On 2/2/2016 12:35 AM, Jan Beulich wrote:
On 01.02.16 at 17:19, <yu.c.zh...@linux.intel.com> wrote:
After a second thought, I guess one of the security concern
is when some APP is trying to trigger the HVMOP_set_param
directly with some illegal values.
Not sure what "directly" is supposed to mean here.
I mean with no validation by itself, like libxc...
So, we need also validate this param in hvm_allow_set_param,
current although hvm_allow_set_param has not performed any
validation other parameters. We need to do this for the new
ones. Is this understanding correct?
Yes.
Another question is: as to the tool stack side, do you think
an error message would suffice? Shouldn't xl be terminated?
I have no idea what consistent behavior in such a case would
be - I'll defer input on this to the tool stack maintainers.
Thank you.
Wei, which one do you prefer?
Yu
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
