lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Fri, 15 May 2020 13:26:16 -0400
From:   Boris Ostrovsky <boris.ostrovsky@...cle.com>
To:     Jürgen Groß <jgross@...e.com>,
        Dongli Zhang <dongli.zhang@...cle.com>,
        xen-devel@...ts.xenproject.org, linux-kernel@...r.kernel.org
Cc:     sstabellini@...nel.org, joe.jin@...cle.com, rose.wang@...cle.com
Subject: Re: [PATCH 1/1] xen/manage: enable C_A_D to force reboot

On 5/15/20 3:01 AM, Jürgen Groß wrote:
> On 14.05.20 01:34, Dongli Zhang wrote:
>> The systemd may be configured to mask ctrl-alt-del via "systemctl mask
>> ctrl-alt-del.target". As a result, the pv reboot would not work as
>> signal
>> is ignored.
>>
>> This patch always enables C_A_D before the call of ctrl_alt_del() in
>> order
>> to force the reboot.
>
> Hmm, I'm not sure this is a good idea.
>
> Suppose a guest admin is doing a critical update and wants to avoid a
> sudden reboot in between. By masking the reboot this would be possible,
> with your patch it isn't.
>
> In case a reboot is really mandatory it would still be possible to just
> kill the guest.
>
> I'm not completely opposed to the patch, but I think this is a change
> which should not be done easily.


I think 'xl reboot -F' should do be handling this scenario but (1) it is
currently not quite set up for this and (2) I can't see how it works at
all given that noone handles LIBXL_TRIGGER_RESET in
arch_do_domctl(XEN_DOMCTL_sendtrigger).


-boris


>
>
> Juergen
>
>>
>> Reported-by: Rose Wang <rose.wang@...cle.com>
>> Cc: Joe Jin <joe.jin@...cle.com>
>> Cc: Boris Ostrovsky <boris.ostrovsky@...cle.com>
>> Signed-off-by: Dongli Zhang <dongli.zhang@...cle.com>
>> ---
>>   drivers/xen/manage.c | 7 +++++++
>>   1 file changed, 7 insertions(+)
>>
>> diff --git a/drivers/xen/manage.c b/drivers/xen/manage.c
>> index cd046684e0d1..3190d0ecb52e 100644
>> --- a/drivers/xen/manage.c
>> +++ b/drivers/xen/manage.c
>> @@ -204,6 +204,13 @@ static void do_poweroff(void)
>>   static void do_reboot(void)
>>   {
>>       shutting_down = SHUTDOWN_POWEROFF; /* ? */
>> +    /*
>> +     * The systemd may be configured to mask ctrl-alt-del via
>> +     * "systemctl mask ctrl-alt-del.target". As a result, the pv reboot
>> +     * would not work. To enable C_A_D would force the reboot.
>> +     */
>> +    C_A_D = 1;
>> +
>>       ctrl_alt_del();
>>   }
>>  
>

Powered by blists - more mailing lists