[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Xen-devel] [RFC PATCH v2 13/22] xen/arm: its: Add virtual ITS command support
- To: Julien Grall <julien.grall@xxxxxxxxxx>, Vijay Kilari <vijay.kilari@xxxxxxxxx>
- From: Manish Jaggi <mjaggi@xxxxxxxxxxxxxxxxxx>
- Date: Wed, 29 Apr 2015 18:03:43 +0530
- Cc: Ian Campbell <ian.campbell@xxxxxxxxxx>, Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>, Prasun Kapoor <Prasun.Kapoor@xxxxxxxxxxxxxxxxxx>, Vijaya Kumar K <vijaya.kumar@xxxxxxxxxxxxxxxxxx>, Julien Grall <julien.grall@xxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, "xen-devel@xxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxx>, Stefano Stabellini <stefano.stabellini@xxxxxxxxxx>, manish.jaggi@xxxxxxxxxxxxxxxxxx
- Delivery-date: Wed, 29 Apr 2015 12:34:11 +0000
- List-id: Xen developer discussion <xen-devel.lists.xen.org>
On Wednesday 29 April 2015 05:51 PM, Julien Grall wrote:
On 29/04/15 13:12, Manish Jaggi wrote:
and that too ITS is not in critical path. It is only used when
configuring interrupts of the device?
You need to think about security... Even though the ITS should only
be used for configuring interrupts, a malicious guest could try to
exploit weakness in the emulation.
Can you describe the scenario ?
I already wrote several times the possible security impacts of the
polling solution... Please read again the previous mails.
I see your comment "The vITS emulates hardware for a specific domain. A
malicious guest could send request to a not own device"
This scenario cannot happen as guest sbdf is converted to physical sbdf
based on the domain. So if it does not own a device it would be treated
as invalid command.
Do you have any other security concern ?
Regards,
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel
|
