thr3ads.net - Xen devel - [Xen-devel] [PATCH][P2M] add printk to NP PAE logic in p2m [Jan 2008]

If this information is useful, please help other people find it:
Share via:

Woller, Thomas

2008-Jan-15 19:22 UTC

[Xen-devel] [PATCH][P2M] add printk to NP PAE logic in p2m

Adding a P2M_ERROR message when startup of a PAE HVM guest, on a PAE
hypervisor exceeds the ~4Gig memory size limitation.

Please apply to unstable (no need to add to 3.2-testing, or to 3.1.3).

Signed-off-by: Tom Woller <thomas.woller@amd.com>

  --Tom

thomas.woller@amd.com  +1-512-602-0059
AMD Corporation - Operating Systems Research Center
Austin, Texas



_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Keir Fraser

2008-Jan-15 19:31 UTC

head link

Re: [Xen-devel] [PATCH][P2M] add printk to NP PAE logic in p2m

If we add that printk() then it''s on a path triggerable by an HVM guest
(via
the populate_physmap hypercall, for example) and there is a potential DoS
attack. The need to modify the Xen command line to enable NPT on PAE
hypervisor should really be caveat enough anyway.

 -- Keir

On 15/1/08 19:22, "Woller, Thomas" <thomas.woller@amd.com>
wrote:
> Adding a P2M_ERROR message when startup of a PAE HVM guest, on a PAE
> hypervisor exceeds the ~4Gig memory size limitation.
> 
> Please apply to unstable (no need to add to 3.2-testing, or to 3.1.3).
> 
> Signed-off-by: Tom Woller <thomas.woller@amd.com>
> 
>   --Tom
> 
> thomas.woller@amd.com  +1-512-602-0059
> AMD Corporation - Operating Systems Research Center
> Austin, Texas
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xensource.com
> http://lists.xensource.com/xen-devel


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Stephen C. Tweedie

2008-Jan-16 15:36 UTC

head link

Re: [Xen-devel] [PATCH][P2M] add printk to NP PAE logic in p2m

Hi,

On Tue, 2008-01-15 at 19:31 +0000, Keir Fraser wrote:> If we add that printk() then it''s on a path triggerable by an HVM
guest (via
> the populate_physmap hypercall, for example) and there is a potential DoS
> attack. The need to modify the Xen command line to enable NPT on PAE
> hypervisor should really be caveat enough anyway.
Hardly, there''s no reason at all for a user to assume that enabling NPT
in that situation will cause guest address spaces to be truncated.

Ideally we''d have a text message delivered back to the user on all
domain creations when this truncation happens.  A log message is
probably the minimum reasonable notification; truncating silently is a
pretty poor option.

There are plenty of solutions --- simply do the printk once per domain,
for example, or rate-limit it, or don''t do it when the physmap is
populated but have a separate test at domain build time.  But truncating
silently seems to be one of the worst alternatives.

Cheers,
 Stephen

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Stephen C. Tweedie

2008-Jan-16 16:52 UTC

head link

Re: [Xen-devel] [PATCH][P2M] add printk to NP PAE logic in p2m

Hi,

On Tue, 2008-01-15 at 19:31 +0000, Keir Fraser wrote:> If we add that printk() then it''s on a path triggerable by an HVM
guest (via
> the populate_physmap hypercall, for example) and there is a potential DoS
> attack. The need to modify the Xen command line to enable NPT on PAE
> hypervisor should really be caveat enough anyway.
Hardly, there''s no reason at all for a user to assume that enabling NPT
in that situation will cause guest address spaces to be truncated.

Ideally we''d have a text message delivered back to the user on all
domain creations when this truncation happens.  A log message is
probably the minimum reasonable notification; truncating silently is a
pretty poor option.

There are plenty of solutions --- simply do the printk once per domain,
for example, or rate-limit it, or don''t do it when the physmap is
populated but have a separate test at domain build time.  But truncating
silently seems to be one of the worst alternatives.

Cheers,
 Stephen

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

tgh

2008-Jan-17 03:23 UTC

head link

[Xen-devel] about netchannel2

hi
  I have read something about netchannel2 somewhere ,say xen-summit or 
somewhere else, and i am interested in the netchannel2,but with some 
confusion ,and has netchannel2 been integrated and supported by xen  or  
not ?  and  could  anyone give me a detailed explanation about the 
mechanism and implementation of netchannel2  and its status

Thanks in advance

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Li, Xin B

2008-Jan-17 04:28 UTC

head link

RE: [Xen-devel] about netchannel2

>hi
>  I have read something about netchannel2 somewhere ,say xen-summit or 
>somewhere else, and i am interested in the netchannel2,but with some 
>confusion ,and has netchannel2 been integrated and supported 
>by xen  or  not ?
no yet.
>  and  could  anyone give me a detailed explanation about the 
>mechanism and implementation of netchannel2  and its status
what''s your confusion?
-Xin

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

tgh

2008-Jan-17 08:18 UTC

head link

Re: [Xen-devel] about netchannel2

hi
thank you for your reply, and I have read something about 
netchannel2,and then ,nowadays , i read the summit ppt which refer to 
the integration of the netchannel2, but, to be frank, i forget the main 
idea of netchannel2 ,only remembering that it is interesting and about 
something to improve the network performance or something about 
smartNIC,which i am not clear about either,and i could not find the 
paper or doc about them , and could you give me some explanation about 
it ,or give me some paper about it or some guide about netchannel2''s 
motivation and main idea or something

Thanks in advance

Li, Xin B 写道:>> hi
>>  I have read something about netchannel2 somewhere ,say xen-summit or 
>> somewhere else, and i am interested in the netchannel2,but with some 
>> confusion ,and has netchannel2 been integrated and supported 
>> by xen  or  not ?
>>     
>
> no yet.
>
>   
>>  and  could  anyone give me a detailed explanation about the 
>> mechanism and implementation of netchannel2  and its status
>>     
>
> what''s your confusion?
> -Xin
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xensource.com
> http://lists.xensource.com/xen-devel
>
>
>   

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Xen devel - Jan 2008 - [PATCH][P2M] add printk to NP PAE logic in p2m

[Xen-devel] [PATCH][P2M] add printk to NP PAE logic in p2m

Re: [Xen-devel] [PATCH][P2M] add printk to NP PAE logic in p2m

Re: [Xen-devel] [PATCH][P2M] add printk to NP PAE logic in p2m

Re: [Xen-devel] [PATCH][P2M] add printk to NP PAE logic in p2m

[Xen-devel] about netchannel2

RE: [Xen-devel] about netchannel2

Re: [Xen-devel] about netchannel2