From: Martin Pohlack <mpohlack@amazon.com>
To: Jan Beulich <JBeulich@suse.com>, Martin Pohlack <mpohlack@amazon.de>
Cc: elena.ufimtseva@oracle.com, jeremy@goop.org,
hanweidong@huawei.com, john.liuqiming@huawei.com,
paul.voccio@rackspace.com,
Konrad Rzeszutek Wilk <konrad@kernel.org>,
daniel.kiper@oracle.com, major.hayden@rackspace.com,
liuyingdong@huawei.com, aliguori@amazon.com,
xiantao.zxt@alibaba-inc.com, steven.wilson@rackspace.com,
peter.huangpeng@huawei.com, msw@amazon.com,
xen-devel@lists.xenproject.org, rick.harris@rackspace.com,
josh.kearney@rackspace.com, jinsong.liu@alibaba-inc.com,
amesserl@rackspace.com, dslutz@verizon.com,
fanhenglong@huawei.com, Bjoern Doebel <doebel@amazon.de>
Subject: Re: [PATCH] xsplice: Use ld-embedded build-ids
Date: Fri, 14 Aug 2015 15:57:56 +0200 [thread overview]
Message-ID: <55CDF3E4.3060405@amazon.com> (raw)
In-Reply-To: <55CE0F49020000780009B127@prv-mh.provo.novell.com>
On 14.08.2015 15:54, Jan Beulich wrote:
>>>> On 14.08.15 at 14:59, <mpohlack@amazon.com> wrote:
>> On 11.08.2015 16:12, Jan Beulich wrote:
>>>>>> On 05.08.15 at 16:09, <mpohlack@amazon.de> wrote:
>>>> Todo:
>>>> * Should be moved to sysctl to only allow Dom0 access
>>>
>>> Because of?
>>
>> The discussion in this thread:
>>
>> [Xen-devel] [RFC PATCH v3.1 2/2] xsplice: Add hook for build_id
>>
>> was:
>> ----------------------------------------------------------------------
>>>> Martin Pohlack:
>>>> We should not expose the build_id to normal guests, but only to Dom0.
>>>>
>>>> A build_id uniquely identifies a specific build and I don't see how that
>>>> information would be required from DomU. It might actually help an
>>>> attacker to build his return-oriented programming exploit against a
>>>> specific build.
>>>>
>>>> The normal version numbers should be enough to know about capabilities
>>>> and API.
>>>
>>> Andrew Cooper:
>>>
>>> It will need its own XSM hook, but need not be strictly limited to just
>>> dom0.
>> ----------------------------------------------------------------------
>
> So I'm confused - I asked "why Dom0 only" and then you point me to
> Andrew saying it doesn't need to be Dom0 only?
Sorry about that, my (not expressed) thinking was that we should
restrict that to Dom0 for the XSM-disabled case.
>>>> @@ -360,11 +366,30 @@ DO(xen_version)(int cmd, XEN_GUEST_HANDLE_PARAM(void) arg)
>>>>
>>>> case XENVER_build_id:
>>>> {
>>>> - xen_build_id_t build_id;
>>>> + xen_build_id_t ascii_id;
>>>> + Elf_Note * n = (Elf_Note *)&__note_gnu_build_id_start;
>>>> + char * binary_id;
>>>> + int i;
>>>> +
>>>> + memset(ascii_id, 0, sizeof(ascii_id));
>>>> +
>>>> + /* check if we really have a build-id */
>>>> + if ( NT_GNU_BUILD_ID != n->type )
>>>> + return 0;
>>>
>>> This needs to signal an error.
>>
>> Yes, ENOSYS, (or ENOENT, ENODATA)?
>
> Definitely not ENOSYS. ENODATA or EOPNOTSUPP.
>
> Jan
>
Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrer: Dr. Ralf Herbrich, Christian Schlaeger
Ust-ID: DE289237879
Eingetragen am Amtsgericht Charlottenburg HRB 149173 B
next prev parent reply other threads:[~2015-08-14 13:58 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-27 19:20 [RFC PATCH v3.1] xSplice design Konrad Rzeszutek Wilk
2015-07-27 19:20 ` [RFC PATCH v3.1 1/2] xsplice: rfc.v3.1 Konrad Rzeszutek Wilk
2015-07-30 16:47 ` Johannes Erdfelt
2015-07-31 15:46 ` Konrad Rzeszutek Wilk
2015-08-11 14:17 ` Jan Beulich
2015-07-27 19:20 ` [RFC PATCH v3.1 2/2] xsplice: Add hook for build_id Konrad Rzeszutek Wilk
2015-07-28 15:51 ` Andrew Cooper
2015-07-28 16:35 ` Konrad Rzeszutek Wilk
2015-08-05 8:50 ` Martin Pohlack
2015-08-05 8:58 ` Andrew Cooper
2015-08-05 13:27 ` Martin Pohlack
2015-08-05 14:06 ` (no subject) Martin Pohlack
2015-08-05 14:09 ` [PATCH] xsplice: Use ld-embedded build-ids Martin Pohlack
2015-08-11 14:12 ` Jan Beulich
2015-08-14 12:59 ` Martin Pohlack
2015-08-14 13:54 ` Jan Beulich
2015-08-14 13:57 ` Martin Pohlack [this message]
2015-09-15 18:38 ` Konrad Rzeszutek Wilk
2015-08-11 14:02 ` [RFC PATCH v3.1 2/2] xsplice: Add hook for build_id Jan Beulich
2015-08-05 8:55 ` Hotpatch construction and __LINE__ (was: [RFC PATCH v3.1] xSplice design.) Martin Pohlack
2015-08-05 13:25 ` Hotpatch construction and __LINE__ Andrew Cooper
2015-08-12 8:09 ` Jan Beulich
2015-08-12 9:55 ` Andrew Cooper
2015-11-03 18:21 ` Ross Lagerwall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55CDF3E4.3060405@amazon.com \
--to=mpohlack@amazon.com \
--cc=JBeulich@suse.com \
--cc=aliguori@amazon.com \
--cc=amesserl@rackspace.com \
--cc=daniel.kiper@oracle.com \
--cc=doebel@amazon.de \
--cc=dslutz@verizon.com \
--cc=elena.ufimtseva@oracle.com \
--cc=fanhenglong@huawei.com \
--cc=hanweidong@huawei.com \
--cc=jeremy@goop.org \
--cc=jinsong.liu@alibaba-inc.com \
--cc=john.liuqiming@huawei.com \
--cc=josh.kearney@rackspace.com \
--cc=konrad@kernel.org \
--cc=liuyingdong@huawei.com \
--cc=major.hayden@rackspace.com \
--cc=mpohlack@amazon.de \
--cc=msw@amazon.com \
--cc=paul.voccio@rackspace.com \
--cc=peter.huangpeng@huawei.com \
--cc=rick.harris@rackspace.com \
--cc=steven.wilson@rackspace.com \
--cc=xen-devel@lists.xenproject.org \
--cc=xiantao.zxt@alibaba-inc.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.