[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v3 5/5] x86/MSI: drop workaround for insecure Dom0 kernels



>>> On 10.04.14 at 11:02, <kevin.tian@xxxxxxxxx> wrote:
>>  From: Jan Beulich
>> Sent: Monday, April 07, 2014 6:12 PM
>> 
>> Considering that
>> - the workaround is expensive (iterating through the entire P2M space
>>   of a domain),
>> - the planned elimination of the expensiveness (by propagating the type
>>   change step by step to the individual P2M leaves) wouldn't address
>>   the IOMMU side of things (as for it to obey to the changed
>>   permissions the adjustments must be pushed down immediately through
>>   the entire tree)
>> - the proper solution (PHYSDEVOP_msix_prepare) should by now be
>>   implemented by all security conscious Dom0 kernels
>> remove the workaround, killing eventual guests that would be known to
>> become a security risk instead.
>> 
> 
> above looks reasonable to me... but I'm not familiar with original security
> issue on MSI. Could you give me a link to previous conversation?

That'll be hard to locate, because it had been taking ages until we
settled on a reasonable strategy and implemented all the pieces
here and there. Hence perhaps it's best if you just looked at the
respective commits:

http://xenbits.xen.org/gitweb/?p=xen.git;a=commitdiff;h=b5aadd4248d64249ed6d1f98659a3b35ca9e91bd
http://xenbits.xen.org/gitweb/?p=xen.git;a=commitdiff;h=4245d331e0e75de8d1bddbbb518f3a8ce6d0bb7e

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.