/so5IA2pEiG+Zi26AtACzARVodt/xory9U J4swpn2AAcmV83lqcB1aL9RdIxFHt7cWNEmvXZhHoM66xOm8GO5cIZb7VlWfRk1Yp9ZJGK3M RSJ4mu9AaO/2lPzPMebhKrrVqwXIVXIT4y5Bpg4kPIQCnSOSON31H43PhPBt4wcuEMtjbs+K f+mnTWEVh4n5VBc5GPuHY81iOZzrghnnD+7bc2rnnyPjOvFDFbIGOhtDbd7Rr1ghE9yiF6Oq Ig32grj40g3bdASlQGLrt9JcQFbdyRT6FKfg5U/S9Nv6zFOQQkJI/TQ3akga8pimaFUnf3P5 XazRglTz1+XuJENAVzihqxLAF83YatCkA==
  • Ironport-hdrordr: A9a23:t1CLHqEvhi3/3Z3XpLqFSJHXdLJyesId70hD6qkvc3Jom52j+P xGws526fatskdsZJkh8erwXJVp2RvnhNBICPoqTMiftW7dySqVxeBZnMTfKljbehEWmdQtrZ uIH5IOauEYSGIK8PoSgzPIU+rIouP3i5xA7N22pxwGIGEaCJ2IrT0JcDpzencGHjWubqBJc6 Z0k/A33gZIDk5nCPhTaEN1OtTrlpnurtbLcBQGDxko5E2lljWz8oP3FBCew1M3Ty5P6a1Kyx mHryXJooGY992rwB7V0GHeq75MnsH699dFDMuQzuAINzTXjBqybogJYczBgNl1mpDr1L8Zqq iKn/4SBbU015oXRBDtnfLZ4Xil7N/p0Q679bbXuwq5nSWzfkNFNyMIv/MpTvKe0Tt8gDg06t M544rS3aAnfS/ojWDz4cPFWAptkVfxqX0+kfQLh3gaSocGbqRNxLZvtn+9Pa1wVB4S0rpXW9 WGzfusk8p+YBefdTTUr2NvyNujUjA6GQqHWFELvoiQ3yJNlH50wkMEzIhH901wuK4VWt1B/a DJI65onLZBQosfar98Hv4IRY+yBnbWSRzBPWqOKRDsFb0BOXjKt5nriY9Fqd2CadgN1t8/iZ 7BWFRXuSo7fF/vE9SH2NlR/hXEUAyGLH3QIwFllu5EU5HHNc/W2He4OSITeuOb0oEiPvE=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHYM7LH1RgXNeZAgkCaPnspMShcz6y3BLWAgBlhsIA=
  • Thread-topic: [PATCH 2/2] Changelog: Add __ro_after_init and CET

On 09/03/2022 13:03, Jan Beulich wrote:
> On 09.03.2022 13:39, Andrew Cooper wrote:
>> --- a/CHANGELOG.md
>> +++ b/CHANGELOG.md
>> @@ -6,6 +6,12 @@ The format is based on [Keep a 
>> Changelog](https://keepachangelog.com/en/1.0.0/)
>>  
>>  ## [unstable 
>> UNRELEASED](https://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=staging) 
>> - TBD
>>  
>> +### Added
>> + - __ro_after_init support on x86, for marking data as immutable after boot.
> I'm not sure something like this (being an implementation detail) belongs
> here.

Having things immutable after boot is not an implementation detail.  It
is an important security hardening property, and deserves to be here.

~Andrew

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.