On 22.06.2022 16:51, Julien Grall wrote: > On 22/06/2022 15:37, Rahul Singh wrote: >> evtchn_alloc_unbound() always allocates the next available port. Static >> event channel support for dom0less domains requires allocating a >> specified port. >> >> Modify the evtchn_alloc_unbound() to accept the port number as an >> argument and allocate the specified port if available. If the port >> number argument is zero, the next available port will be allocated. > > I haven't yet fully reviewed this series. But I would like to point out > that this opening a security hole (which I thought I had mention before) > that could be exploited by a guest at runtime. > > You would need [1] or similar in order to fix the issue. I am wrote > "similar" because the patch could potentially be a problem if you allow > a guest to use FIFO (you may need to allocate a lot of memory to fill > the hole).
At least from an abstract pov this is an issue with the shim then as well, at the very least when shim's and the underlying Xen's alloc algorithms would differ. With the nature of the shim that's not a security concern, though. Jan
