[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Xen-ia64-devel] RE: PATCH: merge iva
Le Mercredi 14 Juin 2006 18:48, Magenheimer, Dan (HP Labs Fort Collins) a
> I wasn't fighting the specific patch as much as providing
> history. The possibility of vcr.iva being used maliciously
> is very small but vBlades evolved from a security-focused
> project so validating all privileged registers to eliminate
> security holes was an early vBlades objective.
Thank you for the historical view.
> To contrive
> an example, if an attacker could somehow change vcr.iva,
> he might be able to cause arbitrary user code to be executed
> at PL2.
I still don't understand this example: privregs are only accessible at PL2.
So the attacker has to be in PL2. This seems to be moot.
Xen-ia64-devel mailing list