Re: [Xen-devel] [PATCH] common/gnttab: Introduce command line feature controls

>>> On 25.08.17 at 20:43, wrote: > At the moment, all of our downstreams which followed the embargoed > advise will be using these command line options to mitigate the > vulnerability. The fact that this patch wasn't committed to the stable > trees is bad, because it

Re: [Xen-devel] [PATCH] common/gnttab: Introduce command line feature controls

On 25/08/17 18:36, Juergen Gross wrote: > On 25/08/17 18:21, George Dunlap wrote: >> On 08/25/2017 01:31 PM, Jan Beulich wrote: >> On 25.08.17 at 14:10, wrote: On 25/08/17 10:57, Jan Beulich wrote: On 24.08.17 at 17:16,

Re: [Xen-devel] [PATCH] common/gnttab: Introduce command line feature controls

On 25/08/17 18:21, George Dunlap wrote: > On 08/25/2017 01:31 PM, Jan Beulich wrote: > On 25.08.17 at 14:10, wrote: >>> On 25/08/17 10:57, Jan Beulich wrote: >>> On 24.08.17 at 17:16, wrote: > On 24/08/17 16:01, Juergen Gross

Re: [Xen-devel] [PATCH] common/gnttab: Introduce command line feature controls

On 08/25/2017 01:31 PM, Jan Beulich wrote: On 25.08.17 at 14:10, wrote: >> On 25/08/17 10:57, Jan Beulich wrote: >> On 24.08.17 at 17:16, wrote: On 24/08/17 16:01, Juergen Gross wrote: > On 24/08/17 16:50, Andrew Cooper

Re: [Xen-devel] [PATCH] common/gnttab: Introduce command line feature controls

On 25/08/17 14:29, Jan Beulich wrote: On 25.08.17 at 14:05, wrote: >> On 25/08/17 10:49, Jan Beulich wrote: >> On 24.08.17 at 16:50, wrote: --- a/docs/misc/xen-command-line.markdown +++ b/docs/misc/xen-command-line.markdown

Re: [Xen-devel] [PATCH] common/gnttab: Introduce command line feature controls

>>> On 25.08.17 at 14:10, wrote: > On 25/08/17 10:57, Jan Beulich wrote: > On 24.08.17 at 17:16, wrote: >>> On 24/08/17 16:01, Juergen Gross wrote: On 24/08/17 16:50, Andrew Cooper wrote: > ---

Re: [Xen-devel] [PATCH] common/gnttab: Introduce command line feature controls

>>> On 25.08.17 at 14:05, wrote: > On 25/08/17 10:49, Jan Beulich wrote: > On 24.08.17 at 16:50, wrote: >>> --- a/docs/misc/xen-command-line.markdown >>> +++ b/docs/misc/xen-command-line.markdown >>> @@ -868,6 +868,19 @@ Controls EPT

Re: [Xen-devel] [PATCH] common/gnttab: Introduce command line feature controls

On 25/08/17 14:10, Andrew Cooper wrote: > On 25/08/17 10:57, Jan Beulich wrote: > On 24.08.17 at 17:16, wrote: >>> On 24/08/17 16:01, Juergen Gross wrote: On 24/08/17 16:50, Andrew Cooper wrote: > --- a/docs/misc/xen-command-line.markdown > +++

Re: [Xen-devel] [PATCH] common/gnttab: Introduce command line feature controls

On 25/08/17 10:57, Jan Beulich wrote: On 24.08.17 at 17:16, wrote: >> On 24/08/17 16:01, Juergen Gross wrote: >>> On 24/08/17 16:50, Andrew Cooper wrote: --- a/docs/misc/xen-command-line.markdown +++ b/docs/misc/xen-command-line.markdown @@ -868,6

Re: [Xen-devel] [PATCH] common/gnttab: Introduce command line feature controls

On 25/08/17 10:49, Jan Beulich wrote: On 24.08.17 at 16:50, wrote: >> --- a/docs/misc/xen-command-line.markdown >> +++ b/docs/misc/xen-command-line.markdown >> @@ -868,6 +868,19 @@ Controls EPT related features. >> >> Specify which console gdbstub should use.

Re: [Xen-devel] [PATCH] common/gnttab: Introduce command line feature controls

>>> On 24.08.17 at 17:16, wrote: > On 24/08/17 16:01, Juergen Gross wrote: >> On 24/08/17 16:50, Andrew Cooper wrote: >>> --- a/docs/misc/xen-command-line.markdown >>> +++ b/docs/misc/xen-command-line.markdown >>> @@ -868,6 +868,19 @@ Controls EPT related features. >>>

Re: [Xen-devel] [PATCH] common/gnttab: Introduce command line feature controls

>>> On 24.08.17 at 16:50, wrote: > --- a/docs/misc/xen-command-line.markdown > +++ b/docs/misc/xen-command-line.markdown > @@ -868,6 +868,19 @@ Controls EPT related features. > > Specify which console gdbstub should use. See **console**. > > +### gnttab > +> `=

Re: [Xen-devel] [PATCH] common/gnttab: Introduce command line feature controls

On 24/08/17 18:45, Juergen Gross wrote: > On 24/08/17 17:16, Andrew Cooper wrote: >> On 24/08/17 16:01, Juergen Gross wrote: >>> On 24/08/17 16:50, Andrew Cooper wrote: This patch was originally a workaround for XSA-226. Since then, transitive grants are believed to be functioning

Re: [Xen-devel] [PATCH] common/gnttab: Introduce command line feature controls

On 24/08/17 17:16, Andrew Cooper wrote: > On 24/08/17 16:01, Juergen Gross wrote: >> On 24/08/17 16:50, Andrew Cooper wrote: >>> This patch was originally a workaround for XSA-226. Since then, transitive >>> grants are believed to be functioning properly, and the defaults have >>> changed >>>

Re: [Xen-devel] [PATCH] common/gnttab: Introduce command line feature controls

On 24/08/17 16:01, Juergen Gross wrote: > On 24/08/17 16:50, Andrew Cooper wrote: >> This patch was originally a workaround for XSA-226. Since then, transitive >> grants are believed to be functioning properly, and the defaults have changed >> appropriately. >> >> However, for those people who

Re: [Xen-devel] [PATCH] common/gnttab: Introduce command line feature controls

On 24/08/17 16:50, Andrew Cooper wrote: > This patch was originally a workaround for XSA-226. Since then, transitive > grants are believed to be functioning properly, and the defaults have changed > appropriately. > > However, for those people who chose to use the workaround (especially from an

[Xen-devel] [PATCH] common/gnttab: Introduce command line feature controls

This patch was originally a workaround for XSA-226. Since then, transitive grants are believed to be functioning properly, and the defaults have changed appropriately. However, for those people who chose to use the workaround (especially from an attack surface mitigation point of view), retain