On Fri, 2023-11-10 at 10:30 +0100, Jan Beulich wrote: > On 09.11.2023 18:40, Thomas Huth wrote: > > --- a/include/hw/xen/interface/hvm/params.h > > +++ b/include/hw/xen/interface/hvm/params.h > > @@ -255,7 +255,7 @@ > > * Note that 'mixed' mode has not been evaluated for safety from a > > * security perspective. Before using this mode in a > > * security-critical environment, each subop should be evaluated for > > - * safety, with unsafe subops blacklisted in XSM. > > + * safety, with unsafe subops blocked in XSM. > > To avoid another round trip when you send the patch against xen.git, as > already asked for by others, I'd like to point out that the wording > change isn't describing things sufficiently similarly: "blocked" reads > as if XSM would do so all by itself, whereas "blacklisted" has an > indication that something needs to be done for XSM to behave in the > intended way. Minimally I'd suggest "suitably blocked via", but perhaps > yet better wording can be thought of.
"denylist" is often used and works as a suitable replacement in most use cases.
smime.p7s
Description: S/MIME cryptographic signature
