[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] add canonical address checks to HVM

On 1/12/06 8:05 am, "Jan Beulich" <jbeulich@xxxxxxxxxx> wrote:

> I think it might be a security issue:
> - In MSR writes, are you certain there's not going to be any problem now or
> in the future when the state gets actually loaded into CPU registers?
> - In memory accesses, at least until no failures to read/write guest memory
> are being ignored anymore.

We should be defensive about guest reads/writes/MSR-accesses anyway. I.e.,
we should at least accept faults on those accesses, and make sure the worst
that happens is a domain crash.

 -- Keir

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.