From mboxrd@z Thu Jan 1 00:00:00 1970 From: Doug Goldstein Subject: Re: [PATCH 07/17] flask: unify {get, set}vcpucontext permissions Date: Mon, 20 Jun 2016 09:27:30 -0500 Message-ID: <698b4cb4-b37a-77c9-a2cb-51a2771796ed@cardoe.com> References: <1466431466-28055-1-git-send-email-dgdegra@tycho.nsa.gov> <1466431466-28055-8-git-send-email-dgdegra@tycho.nsa.gov> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="===============5683922760243561335==" Return-path: In-Reply-To: <1466431466-28055-8-git-send-email-dgdegra@tycho.nsa.gov> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" To: Daniel De Graaf , xen-devel@lists.xen.org, Andrew Cooper List-Id: xen-devel@lists.xenproject.org This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============5683922760243561335== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="t76CvOcMbbrfVWWJxFE4UcdGPeagmKkUx" This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --t76CvOcMbbrfVWWJxFE4UcdGPeagmKkUx Content-Type: multipart/mixed; boundary="MG2E0lh9EQ8M87MDQsKKE3UND5AA6K8CC" From: Doug Goldstein To: Daniel De Graaf , xen-devel@lists.xen.org, Andrew Cooper Message-ID: <698b4cb4-b37a-77c9-a2cb-51a2771796ed@cardoe.com> Subject: Re: [Xen-devel] [PATCH 07/17] flask: unify {get, set}vcpucontext permissions References: <1466431466-28055-1-git-send-email-dgdegra@tycho.nsa.gov> <1466431466-28055-8-git-send-email-dgdegra@tycho.nsa.gov> In-Reply-To: <1466431466-28055-8-git-send-email-dgdegra@tycho.nsa.gov> --MG2E0lh9EQ8M87MDQsKKE3UND5AA6K8CC Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 6/20/16 9:04 AM, Daniel De Graaf wrote: > These permissions were initially split because they were in separate > domctls, but this split is very unlikely to actually provide security > benefits: it would require a carefully contrived situation for a domain= > to both need access to one type of CPU register and also need to be > prohibited from accessing another type. >=20 > Signed-off-by: Daniel De Graaf > Reviewed-by: Konrad Rzeszutek Wilk I'm a: Reviewed-by: Doug Goldstein But I'd like to see Andrew Cooper's R-b or comments as well. --=20 Doug Goldstein --MG2E0lh9EQ8M87MDQsKKE3UND5AA6K8CC-- --t76CvOcMbbrfVWWJxFE4UcdGPeagmKkUx Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0 iQJ8BAEBCgBmBQJXZ/1UXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBNTM5MEQ2RTNFMTkyNzlCNzVDMzIwOTVB MkJDMDNEQzg3RUQxQkQ0AAoJEKK8A9yH7RvU030P/0Kr4TbUBNV60Eepx8q4AFzT 89LXZKz1I0k4FTRi8LSwU20l4u/RVRJYsm1WxYIHCGZQKzN8iwm0jHZTfKMqVru7 +VJqmfneSsum2VurTetSZbD4DipiPBumglJ0tz1CGNoBob4E9HZ05CmRzq0z8JVH UrGp/D4elbX8c51GiwGZwQfqtJl1v0Jcrj742Eanl0xUJHE95GiAVt9ljekNhO+X XNw+FKrMbITFHaE0ebrniUMWYqc+7bET5j+ofu0Jj2p0kTp4Iv1xCBTFa2i8y/jr Iqn8ad9UUa/NFusOWaYxv+eBndOUOeieTz4GSJyt0711SVij4C9g4QR6z1M8Ehhu DEDY0q013fmiZ+Wae1OnF2CmimNjEfd3TKurNebN8hrcBBLOPlN+OYQY7mwKZVL9 2pbA0GiHCLDU3jA6utcxwAPGpsxBHWoNMg01wJ5V1WoxuueWdoI6m/X9ZUPtgBq3 hBgF092lGsph3AilO1aB4E4xlX4Jd+Jd7sgJ8ZEcadvSx1R4YQTHfNtrNFL15qqU p9kRxi0qgphvZd9b7BfKSFOmms5/wQVEOK3dpFHeyLkGFkWwbFKAa7USJ+gtoR9i mkXI5Y+hE80HxHgF3pkoPspy9sTQuj/YzGxYwOwqN/9juWRAa1UrzUfdTBS/IXIc LCw8Zr9EOnKISz3vkEot =CJN4 -----END PGP SIGNATURE----- --t76CvOcMbbrfVWWJxFE4UcdGPeagmKkUx-- --===============5683922760243561335== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KWGVuLWRldmVs IG1haWxpbmcgbGlzdApYZW4tZGV2ZWxAbGlzdHMueGVuLm9yZwpodHRwOi8vbGlzdHMueGVuLm9y Zy94ZW4tZGV2ZWwK --===============5683922760243561335==--