WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] [PATCH] add canonical address checks to HVM

from [Keir Fraser] [Permanent Link][Original]
To: Jan Beulich <jbeulich@xxxxxxxxxx>, Keir Fraser <keir@xxxxxxxxxxxxx>
Subject: Re: [Xen-devel] [PATCH] add canonical address checks to HVM
From: Keir Fraser <keir@xxxxxxxxxxxxx>
Date: Fri, 01 Dec 2006 08:07:02 +0000
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Fri, 01 Dec 2006 00:07:02 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <456FF03E.76E4.0078.0@xxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AccVH66N7Pv69YESEdum/wANk04WTA==
Thread-topic: [Xen-devel] [PATCH] add canonical address checks to HVM
User-agent: Microsoft-Entourage/11.2.5.060620 
On 1/12/06 8:05 am, "Jan Beulich" <jbeulich@xxxxxxxxxx> wrote:

> I think it might be a security issue:
> - In MSR writes, are you certain there's not going to be any problem now or
> in the future when the state gets actually loaded into CPU registers?
> - In memory accesses, at least until no failures to read/write guest memory
> are being ignored anymore.

We should be defensive about guest reads/writes/MSR-accesses anyway. I.e.,
we should at least accept faults on those accesses, and make sure the worst
that happens is a domain crash.

 -- Keir


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] [PATCH] make shared_info architecture independent, Keir Fraser
Next by Date:  Re: [Xen-devel]Is 7G memory good enough for current PAE HVM guest, Keir Fraser
Previous by Thread:  Re: [Xen-devel] [PATCH] add canonical address checks to HVM, Jan Beulich
Next by Thread:  Re: [Xen-devel] [PATCH] add canonical address checks to HVM, Jan Beulich
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy