[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v3 5/5] x86/MSI: drop workaround for insecure Dom0 kernels

To: Jan Beulich <JBeulich@xxxxxxxx>
From: "Tian, Kevin" <kevin.tian@xxxxxxxxx>
Date: Thu, 17 Apr 2014 08:26:21 +0000
Accept-language: en-US
Cc: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Keir Fraser <keir@xxxxxxx>, "Dong, Eddie" <eddie.dong@xxxxxxxxx>, "Nakajima, Jun" <jun.nakajima@xxxxxxxxx>, Tim Deegan <tim@xxxxxxx>
Delivery-date: Thu, 17 Apr 2014 08:26:58 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>
Thread-index: AQHPUkoOazChyhO0iECnLQo+Wwg3GpsKkjtA//+RvYCAC2S9IA==
Thread-topic: [Xen-devel] [PATCH v3 5/5] x86/MSI: drop workaround for insecure Dom0 kernels

> From: Jan Beulich [mailto:JBeulich@xxxxxxxx]
> Sent: Thursday, April 10, 2014 6:26 PM
> 
> >>> On 10.04.14 at 11:02, <kevin.tian@xxxxxxxxx> wrote:
> >>  From: Jan Beulich
> >> Sent: Monday, April 07, 2014 6:12 PM
> >>
> >> Considering that
> >> - the workaround is expensive (iterating through the entire P2M space
> >>   of a domain),
> >> - the planned elimination of the expensiveness (by propagating the type
> >>   change step by step to the individual P2M leaves) wouldn't address
> >>   the IOMMU side of things (as for it to obey to the changed
> >>   permissions the adjustments must be pushed down immediately through
> >>   the entire tree)
> >> - the proper solution (PHYSDEVOP_msix_prepare) should by now be
> >>   implemented by all security conscious Dom0 kernels
> >> remove the workaround, killing eventual guests that would be known to
> >> become a security risk instead.
> >>
> >
> > above looks reasonable to me... but I'm not familiar with original security
> > issue on MSI. Could you give me a link to previous conversation?
> 
> That'll be hard to locate, because it had been taking ages until we
> settled on a reasonable strategy and implemented all the pieces
> here and there. Hence perhaps it's best if you just looked at the
> respective commits:
> 
> http://xenbits.xen.org/gitweb/?p=xen.git;a=commitdiff;h=b5aadd4248d64249e
> d6d1f98659a3b35ca9e91bd
> http://xenbits.xen.org/gitweb/?p=xen.git;a=commitdiff;h=4245d331e0e75de8d
> 1bddbbb518f3a8ce6d0bb7e
> 
> Jan

Acked-by: Kevin Tian <kevin.tian@xxxxxxxxx>

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

References:
- [Xen-devel] [PATCH v3 0/5] various EPT and related adjustments
  - From: Jan Beulich
- [Xen-devel] [PATCH v3 5/5] x86/MSI: drop workaround for insecure Dom0 kernels
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v3 5/5] x86/MSI: drop workaround for insecure Dom0 kernels
  - From: Tian, Kevin
- Re: [Xen-devel] [PATCH v3 5/5] x86/MSI: drop workaround for insecure Dom0 kernels
  - From: Jan Beulich

Prev by Date: Re: [Xen-devel] xl shutdown --wait "racy"
Next by Date: Re: [Xen-devel] [PATCH v2] x86/vmx: Add command line option to enable EPT without PAT
Previous by thread: Re: [Xen-devel] [PATCH v3 5/5] x86/MSI: drop workaround for insecure Dom0 kernels
Next by thread: [Xen-devel] Ping: [PATCH v3 5/5] x86/MSI: drop workaround for insecure Dom0 kernels
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.