>>> On 31.05.17 at 13:54, wrote: >>>> On 31.05.17 at 13:08, <andrew.coop...@citrix.com> wrote: > > On 31/05/17 08:15, Jan Beulich wrote: > >> The flag is really only meant for those, both HVM and 32-bit PV tell > >> kernel from user mode based on CPL/RPL. Remove the all-question-marks > >> comment and let's be on the safe side here and also suppress clearing > >> for 32-bit PV (this isn't a fast path after all). > >> > >> Signed-off-by: Jan Beulich <jbeul...@suse.com> > > > > Wouldn't it just be safer to disallow starting a 64bit PV guest in user > > mode? > > > > No real kernel would do such a thing, and keeping the corner case around > > is bad from an attack-surface point of view. > > If it really was "starting a guest", I would probably agree. But we're > talking about starting a vCPU, and I could see uses for this (not the > least in XTF). After all the operation allows for enough state to be > set up such that further initialization inside the guest may not be > necessary.
Any opinion here, or change of opinion on the original patch? Jan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel
