[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] QEMU bumping memory bug analysis
On Mon, 8 Jun 2015, Andrew Cooper wrote: > On 08/06/15 14:38, Stefano Stabellini wrote: > >> Also device-mode/$domid/state is writable by QEMU so we can't trust > >> > the content as indicator either. > > We can because the write happens before we unpause the guest > > Only when creating the domain fresh. On resume, the guest has possibly > had the chance to code-inject via the qemu save format. There are many > CVEs in this area, and I am not willing to be all of them are fixed. > > In XenServer, even loading VM state from the save file happens in the > deprivilelged environment. QEMU doesn't do any maxmem changes at restore time. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |