lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <16ec962f-0835-1244-ddd5-e711c5d7cefd@citrix.com>
Date:   Thu, 9 Feb 2017 15:56:44 +0000
From:   Andrew Cooper <andrew.cooper3@...rix.com>
To:     Boris Ostrovsky <boris.ostrovsky@...cle.com>,
        Paul Durrant <Paul.Durrant@...rix.com>,
        "xen-devel@...ts.xenproject.org" <xen-devel@...ts.xenproject.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
CC:     Juergen Gross <jgross@...e.com>
Subject: Re: [Xen-devel] [PATCH 2/3] xen/privcmd: Add IOCTL_PRIVCMD_DM_OP

On 09/02/17 15:50, Boris Ostrovsky wrote:
>
>
> On 02/09/2017 09:27 AM, Paul Durrant wrote:
>>> -----Original Message-----
>>> From: Paul Durrant [mailto:paul.durrant@...rix.com]
>>> Sent: 09 February 2017 14:18
>>> To: xen-devel@...ts.xenproject.org; linux-kernel@...r.kernel.org
>>> Cc: Paul Durrant <Paul.Durrant@...rix.com>; Boris Ostrovsky
>>> <boris.ostrovsky@...cle.com>; Juergen Gross <jgross@...e.com>
>>> Subject: [PATCH 2/3] xen/privcmd: Add IOCTL_PRIVCMD_DM_OP
>>>
>>> Recently a new dm_op[1] hypercall was added to Xen to provide a
>>> mechanism
>>> for restricting device emulators (such as QEMU) to a limited set of
>>> hypervisor operations, and being able to audit those operations in the
>>> kernel of the domain in which they run.
>>>
>>> This patch adds IOCTL_PRIVCMD_DM_OP as gateway for
>>> __HYPERVISOR_dm_op,
>>> bouncing the callers buffers through kernel memory to allow the address
>>> ranges to be audited (and negating the need to bounce through locked
>>> memory in user-space).
>>
>> Actually, it strikes me (now that I've posted the patch) that I
>> should probably just mlock the user buffers rather than bouncing them
>> through kernel... Anyway, I'd still appreciate review on other
>> aspects of the patch.
>
>
> Are you suggesting that the caller (user) mlocks the buffers?

Doesn't libxc already use the hypercall buffer API for each of the buffers?

The kernel oughtn’t to need to do anything special to the user pointers
it has, other than call access_ok() on them.

~Andrew

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ