[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2 2/2] xentoolcore_restrict_all: Implement for libxenevtchn



Ross Lagerwall writes ("[PATCH v2 2/2] xentoolcore_restrict_all: Implement for 
libxenevtchn"):
> Signed-off-by: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>
...
>  int osdep_evtchn_open(xenevtchn_handle *xce);
> diff --git a/tools/libs/toolcore/include/xentoolcore.h 
> b/tools/libs/toolcore/include/xentoolcore.h
> index be6c570..ef9c670 100644
> --- a/tools/libs/toolcore/include/xentoolcore.h
> +++ b/tools/libs/toolcore/include/xentoolcore.h
> @@ -31,11 +31,6 @@
>   * Arranges that Xen library handles (fds etc.) which are currently held
>   * by Xen libraries, can no longer be used other than to affect domid.
>   *
> - * Does not prevent effects that amount only to
> - *   - denial of service, possibly host-wide, by resource exhaustion etc.
> - *   - leak of not-very-interesting metainformation about other domains
> - *     eg, specifically, event channel signals relating to other domains

Are we sure that all possible resource exhaustion attacks are now
excluded ?

Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.