| |
|
 |
|
 |
|
|
|
| |
|
|
xen-devel
[Xen-devel] Re: DOMID_XEN and iomem_access_permitted
On 12/05/2010 21:45, "George Dunlap" <George.Dunlap@xxxxxxxxxxxxx> wrote:
> Actually, setting up an empty rangeset for the "xen" domain might be
> the best solution... it works no matter what the answers above are,
> and has fewer special cases in the code. Looks like it would mainly
> involve actually initializing the rangeset code even for dummy domains
> in domian_create().
Yes, I'll patch it this way, thanks.
> Second question: Is it possible for a domU to crash the host with this
> bug? It looks like set_foreigndom() will only allow you to use
> DOMID_XEN from domain 0. If the answer to question 1 above is "yes",
> then I think we can safely say domU can't exploit this bug to cause a
> denial-of-service attack.
Unprivileged domains will be unable to obtain a reference to dom_xen. So
this bug can only trigger from dom0.
-- Keir
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
|
|
| |
|
Home