On Tue, May 6, 2025 at 5:49 PM Teddy Astie <teddy.as...@vates.tech> wrote: > (I can't find the PATCH 4/4)
I apologize. The missing patch will be posted as soon as we can. > I am not convinced of the efficiency of being able to toggle lockdown > (including disabling it) mode from command-line. As you say a malicious userland could hijack the xen command-line arguments. Patch 4 is about ignoring potentially dangerous command line arguments when lockdown mode is enabled. It is not about disabling lockdown mode itself. Sorry if the description was confusing. >Do we consider Dom0 kernel-space as well (thus Dom0 as a whole) Dom0 kernel is part of the trusted computing base for Secure Boot so we don't need to worry about that. >what about privcmd device (which can issue hypercalls) ? We do have a solution for securing hypercalls but I believe it will be part of another patch series.
