lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 2 Feb 2017 11:30:19 -0500
From:   Boris Ostrovsky <boris.ostrovsky@...cle.com>
To:     Roger Pau Monné <roger.pau@...rix.com>
Cc:     JGross@...e.com, xen-devel@...ts.xenproject.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 5/9] xen/pvh: Prevent PVH guests from using PIC, RTC
 and IOAPIC

On 02/02/2017 10:35 AM, Roger Pau Monné wrote:
> On Thu, Jan 26, 2017 at 02:41:28PM -0500, Boris Ostrovsky wrote:
>> Make sure they don't use these devices since they are not emulated
>> for unprivileged PVH guest.
> This description seems weird for what it's actually done. AFAICT you are not
> really preventing the guest from using the PIC or the IO APIC, because this is
> fetched from the MADT table (or should be fetched from there in any case).

This was meant to say that we don't want to use ACPI_IRQ_MODEL_[IOA]PIC
since we don't support SCI (which is expected on x86 to be one of the two).

I'll re-word it.

>
> See below for the RTC...
>
> [...]
>> @@ -1892,6 +1900,9 @@ static void __init xen_hvm_guest_init(void)
>>  
>>  	init_hvm_pv_info();
>>  
>> +	if (xen_pvh_domain())
>> +		x86_platform.legacy.rtc = 0;
> Can't you fetch that from the FADT boot flags field? (See "5.2.9.3 IA-PC Boot
> Architecture Flags" in ACPI 6.1 spec).

Good point. In fact, I can drop this altogether because
acpi_parse_fadt() will do this for us.

-boris

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ