[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 5 of 6] Rework stale p2m auditing



At 16:48 -0500 on 14 Nov (1321289326), Andres Lagar-Cavilla wrote:
> The p2m audit code doesn't even compile, let alone work. It also
> partially supports ept. Make it:
> 
> - compile
> - lay groundwork for eventual ept support
> - move out of the way of all calls and turn it into a domctl. It's
>   obviously not being used by anybody presently.
> - enable it via said domctl

Thanks for looking at this code (which, as you say, had considerably
rotted).  

I'm not sure I'm a big fan of provoking audits from user-space rather
than having them run on every operation; in previous incarnations there
have been serial debug-keys that triggered auditing code (which would
then be run before and after every operation) - I found that much more
helpful in the case of failure, as it pointed to which operation had
caused the problem rather than saying 'something bad happened at somne
point'.

If you really want to keep the hypercall, I think it could probably be
part of the existing paging/shadow control domctl rather than having
its own.  That would have the advantage of preventing an untrusted
domain from calling it on itself (which has in the past turned slightly
bitrotted audit code into a denial-of-service vector!).

Cheers,

Tim.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.