|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v2] Merge IS_PRIV checks into XSM hooks
>>> On 10.09.12 at 23:10, Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> wrote: > On 09/10/2012 04:51 PM, Keir Fraser wrote: >> On 10/09/2012 20:48, "Daniel De Graaf" <dgdegra@xxxxxxxxxxxxx> wrote: >> >>> Overall, this series should not change the behavior of Xen when XSM is >>> not enabled; however, in some cases, the exact errors that are returned >>> will be different because security checks have been moved below validity >>> checks. Also, once applied, newly introduced domctls and sysctls will >>> not automatically be guarded by IS_PRIV checks - they will need to add >>> their own permission checking code. >> >> How do we guard against accidentally forgetting to do this? > > The same way you guard against it when adding a new hypercall: when adding > new functionality that needs access checks, also add the access checks. Except that previously the access check was done centrally at the top of do_domctl(), so newly added sub-functions didn't need to worry. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |