On 06/20/2016 10:35 AM, Andrew Cooper wrote:
On 20/06/16 15:27, Doug Goldstein wrote:
On 6/20/16 9:04 AM, Daniel De Graaf wrote:
These permissions were initially split because they were in separate
domctls, but this split is very unlikely to actually provide security
benefits: it would require a carefully contrived situation for a domain
to both need access to one type of CPU register and also need to be
prohibited from accessing another type.
Signed-off-by: Daniel De Graaf <dgde...@tycho.nsa.gov>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.w...@oracle.com>
I'm a:
Reviewed-by: Doug Goldstein <car...@cardoe.com>
But I'd like to see Andrew Cooper's R-b or comments as well.
I agree. I can't see a plausible usecase for an entity being entitled
to read vcpu content, but not to modify it.
Reviewed-by: Andrew Cooper <andrew.coop...@citrix.com>
That's not exactly what this patch does: the get and set permissions
are still split, but unified across the different types of registers.
Where previously there were 6 permissions, now there are 2.
A use case where you would be entitled to read but not modify is a
monitoring domain (remote virus scanner, for example) which needs
read access to scan but does not do remediation itself.
--
Daniel De Graaf
National Security Agency
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
