Hi,
On 13/01/2020 12:51, George Dunlap wrote:
On 1/12/20 6:26 PM, Doug Goldstein wrote:
On 1/11/20 3:02 AM, George Dunlap wrote:
1. Block XENVER_extraversion at the hypervisor level. Change the
xen_deny() string to "". (This is v1 of sergey's patch.)
2. Block XENVER_extraversion at the hypervisor level. Leave xen_deny()
as returning "<denied>", but replace "<denied>" with "" in hvmloader so
it doesn't show up in the System Info and scare users.
3. Block XENVER_extraversion at the hypervisor level. Change xen_deny()
to return a more benign string like "<hidden>". (Perhaps also filter it
in hvmloader, just for good measure.)
4. Block XENVER_extraversion at the hypervisor level. Make the
xen_deny() string configurable in KConfig.
A Kconfig option is indeed ideal as some of the stakeholder may want to
keep control of the string exposed.
But if we go the Kconfig route, then maybe we want to allow each bits
(extraversion, compiler...) to be separatly configurable.
I would be more than happy to help writing such a patch if there is an
interest for it.
Cheers,
--
Julien Grall
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel