From mboxrd@z Thu Jan  1 00:00:00 1970
From: Vincent Hanquez <vincent.hanquez@eu.citrix.com>
Subject: Re: [PATCH] xenstored: allow guests to
	reintroduce	themselves
Date: Tue, 9 Aug 2011 11:08:13 +0100
Message-ID: <4E41070D.8020009@eu.citrix.com>
References: <edb96c34f4a638e8ba97.1312202316@probook.site>
Mime-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"; format=flowed
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xensource.com>
In-Reply-To: <edb96c34f4a638e8ba97.1312202316@probook.site>
List-Unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: Olaf Hering <olaf@aepfle.de>
Cc: "xen-devel@lists.xensource.com" <xen-devel@lists.xensource.com>
List-Id: xen-devel@lists.xenproject.org

On 08/01/2011 01:38 PM, Olaf Hering wrote:
> # HG changeset patch
> # User Olaf Hering<olaf@aepfle.de>
> # Date 1312202176 -7200
> # Node ID edb96c34f4a638e8ba97933b6bd76ff72836353e
> # Parent  0f36c2eec2e1576b4db6538b5f22d625587c1a15
> xenstored: allow guests to reintroduce themselves
>
> During kexec all old watches have to be removed, otherwise the new
> kernel will receive unexpected events. Allow a guest to introduce itself
> and cleanup all of its watches.

What about security wise ?

Guest userspace suddenly becomes able to do this operation (and DoS themself)
where they used to be limited to normal read/write/.. operations.

Also you're changing the C xenstored behavior without changing
the OCaml one.

-- 
Vincent