[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Xen Security Advisory 155 (CVE-2015-8550) - paravirtualized drivers incautious about shared memory
On 04/01/16 16:56, Marek Marczykowski-GÃrecki wrote: > On Mon, Jan 04, 2016 at 04:22:32PM +0000, David Vrabel wrote: >> On 04/01/16 13:06, Marek Marczykowski-GÃrecki wrote: >>> On Tue, Dec 22, 2015 at 10:06:25AM -0500, Eric Shelton wrote: >>>> The XSA mentions that "PV frontend patches will be developed and >>>> released (publicly) after the embargo date." Has anything been done >>>> towards this that should also be incorporated into MiniOS? On a >>>> system utilizing a "driver domain," where a backend is running on a >>>> domain that is considered unprivileged and untrusted (such as the >>>> example described in http://wiki.xenproject.org/wiki/Driver_Domain), >>>> it seems XSA-155-style double fetch vulnerabilities in the frontends >>>> are also a potential security concern, and should be eliminated. >>>> However, perhaps that does not include pcifront, since pciback would >>>> always be running in dom0. >>> >>> And BTW the same applies to Linux frontends, for which also I haven't seen >>> any public development. In attachment my email to >>> xen-security-issues-discuss list (sent during embargo), with patches >>> attached there. I haven't got any response. >> >> There are no similar security concerns with frontends since they trust >> the backend. >> >> I note that you say: >> >> "But in some cases (namely: if driver domains are in use), frontends >> may be more trusted/privileged than backends." >> >> But this cannot be the case since the backend can always trivially DoS >> the frontend by (for example) not unmapping grant references when >> required by the protocol. > > DoS is one thing, code execution is another. The DoS is a trivial and obvious example to illustrate that your suggestion that: "...frontends may be more trusted/privileged than backends." is ill-advised. Anyway, none of this means we won't consider your netfront patches. But you do need to post them to the correct lists (netdev and xen-devel). David _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |