lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 13 Sep 2017 15:38:15 +0200
From:   Juergen Gross <jgross@...e.com>
To:     Boris Ostrovsky <boris.ostrovsky@...cle.com>,
        linux-kernel@...r.kernel.org, xen-devel@...ts.xenproject.org
Subject: Re: [PATCH 2/4] xen: limit grant v2 interface to the v1 functionality

On 13/09/17 15:22, Boris Ostrovsky wrote:
> On 09/12/2017 02:18 PM, Juergen Gross wrote:
>> On 12/09/17 18:21, Boris Ostrovsky wrote:
>>> On 09/12/2017 12:09 PM, Juergen Gross wrote:
>>>> On 12/09/17 18:05, Boris Ostrovsky wrote:
>>>>> On 09/12/2017 11:50 AM, Juergen Gross wrote:
>>>>>> On 12/09/17 17:44, Boris Ostrovsky wrote:
>>>>>>> On 09/08/2017 10:48 AM, Juergen Gross wrote:
>>>>>>>> As there is currently no user for sub-page grants or transient grants
>>>>>>>> remove that functionality. This at once makes it possible to switch
>>>>>>>> from grant v2 to grant v1 without restrictions, as there is no loss of
>>>>>>>> functionality other than the limited frame number width related to
>>>>>>>> the switch.
>>>>>>> But isn't that ABI violation? v2 is expected to support this (XSAs
>>>>>>> notwithstanding)
>>>>>> No, I don't think so.
>>>>>>
>>>>>> The hypervisor still supports it, but the domU (or dom0) isn't required
>>>>>> to make use of all the features IMHO. Or are you aware of any backend
>>>>>> querying the grant version of a frontend and acting in another way if v2
>>>>>> is detected?
>>>>> I am not aware of any but that doesn't mean that they don't (or won't)
>>>>> exist.
>>>> But isn't the frontend the one which is defining what is granted in
>>>> which way? How should there be an ABI breakage when the frontend just
>>>> isn't using sub-page or transitive grants?
>>> People may provide both front and backend drivers and frontends, knowing
>>> that v2 is available, could decide to use those features.
>> No, without the functions to use them it will be impossible.
> 
> I don't follow this. Which functions? The ones this patch is removing?

Yes, just after having been added one patch earlier.

Right now the Linux kernel doesn't support grant V2 at all. So there
surely is no driver making use of V2 features right now.

Ican merge patches 1 and 2 in case you want. I just thought a pure
revert of the former V2 remove patch would be easier to review,
taking into account that the former V2 support was working in
production environments (and even back then there was no user of
sub-page or transient grants).


Juergen

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ