>>> On 01.02.16 at 17:19, <yu.c.zh...@linux.intel.com> wrote: > After a second thought, I guess one of the security concern > is when some APP is trying to trigger the HVMOP_set_param > directly with some illegal values.
Not sure what "directly" is supposed to mean here. > So, we need also validate this param in hvm_allow_set_param, > current although hvm_allow_set_param has not performed any > validation other parameters. We need to do this for the new > ones. Is this understanding correct? Yes. > Another question is: as to the tool stack side, do you think > an error message would suffice? Shouldn't xl be terminated? I have no idea what consistent behavior in such a case would be - I'll defer input on this to the tool stack maintainers. Jan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel