Re: [PATCH v2] features: declare the Credit2 scheduler as Supported.

[Dario Faggioli <dario.faggioli@citrix.com>]

[-- Attachment #1.1: Type: text/plain, Size: 1594 bytes --]

On Wed, 2016-11-02 at 04:59 -0600, Jan Beulich wrote:
> > > > On 02.11.16 at 11:22, <dario.faggioli@citrix.com> wrote:
> > The control domain can issue DOMCTL_SCHEDOP and SYSCTL_SCHEDOP
> > hypercalls. Auditing such code, nothing that looks like a security
> > risk has been found (E.g., there's no risk of leaking content of
> > the hypervisor stack, as no buffer/local variables is returned).
> 
> There certainly are buffers being returned here. Namely in the
> credit2 case there's also a 32-bit padding field in the domctl
> interface structure (and uniformly for all schedulers there's one
> in the sysctl structure), which provides the fundamental means
> to leak stack data. However, none of this is a problem, both
> because iirc leaking stack data to Dom0 is not really considered
> a security issue, and because of the way the structures get
> dealt with. 
>
Right, what I meant is really "none of this is a problem [...] because
of the way the structures get dealt with".

I.e., there is nothing like what made e0e3b8f64730f3ee necessary.

> Nevertheless I think the above paragraph should be
> re-worded.
> 
Yep, I certainly could have said it better. But if leaking to Dom0 is
not worth being considered, I guess I can just remove the paragraph
entirely, can't I?

Thanks and Regards,
Dario
-- 
<<This happens because I choose it to happen!>> (Raistlin Majere)
-----------------------------------------------------------------
Dario Faggioli, Ph.D, http://about.me/dario.faggioli
Senior Software Engineer, Citrix Systems R&D Ltd., Cambridge (UK)

[-- Attachment #1.2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

[-- Attachment #2: Type: text/plain, Size: 127 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel