[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [BUGFIX][PATCH v2 2/5] dbg_rw_guest_mem: need to call put_gfn in error path.

To: Mukesh Rathor <mukesh.rathor@xxxxxxxxxx>
From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Date: Wed, 8 Jan 2014 02:30:24 +0000
Cc: Keir Fraser <keir@xxxxxxx>, Ian Campbell <ian.campbell@xxxxxxxxxx>, Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Don Slutz <dslutz@xxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxx, Jan Beulich <jbeulich@xxxxxxxx>
Delivery-date: Wed, 08 Jan 2014 02:30:46 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 08/01/2014 01:44, Mukesh Rathor wrote:
> On Wed, 8 Jan 2014 00:55:32 +0000
> Andrew Cooper <andrew.cooper3@xxxxxxxxxx> wrote:
>
>> On 08/01/2014 00:25, Don Slutz wrote:
>>> Using a 1G hvm domU (in grub) and gdbsx:
>>>
> ..... 
>
>> Ian (with RM hat on):
>>   This is a hypervisor reference counting error on a toolstack
>> hypercall path.  Irrespective of any of the other patches in this
>> series, I think this should be included ASAP (although probably
>> subject to review from a third person), which will fix the hypervisor
>> crashes from gdbsx usage.
> I remember long ago mentioning to our packaing team to make gdbsx
> root executible only. 
>
> What would be a good place to document that gdbsx should be removed from
> production systems, and/or be made root executible only?
>
> thanks
> mukesh
>
>

[root@idol ~]# ls -la /dev/xen/privcmd
crw-rw---- 1 root root 10, 57 Jan  7 11:48 /dev/xen/privcmd

As currently stands (Linux 3.10), only root can open privcmd and issue
ioctls, so a non-root gdbsx process would presumably not function at
all.  I am not sure that any documentation needs updating.

Having said that, with my "future ventures into reducing required dom0
priveleges" hat on, it would be very nice for a subset of hypercalls to
be available in a non-privileged, read-only form.  This would allow
read-only information from xl (and xentop and suchlike) to be available
to non-root users in dom0.

On the other hand, anyone with shell access in dom0 is likely a system
administrator anyway, so will almost certainly be running with sudo
privileges (or as root) anyway.

~Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [BUGFIX][PATCH v2 2/5] dbg_rw_guest_mem: need to call put_gfn in error path.
  - From: Mukesh Rathor

References:
- [Xen-devel] [BUGFIX][PATCH v2 0/5] gdbsx: fix 3 bugs
  - From: Don Slutz
- [Xen-devel] [BUGFIX][PATCH v2 2/5] dbg_rw_guest_mem: need to call put_gfn in error path.
  - From: Don Slutz
- Re: [Xen-devel] [BUGFIX][PATCH v2 2/5] dbg_rw_guest_mem: need to call put_gfn in error path.
  - From: Andrew Cooper
- Re: [Xen-devel] [BUGFIX][PATCH v2 2/5] dbg_rw_guest_mem: need to call put_gfn in error path.
  - From: Mukesh Rathor

Prev by Date: Re: [Xen-devel] [PATCH v3] VMX: Eliminate cr3 save/loading exiting when UG enabled
Next by Date: Re: [Xen-devel] [BUGFIX][PATCH 4/4] XEN_DOMCTL_gdbsx_guestmemio: always do the copyback.
Previous by thread: Re: [Xen-devel] [BUGFIX][PATCH v2 2/5] dbg_rw_guest_mem: need to call put_gfn in error path.
Next by thread: Re: [Xen-devel] [BUGFIX][PATCH v2 2/5] dbg_rw_guest_mem: need to call put_gfn in error path.
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.