[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Requesting for freeze exception for VT-d posted-interrupts

To: "Wei Liu" <wei.liu2@xxxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Tue, 14 Jul 2015 17:01:33 +0100
Cc: Kevin Tian <kevin.tian@xxxxxxxxx>, Feng Wu <feng.wu@xxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxxxxx>, "andrew.cooper3@xxxxxxxxxx" <andrew.cooper3@xxxxxxxxxx>, Yong Y Wang <yong.y.wang@xxxxxxxxx>, "xen-devel@xxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxx>, Yang Z Zhang <yang.z.zhang@xxxxxxxxx>
Delivery-date: Tue, 14 Jul 2015 16:01:42 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

>>> On 14.07.15 at 17:02, <wei.liu2@xxxxxxxxxx> wrote:
> On Tue, Jul 14, 2015 at 03:46:46PM +0100, Jan Beulich wrote:
>> >>> On 14.07.15 at 16:17, <wei.liu2@xxxxxxxxxx> wrote:
>> > On Tue, Jul 14, 2015 at 11:09:15AM +0100, Jan Beulich wrote:
>> >> >>> On 14.07.15 at 11:21, <wei.liu2@xxxxxxxxxx> wrote:
>> >> > On Tue, Jul 14, 2015 at 05:51:02AM +0000, Wu, Feng wrote:
>> >> >> Is it possible to get to 4.6 if making this feature default off?
>> >> > 
>> >> > Note that I'm not the only one who makes the decision and I can't speak
>> >> > for maintainers. The first thing you ought to do is to convince
>> >> > maintainers, not me.
>> >> > 
>> >> > If you ask for my opinion -- I don't see a point in releasing feature
>> >> > with security flaw in design, even if it is off by default. 
>> >> 
>> >> It was actually me who suggested that by flagging this experimental
>> >> and defaulting it to off, chances would increase for this to be allowed
>> >> in without said issue fixed.
>> > 
>> > Are you satisfied with that?  Currently I only know from this email
>> > there is concern with regard to security but I don't know what it is and
>> > how big an impact it can possibly have.
>> > 
>> > I could maybe go dig up that series and try to understand what is the
>> > security implication, but it would take a long time and I'm not sure I
>> > have the right technical background to make the call.
>> 
>> The thing is that the way vCPU-s are being put on lists attached to
>> pCPU-s, in a pathological case (which can be "helped" by a malicious
>> tool stack) all vCPU-s could pile up on one such list. List traversal (in
>> an interrupt handler) could then take (almost) arbitrarily long.
> 
> You mentioned "malicious toolstack", does that mean this feature, if on,
> doesn't expose new attack vector to malicious guest?

I think getting a guest to affect this would be more involved, but
I can't entirely exclude it.

> And what do you mean by "malicious toolstack"? I don't see patches
> related to toolstack.

This is because the tool stack can control placement of vCPU-s on
pCPU-s, not because new tool stack code is being added.

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] Requesting for freeze exception for VT-d posted-interrupts
  - From: Wei Liu

References:
- [Xen-devel] Requesting for freeze exception for VT-d posted-interrupts
  - From: Wu, Feng
- Re: [Xen-devel] Requesting for freeze exception for VT-d posted-interrupts
  - From: Wei Liu
- Re: [Xen-devel] Requesting for freeze exception for VT-d posted-interrupts
  - From: Wu, Feng
- Re: [Xen-devel] Requesting for freeze exception for VT-d posted-interrupts
  - From: Wei Liu
- Re: [Xen-devel] Requesting for freeze exception for VT-d posted-interrupts
  - From: Jan Beulich
- Re: [Xen-devel] Requesting for freeze exception for VT-d posted-interrupts
  - From: Wei Liu
- Re: [Xen-devel] Requesting for freeze exception for VT-d posted-interrupts
  - From: Jan Beulich
- Re: [Xen-devel] Requesting for freeze exception for VT-d posted-interrupts
  - From: Wei Liu

Prev by Date: Re: [Xen-devel] [PATCH v5 05/15] x86/altp2m: basic data structures and support routines.
Next by Date: Re: [Xen-devel] Fwd: [v3 14/15] Update Posted-Interrupts Descriptor during vCPU scheduling
Previous by thread: Re: [Xen-devel] Requesting for freeze exception for VT-d posted-interrupts
Next by thread: Re: [Xen-devel] Requesting for freeze exception for VT-d posted-interrupts
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.