[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 0/4] flask: XSA-84 follow-ups

On 02/07/2014 04:41 AM, Jan Beulich wrote:
1: fix memory leaks
2: fix error propagation from flask_security_set_bool()
3: check permissions first thing in flask_security_set_bool()
4: add compat mode guest support

Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>

Release-wise, I would think that 1-3 should certainly go in. While I'd
like 4 to be in for 4.4 too, I realize that's a little more intrusive than
one would want at this point.


All four patches look correct to me. I assume the movement of the 
flask_security_commit_bools inside the #ifdef is made possible by
the xlat.lst parsing, but didn't look too closely at how that was

Acked-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>

Re: what goes in release - I agree that #4 would be nice but I wouldn't
push too hard to make an exception for it. The users of the XSM interface
would primarily be toolstack and related domains where a requirement to
be 64-bit should not be too restrictive (not to say this shouldn't be
fixed, of course).

Daniel De Graaf
National Security Agency

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.