xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed
From: Jan Beulich <jbeulich@suse.com>
To: Ian Jackson <iwj@xenproject.org>
Cc: "Andrew Cooper" <andrew.cooper3@citrix.com>,
	xen-devel@lists.xenproject.org,
	"Roger Pau Monné" <roger.pau@citrix.com>,
	"committers@xenproject.org" <committers@xenproject.org>
Subject: Re: Regressed XSA-286, was [xen-unstable test] 161917: regressions - FAIL
Date: Thu, 17 Jun 2021 16:40:33 +0200	[thread overview]
Message-ID: <5537bc9b-0a71-60f0-efce-d0d33301fe45@suse.com> (raw)
In-Reply-To: <24779.18584.523983.904660@mariner.uk.xensource.com>

On 17.06.2021 15:05, Ian Jackson wrote:
> Firstly, let me try to deal with substance and/or technical merit.
> 
> Jan, I am finding it difficult to follow in your message whether you
> are asserting that your disputed change (to Xen) did not introduce a
> vulnerability.
> 
> I think you are saying that there is no vulnerability, because in any
> overall configuration where this is a vulnerability, the guest would
> have to be making an unjustified assumption.
> 
> If this is your reasoning, I don't think it is sound.  The question is
> not whether the assumption is justified or not (answering which
> question seems to require nigh-incomprehensible exegesis of processor
> documentation).
> 
> The question is whether any guest does in fact make that assumption.
> If any do, then there is a vulnerability.  Whether that's a
> vulnerability "in" Xen or "in" the guest is just a question of
> finger-pointing.
> 
> If none do then there is no vulnerability.

I don't think any OS does, simply because they can't rely on such
behavior when on on bare metal. The only such assumption was baked
into the respective XTF test.

If any OS made such an assumption, then I don't think it would be
a vulnerability either. It would simply be a guest kernel bug then.

Jan



  reply	other threads:[~2021-06-17 14:40 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-05-13  3:56 osstest service owner
2021-05-13 20:15 ` Regressed XSA-286, was " Andrew Cooper
2021-05-17  8:43   ` Jan Beulich
2021-05-17 10:59     ` Jan Beulich
2021-06-16  8:48   ` Jan Beulich
2021-06-16 15:43     ` Andrew Cooper
2021-06-17 11:56       ` Jan Beulich
2021-06-17 13:05         ` Ian Jackson
2021-06-17 14:40           ` Jan Beulich [this message]
2021-06-17 14:49             ` Ian Jackson
2021-06-17 14:55               ` Jan Beulich
2021-06-28 12:35           ` Ping: " Jan Beulich
2021-06-17 21:26         ` Stefano Stabellini

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=5537bc9b-0a71-60f0-efce-d0d33301fe45@suse.com \
    --to=jbeulich@suse.com \
    --cc=andrew.cooper3@citrix.com \
    --cc=committers@xenproject.org \
    --cc=iwj@xenproject.org \
    --cc=roger.pau@citrix.com \
    --cc=xen-devel@lists.xenproject.org \
    --subject='Re: Regressed XSA-286, was [xen-unstable test] 161917: regressions - FAIL' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).