lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 15 May 2020 09:01:12 +0200
From:   Jürgen Groß <jgross@...e.com>
To:     Dongli Zhang <dongli.zhang@...cle.com>,
        xen-devel@...ts.xenproject.org, linux-kernel@...r.kernel.org
Cc:     boris.ostrovsky@...cle.com, sstabellini@...nel.org,
        joe.jin@...cle.com, rose.wang@...cle.com
Subject: Re: [PATCH 1/1] xen/manage: enable C_A_D to force reboot

On 14.05.20 01:34, Dongli Zhang wrote:
> The systemd may be configured to mask ctrl-alt-del via "systemctl mask
> ctrl-alt-del.target". As a result, the pv reboot would not work as signal
> is ignored.
> 
> This patch always enables C_A_D before the call of ctrl_alt_del() in order
> to force the reboot.

Hmm, I'm not sure this is a good idea.

Suppose a guest admin is doing a critical update and wants to avoid a
sudden reboot in between. By masking the reboot this would be possible,
with your patch it isn't.

In case a reboot is really mandatory it would still be possible to just
kill the guest.

I'm not completely opposed to the patch, but I think this is a change
which should not be done easily.


Juergen

> 
> Reported-by: Rose Wang <rose.wang@...cle.com>
> Cc: Joe Jin <joe.jin@...cle.com>
> Cc: Boris Ostrovsky <boris.ostrovsky@...cle.com>
> Signed-off-by: Dongli Zhang <dongli.zhang@...cle.com>
> ---
>   drivers/xen/manage.c | 7 +++++++
>   1 file changed, 7 insertions(+)
> 
> diff --git a/drivers/xen/manage.c b/drivers/xen/manage.c
> index cd046684e0d1..3190d0ecb52e 100644
> --- a/drivers/xen/manage.c
> +++ b/drivers/xen/manage.c
> @@ -204,6 +204,13 @@ static void do_poweroff(void)
>   static void do_reboot(void)
>   {
>   	shutting_down = SHUTDOWN_POWEROFF; /* ? */
> +	/*
> +	 * The systemd may be configured to mask ctrl-alt-del via
> +	 * "systemctl mask ctrl-alt-del.target". As a result, the pv reboot
> +	 * would not work. To enable C_A_D would force the reboot.
> +	 */
> +	C_A_D = 1;
> +
>   	ctrl_alt_del();
>   }
>   
>

Powered by blists - more mailing lists